The General Data Protection Regulation will have a significant impact on service providers/vendors (i.e. data “processors”) and organisations that engage them by imposing a number of detailed obligations and restrictions directly on processors, unlike the current Directive that only applies to data controllers. The new rules for processors are considered in detail in the attached entry. This entry is an excerpt from Hogan Lovells’ “Future-proofing privacy: A guide to preparing for the EU Data Protection Regulation.”