The standard processor agreement has been adopted by the Danish SA pursuant to art. 28(8) GDPR and aims at helping organisations to meet the requirements of art. 28 (3) and (4), given the fact that the contract between controller and processor cannot just restate the provisions of the GDPR but should further specify them, e.g. with regard to the assistance provided by the processor to the controller.
The Information Commissioner of the Isle of Man has issued guidance on “accountability” under GDPR. Being accountable means that all processing of personal data should be subject to overview, governance, and demonstrable compliance. Regular monitoring, review and revision is required to ensure that processes, procedures and documentation remain fit for purpose, reflect the realities of […]
Handbook will be useful to anyone interested in the application of the Regulation, and in particular other DPOs (in the public‐ or private sector). Part One introduces the concepts of “confidentiality”, “privacy” and “data protection” and the first data protection laws, ‐principles and international instruments. Part Two provides an overview of all the key elements […]