Vendors and the GDPR

May 2, 2018


A major part of keeping your organization in compliance with GDPR, is making sure that you partner with vendors (and in general, third parties) that are also GDPR compliant.


When considering a partnership or other commercial relations with a vendor, it should become a part of the assessment process to also ask a lot of questions related to their data protection practices and policies, organizational, technical and other measures they are using for personal data protection, and in general to assess their GDPR compliance.


On the other side of that same coin – you are also many times a vendor to others. They will also likely to ensure that you are GDPR compliant, and often you will be required to respond to a lot of questions about your organization and its GDPR readiness.


If you have received such a request, it is important to take it seriously and make an effort to reply adequately; as lack of appropriate response my cost you the contract, which will probably be awarded to a vendor that is able to demonstrate good command of the GDPR requirements and compliance thereto.


In addition, it is important to ensure that all of your vendors that have access to personal data or have processing obligations of personal data, execute a data protection agreement (“DPA”) that will contain all applicable commitments and warranties the GDPR requires  a contract with a data processor to contain.


Vendors that are data processors, may not sub-contract to sub-processors, unless are authorized to do so in writing by the data controller (typically addressed at the DPA).

Share on Facebook
Share on Twitter
Share on LinkedIn
Please reload

Read more about GDPR

Please reload

For a free of charge, no strings attached, intro meeting contact DPO-PRO

Are you a personal data controller or processor under GDPR?

Are you subject to the GDPR?

Is your organization in compliance?

What do you need to do in order to get to GDPR compliance?

Contact us today!

© 2018 D.Z. Consulting and Projects

Website by Anat Belinson

(Read it here)