Q: What is a Data Controller – Processor Agreement? How can I obtain one? Will it affect my eBoss service?
A: A Data Controller – Processor Agreement is a legal document which sets out the legal rights, duties, and obligations of the data controller and a service provider acting as a processor.
As part of our GDPR readiness programme, eBoss has put together a standard controller – processor agreement, which is ready for our customers.
In some cases, we may be issuing these agreements to customers with specific processing needs. Otherwise, you can request a controller-processor agreement for your business to help speed up compliance. Contact our GDPR representatives to obtain a personalised copy of the agreement.
The eBoss controller – processor agreement is supplementary to your ongoing terms of service. The products and support that you receive from eBoss will not be in any way impacted by the agreement.
References:
Article 28(1), GDPR
Article 30, GDPR
Recital 81, GDPR
Additional Information:
Documentation, record-keeping, and paperwork are central to your compliance programme.
It may often be difficult or impractical to provide tangible evidence of your compliance programme. Instead, having documentation and contractual assurances of compliance will let you demonstrate your compliance to customers, clients, partners and local authorities.