GDPR Article 29 requires organisations to only process data on instruction, unless required to do otherwise by a legal authority.
Processing under the authority of the controller or processor
The processor and any person acting under the authority of the controller or of the processor, who has access to personal data, shall not process those data except on instructions from the controller, unless required to do so by Union or Member State law.
Processing under the authority of the controller or processor
The processor and any person acting under the authority of the controller or of the processor, who has access to personal data, shall not process those data except on instructions from the controller, unless required to do so under domestic law.
Book a 30 minute chat with us and we’ll show you how
From the outset, PII should only ever be processed in accordance with the customer’s instructions.
Contracts should include SLAs relating to mutual objectives, and any associated time scales that they need to be completed within.
Organisations should acknowledge their right to choose the distinct methods that are used to process PII, that lawfully achieve what the customer is looking for, but without the need to obtain granular permissions on how the organisation goes about it on a technical level.
GDPR Article | ISO 27701 Clause | ISO 27701 Supporting Clauses |
---|---|---|
EU GDPR Article 29 | ISO 27701 8.2.2 | None |
Our pre-built environment allows you to describe and demonstrate how you protect European and UK customer data that seamlessly integrates into your management system.
A breach of GDPR can result in significant fines, making it one of the world’s toughest privacy and security regulations. As a result, it implies that organisations must protect personal data to a ‘reasonable’ extent.
But here’s the good news.
In a secure, always-on location, ISMS.online makes it easy for you to jump right into GDPR compliance and demonstrate a level of protection that extends beyond ‘reasonable’.
Find out more by booking a short 30 minute demo.
ISMS.online is a
one-stop solution that radically speeded up our implementation.