If your business outsources any function to a third party, it is quite likely that third party will be a data processor. The outsourcing contract might be a HR function, a marketing service or you might have engaged an IT provider to provide support services to your business.
Where contracts are in place currently, they are unlikely to have been drafted to be GDPR compliant, and as a result existing contracts need to be reviewed and often re-drafted.
Articles 1(3), 44, 45, 46, 47, 49 of the GDPR sets out certain provisions that must be included in the contract between the controller and processor.
Do contact us for more information on how GDPR Consultants offerings can help your organization Stay One Step Ahead !.