Skip to main content

Getting Your Contracts Ready for GDPR


Date: November 16, 2017

Time: 8:00AM - 9:00AM

Location: Webinar


  • Getting Your Contracts Ready for GDPR

About the Event 

As under current law, companies that qualify as data controllers are required to have written contracts in place with their data processors (contractors who process personal data).The GDPR requires that contracts between controllers and processors contain a number of specific provisions – and if you fail to include those provisions, you could face fines of ten million euros or 2% of the corporate group’s annual revenue, even if no actual harm has occurred.  But it’s not all about controller-to-processor transfers – data controllers that exchange personal data with each other should give serious thought to their GDPR obligations and seek contractual commitments to minimize their risk of liability or fines.  In this webinar, we will review the GDPR’s express contract requirements and discuss additional matters that you may want to address in your contracts.


Thursday, November 16, 2017 - 1:00 PM ET

Click Here to View Recording


Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.