Data Protection & IT Contracts
Introduction
Any IT contract that involves processing of personal data needs to contain data protection clauses. The UK GDPR sets out the basic content of what is required, however there remains considerable scope for the parties to negotiate data protection terms that are favourable to each party.
What You Will Learn
This webinar will look at drafting IT contracts that involve processing of personal data, including IT outsourcing contracts, IT services contracts, software licences and contracts for software and other IT systems as a service.
- Questions to ask and information needed to understand the flow of personal data - understanding what personal data is being processed, by whom and in what capacity (whether controller, joint controller, or processor)
- Controller to processor mandatory data protection terms
- Negotiating and drafting terms regarding the following:
- breach reporting
- data subject requests (including access, deletion and others)
- audit rights
- security requirements
- transfers of personal data outside the UK and EEA
- indemnities
- anonymisation and pseudonymisation of personal data
- ongoing use of data by the supplier for analytics and other purposes
- Ancillary documents including transfer mechanism and risk assessments for transfers of personal data outside the UK and EEA
This webinar was recorded on 9th December 2024
You can gain access to this webinar and 1,700+ others via the MBL Webinar Subscription. Please email webinarsubscription@mblseminars.com for more details.