GDPR Vendor Due Diligence
Helping you to validate your vendors GDPR processes
Our GDPR Vendor Due Diligence service is designed to support businesses/organisations who want to understand and quantify the supply chain risk of a specific supply chain partner. This service is particularly important to access before any supply contract is signed. Early sight of GDPR/Data Protection risks flagged early will save a business significant cost, time, reputational damage and even embarrassment.
Within every vendor due dilligence check (both standard and enhanced due diligence), you need to assess the risks of data. This includes policies and procedures in place by the vendor/customer in question. This will help you build a clear picture of whether the data transferred between the parties is done so legitimately, safely and securely, in compliance with the appropriate data protection legisaltion such as GDPR.
In GDPR, you are a data controller. You are responsible for selecting data processors, that are suitable for processing the personal data of your data subjects. There are significant number of factors that will determine whether any given processeer is suitable for your supply chain. If an inappropriate Due Diligence process has been followed or a good one implemented poorly, then the data controller can expect to take full responsibilty for a data breach at the processor.
That is why Due Diligence is important. Whether you are vetting a partner, sub-contractor, customer or associate. Strong data protection principles must be in place.
– Designed to support organisations understand a specified supply chain risk
– Automated assessment of supplier(s) publicly available UK GDPR or EU GDPR and Cyber evidence
– Client approved interview(s) the specified supplier(s)
– Detailed supplier surveys are sent and then evaluated against GDPR requirements
– A report summarising the findings and providing high level direction is provided
• Delivered by a GDPR supply chain specialist
• Appropriate for all Micro and SME businesses, Sports Clubs/Governing Bodies and Charities/Third sector organisations
We would be thrilled to hear from you