Every organization works with external parties. A website developer, a computer vendor, a marketing agency, an accountant, … They all come into contact, or may come into contact, with the personal data you process. If they somehow do process that data, then a processor agreement or data processing agreement is mandatory within the GDPR.
It is best to make data processing agreements in a uniform way. That way you keep an overview, the roles and responsibilities are clear to everyone and you comply with the legal provisions set out in the GDPR, among others. Keep in mind that you will be processing personal data fairly quickly, for example, viewing contact details for an HR or commercial purpose is a processing in itself.
Suppliers often already have contractual appendices related to the GDPR. These are obviously drafted in favor of the editor. But as the data controller, you are personally liable for the data processing operations based on your information and instructions.
So as a data controller, you need to inform the data processor (your supplier) of the processing purposes and clearly instruct them regarding the processing of the personal data.
Co-Dex.eu automatically generates your processing agreements. This will save you a lot of time.
Your dashboard will show you the current situation within your organization at a glance.
Co-Dex.eu offers integrated processor agreements tailored to your organization. In addition, you can evaluate the contracts and addenda you receive from your suppliers with our convenient checklists.