» Sin categoría

Data Processing Agreement Or Data Sharing Agreement

The GDPR applies both to the controller (a body that determines the purposes and means of the processing of personal data) and to the processor (the body that processes personal data on behalf of a controller) of the personal data. The controller is usually the body that collects personal data and monitors its use for commercial purposes. “subcontractor” means a term that refers to the supplier to whom part of the activity is outsourced by the controller. During the subcontracting process, the subcontractor also has access to personal data. NICVA`s gdpr Data Protection Toolkit was designed to help community and voluntary organizations prepare for the biggest data protection change in 20 years under the GDPR. You need to understand the nature of your relationship with the organisation (or person) with whom you share data and understand what is required by data protection law. Article 28.4 provides that the same data protection obligations apply even where a processor mandates another processor to carry out certain processing activities on behalf of the controller. In the event of an infringement, the article specifies that “if this other processor does not comply with its data protection obligations, the original processor is fully liable to the controller for the performance of the obligations of that other processor”. You can either disclose data in such a way that both companies are joint controllers, or that each of you is an independent controller (or even from the data controller to the data processing, although this is not taken into account in this article).

The distinction between a common manager and an independent manager is to be seen here: it is not necessary to conclude a data sharing agreement in all situations, for example. B if sharing is already strictly defined or if it is a limited one-time opportunity. This partnership leads to questions such as: “If there is a personal data breach, who is responsible?” Suzanne Dibble is a multi-award-winning economic lawyer with 23 years of experience and author of the bestseller GDPR for Dummies.. . . .