Are there obligations for controllers to establish controls with respect to data processors?
Last review date: 20 January 2025
Yes.
The obligations are as follows:
☒ controllers must conduct due conduct diligence on the processor to ensure it will provide appropriate security and processing of the personal data
☒ controllers must only use processors subject to a written agreement that complies with specific requirements