SIG Resource Center

Preparing Your Vendor Agreements for GDPR

Whether based in or outside the European Union, organizations that process the personal data of individuals located in the EU must prepare to comply with the General Data Protection Regulation (“GDPR”)—a tougher and more complicated regulatory framework.




Replacing the 1995 Data Protection Directive, the GDPR tightens restrictions on the collection and use of personal data and permits national data protection authorities to impose fines of up to the greater of four percent of an organization’s annual global revenue or €20,000,000 for each infringement.

The full content of this page is only available to SIG Members.