SOME LEGAL THINGS
Our responsibility as data processor
As data processor, we must comply with a number of special obligations. Carry on reading to learn more about Wedoio's role in the General Data Protection Regulation.
Our obligations include:
- We must inform you if we assess an instruction to be illegal,
- We are obliged to create a backup to ensure that your data does not get lost,
- We must process personal data based on your instructions,
- We must ensure that your data is stored securely,
- We must educate our employees to handle personal data correctly, in accordance with the regulation,
- We must prepare a Data Processing Agreement.
We have published our Data Processing Agreement on our website, the copy of which you can download right here.We do not enter into specific agreements with our customers - instead, we prepare a data processing agreement for all of our customers.
Below we have listed the most important requirements for the content of a data processing agreement so that you are informed about all of the things that you should be aware of.
The requirements for a data processing agreement:
- The framework for the processing of personal data
- Documented instructions
- Confidentiality and professional secrecy
- Security of processing
- Sub-processors of data
- Collaboration with the data responsible company
- Removal or return of the personal data
- Notification of illegal instructions
The above points must be included in a data processing agreement. If just one of the requirements is not included in the agreement, the agreement will be considered invalid. The agreement must be stated both written and electronically.
You can read more about Wedoio's responsibility in the General Data Protection Regulation in our FAQ with our customers' frequently asked questions about the regulation and your responsibility as data controller.