Responsibilities of the Data Processor

Broadly speaking a data processor has the same obligations as a data controller, however there are some nuances which should be noted.  Processors must also: Perform only the processing defined by the data controller (or legal requirements) The processor needs to obtain the written consent of the data controller before it can appoint a sub-processor […]

Data Processor

A data processor is any person, authority, organisation or other body which processes data on behalf of a data controller.  A data processor has many obligations in ensuring that the personal data being processed is afforded the same protections as if it were being processed by the controller, therefore the controller is required to ensure: […]

Data Processor Security Assessment

Organisations must ensure that personal data remains secure regardless of if data is processed internally or by a separate data processor.  Where a data processor is engaged it is important that the data controller can be assured that the personal data remains secure.  A data controller can gain this assurance through the contract with the […]

Transferring Data to a Data Processor

Transferring personal data to a data processor requires an element of due diligence to have taken place, in particular all processing by a data processor must be governed by a contract, which stipulates a number of specified clauses.  These clauses ensure a legal obligation exists to protect the data subject’s data and their rights and […]