GDPR

Data processor agreement

Data processor agreement

Since 25 May 2018, it has been a legal requirement to enter into a data processing agreement when one company gets another company to store and process personal data.
The data processing agreement is part of our general terms and conditions, and is based on a template prepared by the Norwegian Data Protection Authority.

RAW IT only stores and processes personal data categorized as "Ordinary personal data", examples of ordinary personal data include: Name and address, e-mail address, telephone number and picture.

You can find the data processing agreement here , and you can find guidance for data controllers and data processors at, among others, The Norwegian Data Protection Authority.

The data processing agreement describes, among other things:

  • What types of personal data we process
  • What treatments we carry out
  • What the purpose of the treatment is
  • What the duration of the treatment is
  • How we meet the requirements for secure data processing
  • How we live up to the rights of data subjects