News 4
Data protection negotiation guide—controller: processor—deletion and return of data at the end of the processing
Published by a LexisNexis Information Law expert
Practice notesData protection negotiation guide—controller: processor—deletion and return of data at the end of the processing
Published by a LexisNexis Information Law expert
Practice notesThis Practice Note forms part of the data protection Negotiation Guide (Guide). This part of the Guide addresses the negotiation of provisions relating to deletion and return of personal data at the end of the processing in agreements between controllers and processors subject to the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR).
For an introduction to the Guide, see Practice Note: Data protection negotiation guide—controller: processor—introduction. This Practice Note utilises a number of common abbreviations. They are separately defined within the above introduction.
As explained in Practice Note: Data protection negotiation guide—controller: processor—introduction:
- •
the parties have commercial flexibility to allocate the costs and expenses of performing these obligations between themselves
- •
there are significant similarities between the UK GDPR and the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) and the Guide focuses on the position under the UK GDPR. For information about the background to the UK GDPR and its relationship with the EU GDPR, see Practice Note:
To view the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.
Related documents:
Practice notes 4
Precedents 2
Q&As 2