The GDPR distinguishes between 2 terms - controller and processor of personal data. In very simple terms, the data controller is the one who decides what will be processed, how it will be done and what means will be used to do it. However, he is often unable to ensure all these himself, so he outsources services to other providers. For example, the controller does not have servers to store personal data. Or it does not have the staff capacity to handle the accounting internally. Therefore, they turn to cloud providers, storage providers, external accountants, use external CRM systems, etc.
In order to use a processor, however. the controller must conclude a so-called processing agreement.
The processing contract sets out what the processor can do with the data, how long they can process it, or what other obligations they have.
Price for preparation: from 8 000 CZK + VAT
The processing agreement regulates:
In order for us to prepare a processing agreement for you, we first need to clarify:
You will receive a clear processing contract that will always protect you as much as possible. The processing contract contains provisions that cannot be modified, but we will always inform you which parts are affected and what the limits of modification are.
The processing contract is also a good tool for any further contractual negotiations. We have vast experience with what the standard contractual arrangements are in IT law, so we are able to set everything up so that the processing contract is as tailored to your business as possible.