Data Processing Agreement Denmark

The EDPS clarifies that the obligation for the processor to report infringements to the controller should not be linked to a degree of seriousness. It is necessary to determine whether the infringement should be reported to the supervisory authority and/or to the persons concerned, so the processor should be required to notify the controller of any infringement of which it is aware. Since the Standard Contractual Clauses are legally binding, which means that the Danish Data Protection Authority will not test the audit clauses, this may be a strong argument in favour of using the Standard Contractual Clauses or updating its own agreements in accordance with the provisions of the Model Agreements. The Danish Data Protection Authority rightly pointed this out in the Standard Contractual Clauses (section 8.5) However, CSCs should be useful to small and medium-sized enterprises in the UK that might not have the means to design and negotiate their own clauses and can also be useful for organisations of all sizes: Reduce the headaches of a large data processing operation. In any event, the EDPS opinions provide a useful overview of regulatory expectations as to the nature of the clauses referred to in Article 28(3) and can help both parties to conclude negotiations more quickly. .