Are there obligations for controllers to establish controls with respect to data processors?
Last review date: 27 December 2024
Yes.
The obligations are as follows:
☒ controllers must conduct due conduct diligence on the processor to ensure it will provide appropriate security and processing of the personal data
☒ controllers must only use processors subject to a written agreement that complies with specific requirements