Processor Agreement

A processor agreement is an agreement between the organization that collects personal data (the "controller") and the organization that is used to further process the personal data (the "processor"). For example, an IT service provider that maintains your website, or the external management of personnel administration. In such a case, having a processor agreement is mandatory.

The Processor Agreement: setting down agreements and responsibilities

A processing agreement is mandatory if your organisation systematically processes personal data or has it processed. The content of a processor agreement reflects the agreements between the controller and the processor. If the parties do not conclude this agreement, or do not do so correctly, this involves major risks. For example, the data controller can be held liable for damage caused by the processor or the parties can forfeit a fine.

Content of the processor agreement

 The processor's agreement shall cover at least the following subjects:

 the data to be processed;

  • the period during which the processing takes place;
  • the purpose of the processing;
  • the way in which a data breach is handled; and
  • rights and obligations of the involved data subject;

Contact us

We at Legal Q can assist you in drawing up and/or checking processing agreements. For more information about this service or if you have any other questions within the framework of the GDPR, please feel free to contact us.

 



Specialist processor agreement

A processing agreement is mandatory if your organisation systematically processes personal data or has such data processed. If no processor agreement has been concluded, this can result in (very) high sanctions if an inspection is carried out.
Innovation / Growth / Commitment

Lawyer processor agreement

Do you have questions about this subject? We can help you with this. Contact us without obligation!

040 - 248 1881