UK GDPR and EU GDPR—combined personal data sub-processing schedule—pro-original processor

Copyright © 2025 LexisNexis
Published by a LexisNexis Information Law expert
Precedents

UK GDPR and EU GDPR—combined personal data sub-processing schedule—pro-original processor

Copyright © 2025 LexisNexis

Published by a LexisNexis Information Law expert

Precedents
imgtext

This precedent is for use between a Processor and sub-processor and assumes the customer (as the original processor) is seeking to flow down terms agreed with a controller entity based on Precedent: UK GDPR and EU GDPR—combined Personal data Processing schedule—pro-controller.

For a list of precedent provisions for use between a controller and processor, see: List of Data protection clauses and agreements for commercial transactions and personal data processing and sharing.

This precedent uses the additional defined terms ‘Agreement’, ‘Business Day’, ‘Customer’, ‘Services’, ‘Supplier’ and ‘Supplier Personnel’, which are unlikely to be specific to this schedule and which it is assumed are separately defined in the relevant agreement.

The Schedule

Part A: Operative provisions

    1. 1

      Definitions

      1. 1.1

        In this Schedule:

        Applicable EEA Law

        1. means all applicable law(s) of the European Economic Area and European Union and of the relevant member state(s) of either;

        Applicable UK Law

        1. means all applicable law(s) of the United Kingdom (or of any part of the United Kingdom);

        Controller

        1. has the meaning given in applicable Data Protection Laws from time to time;

        Controller Entity

        1. means

Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Related legal acts:
Key definition:
Personal data definition
What does Personal data mean?

Personal data means data relating to a living individual who can be identified from such data, either alone or with other information in the data controller’s possession. It includes opinions about, and intentions in relation to the data subject.

Read more readmore

Popular documents

What are the differences between joint controllers and controllers in common under the GDPR? What is the

What are the differences between joint controllers and controllers in common under the GDPR? What is the difference in liability if a party is a joint controller with another, compared to where the parties are controllers in common?(1) What are the differences between joint controllers and

Profiling and automated decision-making

Profiling and automated decision-makingSTOP PRESS—Impact of the Retained EU Law (Revocation and Reform) Act 2023: This document contains references to retained EU law (REUL) and associated terms introduced by the European Union (Withdrawal) Act 2018 in connection with Brexit. From 1 January 2024,

Scotland—the process for applying for sequestration

Scotland—the process for applying for sequestrationSequestration in Scotland is the legal process by which an insolvent debtor’s estate is gathered in, realised and then distributed among their creditors by a trustee appointed for that purpose. The process requires that a formal award of

What is the difference between an appeal and a review?

What is the difference between an appeal and a review?What is an appeal?An appeal in insolvency proceedings is no different to an appeal in normal litigation. An appeal will be allowed only if the appeal court is satisfied that the decision of the lower court was 'wrong' or 'unjust because of a