Skip Navigation

NAID Releases New GDPR-Compliant Contract

Bookmark and Share

July 12, 2017

Data controllers and service providers in all European Union (EU) member-countries are required on 25 May 2018 to comply with the new General Data Protection Regulation (GDPR). When it goes into effect, it will be the strongest data protection regulation in the world, including possible fines of up to 4% of annual turnover, data breach notification requirements, and thorough due diligence in the selection and monitoring of service providers.

Among the new requirements, data controllers will also be required to have contracts with all data-related service providers (called data processors under the regulation), that binds them to the very specific security and regulatory compliance provisions of the GDPR.

Although the contract is ultimately the responsibility of the customer, according to NAID-Europe Chairman Amadeo Roig Casanova (Destrupak/Spain), service providers who can provide a GDPR-compliant contract to their customers, will have a strong advantage. “Many customers are unaware of their new responsibilities,” says Roig. “By providing a contract, the service provider is protecting them, and also saving them the expense of creating a new contract.”

The NAID GDPR-complaint contract was commissioned from the law firm of Allen & Overy, among the most highly regarded privacy law practices in the world.

According NAID CEO Bob Johnson says there is no reason to wait to start using these new tools, “Just this week, Germany realigned its data protection laws to align with the new regulation. “Now is the time to start talking to customers about it.”

The GDPR Contract is available to all NAID members by submitting the NAID Standard Industry Contracts (NSIC) Release Form. The contract is currently available in English only but there are plans to make it available in German, Italian, French, Spanish and Dutch in September of this year.

2018 GDPR Conference

NAID-Europe is currently planning an event before the GDPR effective date to introduce other sales and training tools intended to help with GDPR Compliance. Members are urged to look for up-coming announcements regarding the location and date.

Request the GDPR Data Processor Contract >>

PDF Document NAID Standard Industry Contracts (NSIC) Release Fo