6533b826fe1ef96bd1284b5a

RESEARCH PRODUCT

Application of the Article 28 (3) of the General Data Protection Regulation in contemporary Software as a Service (“SaaS”) business.

ĪLajs Lijs

subject

:LAW/JURISPRUDENCE::Other law::European law [Research Subject Categories]General Data Protection Regulation (GDPR)

description

For the purposes of this thesis, regulatory requirements associated with the Data Processing Agreement (DPA) are subject to interpretation in the context of SaaS delivery models widely adopted by prominent SaaS providers. In addition, the author argues that, multiple parties processing personal data leads to problems in determining the correct processing role. Thereby, parties may struggle in meeting the requirements of Article 28 (3) of the General Data Protection Regulation (GDPR). Failure to ensure that processing is covered by the proper DPA is regarded as an infringement of the GDPR. For that reason, the thesis seeks to stress out complications associated with structuring DPA’s and provides recommendations on how to structure DPA’s according to the selected model.

yearjournalcountryeditionlanguage
2019-01-01
https://dspace.lu.lv/dspace/handle/7/48955