Chris
I think that in this case the contract is valid but the controller will remain responsible for the consequences of any unlawful disclosure etc by the processor. Otherwise the processor could get away with some other unrelated breach of the contract on the grounds of its being void.
Leif
>>> Chris Brogan <[log in to unmask]> 09/25 5:33 pm >>>
Our company auditors process personal data on our behalf. Wages, tax returns
etc. We renew their contract every year as per the Companies Act. I have
pointed out that I expect total compliance with the DPA and waxed lyrically
about what an exciting subject this is. A question for you. Definition of
contract law is, offer, acceptance, consideration, legally binding. If one of
those conditions is missing then it is not a contract.
Now under DP law isnt there another clause where personal data is concerned
ie instructions re compliance with data protection. If that is not included
in a contract between controller and processor is that contract void/voidable?
Chris Brogan
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|