Defiant Data Processing Agreement (“DPA”) and the Standard Contractual Clauses

  • Hello,

    I would like to make sure I am doing this right in order to comply with GDPR. I am following the instructions on this page: https://www.wordfence.com/help/general-data-protection-regulation/ For what I understand, I need to sign the Data Processing Agreement (“DPA”) and the Standard Contractual Clauses as long as I am processing personal data from the European Economic Area (EEA) even if my business is not there. Is that correct?

    Also, in the Standard Contractual Clauses there is this a paragraph:

    The parties agree that any Data Subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or Subprocessor is entitled to receive compensation from the Data Exporter for the damage suffered.

    Could anybody explain a little more what they mean here?

    Thanks,

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)

  • Hello,

    I wish I had an easy answer for you but unfortunately you will have to get legal advice to determine if your site falls under GDPR and needs to sign the DPA.

    For the damages question, this is laid out in Article 28 of the GDPR where processors/subprocessors are linked together to the controller ensuring the entire chain protects data and is held responsible.

    -Kerry

Viewing 1 replies (of 1 total)
  • The topic ‘Defiant Data Processing Agreement (“DPA”) and the Standard Contractual Clauses’ is closed to new replies.