Controllers and Processors - Handling the Relationship |
Available via eLearning

Controllers & Processors - Handling the Relationship Course Overview: When a controller appoints a processor, both the controller and processor have obligations under data protection law.
A controller may only use processors providing sufficient data protection guarantees, and remains responsible for compliance with the data protection principles in relation to a processor's use of data. The processor must follow the controller's instructions in relation to such use, and has additional direct responsibilities to put in place specific data protection measures. The controller and processor must each ensure that there is an appropriate contract between them.
There is variation in the approach taken by controllers and processors in applying these rules (for example in relation to the processing contract), and there are challenges over some of the trickier aspects of compliance (for example in relation to sub-processors and international data transfers).
This course is designed for both controllers and processors to gain a thorough understanding of the rules and how to apply them. It also provides detailed guidance on how to manage the controller/processor relationship in practice. The course includes: - The obligations of the controller and of the processor
- The rules on appointing processors
- A detailed examination of the contract between controller and processor
- How to manage the relationship in practice
- What to do when there is a personal data breach
- The rules relating to sub-processors
- International considerations regarding controllers and processors
It is recommended that delegates attending this session have a solid knowledge of general data protection legal requirements. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge - Level 1 and Data Protection Essential Knowledge - Level 2 before attending this training course. |