IT companies work with us every day personal data, because they offer SaaS solutions, for example, with which they Access to Personal Data of companies get. These include, among others
Here, the mere inspection of the data counts as processing, which can almost never be ruled out. This processing falls under the GDPR, which is why they have to be protected with special contractual regulations.
IT companies in particular have to pay close attention to the correct legal implementation of the GDPR, as the main part of their business model is digitized and / or takes place online. Accordingly, a data protection declaration corresponding to the current legal situation must be found on the website.
IT consulting companies often count as processors under Article 4 of the GDPR. In this case, customers must Order processing contract (AVV) conclude with the company in which there are certain regulations on the handling of personal data.
Among other things, when creating these contracts, but also with technical and organizational measures (TOMs) etc. can a external data protection officer be very helpful. This not only keeps an overview of all data protection matters, but also provides information about current changes and is always available to answer questions.
Choose heyData and benefit from your personal and professional contact person who ensures data protection compliance at all levels and at the highest level.