GDPR and data processor

General Data Protection Regulation (GDPR) and data processor

A data processor is someone who processes personal data on behalf of a data controller. As the data controller, the university must have an agreement (personal data assistant agreement) with each organization (the data processor) that processes personal data for which the university is responsible. Personal data assistant agreements concluded before May 25, 2018, need renegotiation to be in line with the General Data Protection Regulations requirements for such agreements.

Template

The Legal Affairs Division has developed a template for personal data assistant agreements. According to a decision of the University Director, the template shall be used when the university is responsible for the personal data. The Legal Affairs Division shall review any deviations from the template before the agreement is concluded and deviations of principle importance will be referred to the University Director for special approval.

Last modified:

FOLLOW UPPSALA UNIVERSITY ON

Uppsala University on Facebook
Uppsala University on Instagram
Uppsala University on Youtube
Uppsala University on Linkedin