Negotiation of a data processing agreement regarding the supplier's liability for personal data breaches

What was the problem?

The client is preparing to implement new software to handle contact with his customers. As part of the process, he individually negotiates a contract with the provider of the software, which includes, inter alia, a contract for data processing by the supplier on behalf of the client (the so-called data processing entrustment agreement). The supplier has sought to significantly limit its liability for potential data protection breaches as part of its standard terms and conditions.

How did we help the client?

We have been extensively involved in the process of negotiating the contract, also in the form of direct meetings with the supplier. We have presented a complex picture of the legal risks associated with a possible breach of personal data protection and the potential consequences of such a breach for the client in the light of the GDPR provisions on financial penalties.

What did the client gain?

Thanks to our support, the customer has obtained an individual approach from the supplier. The supplier agreed to significantly increase the level of its liability for the breach to a realistic amount that is more adequate to the potential risk to the client.