UK: ICO Consults on GDPR Guidance on Contracts and Liabilities Between Controllers and Processors

On September 13, 2017 the Information Commissioner’s Office (ICO) published a consultation on guidance on contracts and liabilities between controllers and processors under the General Data Protection Regulation (GDPR).

The GDPR will replace national data protection legislation when it enters into force from May 2018. In the UK, the Data Protection Act 1998 (DPA) has been modified, now requiring a written contract between a controller and processor. The new provisions specify detailed terms with the aim of setting high standards and protecting the interests of data subjects.

Request a Free Trial

As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.

Take a Trial