Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?
Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?
Under the General Data Protection Regulation (GDPR), when engaging a sub-processor, the processor must obtain the consent of the controller and ensure that the sub-processor complies with obligations that are equivalent to those that apply to the processor. These obligations are essential to maintain the same level of data protection and accountability throughout the data processing chain.
D. The processor must obtain the consent of the controller and ensure the sub-processor complies with data processing obligations that are equivalent to those that apply to the processor.