How to Ensure Compliance With GDPR When Drafting Vendor Agreements
1 hour 30 minutes
Learn how to recognize when a vendor agreement needs to address GDPR compliance and the GDPR requirements for different types of agreements.
The EU’s General Data Protection Regulation (GDPR) imposes new data privacy obligations and restrictions on many U.S. companies that handle personal information about individuals located in the EU. The penalties for noncompliance with the GDPR are severe, and failure to maintain compliant data privacy and data security can hinder a U.S. company’s ability to do business internationally. Even so, many U.S. companies are still not accustomed to addressing data privacy issues in their business. One of the primary requirements under the GDPR is that companies enter into written agreements setting forth specific terms and provisions related to how personal information is processed. This topic helps companies understand how to draft agreements with vendors and customers in a manner that is compliant with the GDPR. The material explains the different types of business relationships involving individuals’ personal information, and which terms and provisions in vendor agreements are mandatory under the GDPR. As data privacy regulators enforce these new laws and individuals become more familiar with their new data privacy rights, this information is critical for businesses to ensure that their vendor agreements and relationships do not expose them to GDPR liability for inadvertent noncompliance.