Rgpd Data Processing Agreement
Effective 25 May 2018, the RGPD strengthens individual rights and combines data protection rules across the EU by imposing stricter requirements for the processing of personal data and increasing fines for non-compliance. The RGPD applies to the processing of personal data of personal persons by any size of EU organisations or non-EU countries that provide goods or services to the EU or control the behaviour of EU users. Organisations can only transmit personal data outside the European Economic Area if they have appropriate safeguards for the protection of personal data abroad. Accepted transmission mechanisms include self-certification of the Privacy Shield (if an American organisation), the use of the European Commission`s standard contractual clauses, the transfer of data to a country recognised by the European Commission as an “appropriate” level of data protection, the approval of binding business rules and other less established mechanisms such as certifications and codes of conduct.