DLA Piper Global Law Firm

Article 28(3) of the GDPR can be read as requiring any agreement between a controller and a processor, or any agreement binding a Subprocessor in order to meet the requirements of article 28(3), to be governed by EU or EU member state law. ................
................