|
|
|
|
|
|
by lmkg
2778 days ago
|
|
|
In my (non-expert) opinion, one of the most important parts of the linked DPA is where Google claims that they are a Processor and not a Controller under GDPR. A Controller has discretion of what processing takes place and how it is used. A Controller also has greater responsibilities under GDPR to both the data subject and to the authorities. If Google wants to limit their exposure to GDPR (and I see every indication that this is their current strategy), then they need to make sure they only carry out the processing activities outlined in the DPA. |
|
|