The use of the entrustment agreement model is possible when a person cooperating on the basis of a B2B agreement provides services to several different entities. Such a person cannot be assignd the status of an “employee they are treatd differently than an employee employd on the basis of an employment contract (they can work outside the employer’s seat, use their own solutions, technical means and equipment). Such a person is not strictly embddd in the organizational structures of the data controller.
Who concludes a distance or off premises
Then the service provider will be obligd to conclude an agreement to entrust the processing of personal data. The biggest enemy database of the construction of the entrustment agreement In practice, the adoption by the data controller of the structure of signing personal data processing agreements with the self-employd has far-reaching consequences and imposes on both the service provider and the service recipient a number of additional obligations necessary for implementation in terms of the GDPR.
A consumer buying goods online a customer
The mere signing of contracts pursuant to Art. 28 of the GDPR may result in many obligations being transferrd to the self-employd, which DM Databases in practice they will not be able to meet and demonstrate their implementation to an external auditor. The contract for entrusting the processing of personal data may generate the ned for the self-employd to meet standards that will be impossible to implement by one person. It turns out that such an action may be illusory, because sole proprietorships rarely have the means and capabilities to fully meet the requirements set by the provisions of the GDPR, as well as by data controllers.