The GDPR requires compulsory contracts between data controllers and data processors to include certain specific clauses to make the responsibilities of each party clear. You will need to consider these requirements for all of your relationships with third party organisations who process your clients' personal data on your behalf and actively review your existing contracts to ensure that they comply with GDPR requirements.
As a data controller your firm is liable for its compliance with the GDPR and must only appoint data processors who can provide ‘sufficient guarantees’ that the GDPR requirements will be met, including protection of the rights of your clients (the data subjects).
Clients of threesixty are kept up to speed with the latest regulatory, industry and technical developments via our regular news and opinions articles.
As well as being updated via the articles we publish to threesixty online, clients can specify to us what type of articles they want to receive (by category) and how frequently they receive them.
To try this service, simply register your details with us and we'll give you 3 months free and unlimited access to our news and opinions.