A challenging aspect of GDPR compliance is integrating the law’s requirements into existing vendor management relationships, agreements, policies and procedures. The GDPR makes the data controller explicitly responsible to ensure that its vendors handle personal data entrusted to them properly. This webinar will look at the controller’s GDPR compliance in relation to vendor management.

The Privacy Office plays a key role in vendor management, and is a stakeholder in the outcomes of the vendor management process in order to ensure compliance. With Information Security and Vendor Management, the Privacy Office identifies when 3rd-party processors are being used, engages the right policies and procedures to ensure privacy is covered in contracts, ensure proper due diligence is conducted and has ongoing reporting for all privacy related vendor management support. The privacy office offers the proper mix of guidance, support and oversight to ensure privacy compliance with laws and policies when processing is conducted outside of the organisation.

This webinar is eligible for 1 CPE Credit and will be recorded and available for download shortly.


Teresa Troester-Falk, Nymity, Chief Global Privacy Strategist and former Associate General Counsel (Privacy), Information Services

Andy Garner, Nymity Product Director, Attestor and former Global Privacy Manager, Legal Services

Lisa Ruff, Nymity Senior Solutions Advisor and former Data Protection Specialist, Financial Services and Hospitality