Academy Login
Shop Sign UpEvents
Our upcoming events and conferences for BESA members.
Read More
TOP: 
The GDPR requires written contracts between controllers and processors which specifically set out each party’s liabilities and responsibilities. This document is concerned with the transfer of data from your company, acting as the controller, to third parties which are acting as processors and the contracts those relationships are defined by. This document is not concerned with data which is being shared between group companies or data received from the data subjects personally.
The GDPR requires written contracts between controllers and processors which specifically set out each party’s liabilities and
responsibilities. This document is concerned with the transfer of data from your company, acting as the controller, to third parties
which are acting as processors and the contracts those relationships are defined by. This document is not concerned with data
which is being shared between group companies or data received from the data subjects personally.
Most importantly you will need to identify with whom personal data is being shared with in order for the business to function,
which is something which you are most likely already aware of. This should be identified at an individual, departmental level by a
systematic data mapping process. This process ideally needs to record where the data is being received from, where it is being sent
to, the location it is stored, why it is being processed and the nature of that data. This can be documented by way of a spider
diagram. In order to ensure that your company is GDPR compliant each department will need to repeat a similar process by
conducting a contract audit.
(0)
Signup to our mailing list for industry news and information from the BESA
