Description
Annual review of Data Processing Agreements with all third-party processors.
Requirements
- Inventory all data processors
- Review existing DPAs for compliance
- Update DPAs with new processing activities
- Document lawful basis for each processing activity
Applicable To
EU-based OrganizationsOrganizations processing EU dataData ControllersData Processors
Penalty Information
âš GDPR fines up to 20 million EUR or 4% of annual global turnover, whichever is higher.