Application of the Article 28 (3) of the General Data Protection Regulation in contemporary Software as a Service (“SaaS”) business.

Lijs, Īlajs

Application of the Article 28 (3) of the General Data Protection Regulation in contemporary Software as a Service (“SaaS”) business.

Files

Lijs_Ilajs.pdf(754.47 KB)

Date

2019

Authors

Lijs, Īlajs

Publisher

Riga Graduate School of Law

Abstract

For the purposes of this thesis, regulatory requirements associated with the Data Processing Agreement (DPA) are subject to interpretation in the context of SaaS delivery models widely adopted by prominent SaaS providers. In addition, the author argues that, multiple parties processing personal data leads to problems in determining the correct processing role. Thereby, parties may struggle in meeting the requirements of Article 28 (3) of the General Data Protection Regulation (GDPR). Failure to ensure that processing is covered by the proper DPA is regarded as an infringement of the GDPR. For that reason, the thesis seeks to stress out complications associated with structuring DPA’s and provides recommendations on how to structure DPA’s according to the selected model.

Keywords

Research Subject Categories::LAW/JURISPRUDENCE::Other law::European law , General Data Protection Regulation (GDPR)

URI

https://dspace.lu.lv/dspace/handle/7/48955

Collections

RJA Maģistra darbi / RGSL Master's Thesis

Full item page