Why should you review your contracts in the light of the GDPR?
GDPR (General Data Protection Regulation) panic has created a need to review contracts more carefully before signing them, to make sure that one wouldn’t unexpectedly take on any new obligations regarding unknown subjects, that wouldn’t allow to focus on one’s main job obligations. Data processing contracts put massive obligations on the parties, including requirements for employees, devices, systems, security measures, certificates etc.
Complex obligations related to processing and protecting personal data, can be found in even most common service contracts. A contracting party assumes that they are providing services in their usual economic and professional field, but in reality they have taken on an obligation, with witch they can be held accountable for ensuring that processing and protecting the other party’s client’s personal data is compliant with the current law. The new data protection regulation act bring many new obligations for every organization. You can’t fulfil your contractual obligations related to personal data protection if you don’t have a clear overview of all the obligations set in the contract. A breach of those obligations (failure to comply, incomplete or late execution) can result in the use of law enforcement measures against the offender such as fines, penalties, damages, extraordinary termination of the contract, reduction in prices etc. All of that can be avoided by analyzing the contract carefully and negotiating with the contractual partner. In the light of the new GDPR, we strongly recommend reviewing your existing contracts.
If you would like more information about data protection, contact NJORD!