Free template: Template: Declaration of obligation and confidentiality statement according to the GDPR
When employees or external service providers have access to personal information, companies (as the responsible party) must ensure that everyone involved maintain confidentiality when handling this data. A corresponding confidentiality obligation or non-disclosure agreement of all parties is urgently advisable.
As with all corporate data protection processes, this should be documented. The free samples and templates from activeMind.legal for a declaration of obligation, confidentiality statement, or non-disclosure agreement will help you with this process.
Obligation to maintain confidentiality, non-disclosure, and compliance with data protection according to the GDPR
The EU General Data Protection Regulation (GDPR) no longer refers to the concept of data secrecy. Instead, the GDPR states in several areas that ‘confidentiality’ is to be ensured, e.g. In Article 5 Paragraph 1 f) GDPR.
The way in which this takes place is left open by the General Data Protection Regulation. Article 28 Paragraph 3) (b) GDPR only makes stipulations for the data processor, e.g. that only people who have been obliged to maintain confidentiality – insofar as they are not already subject to a non-disclosure agreement – may be commissioned or employed for data processing purposes. Service providers will not be able to avoid obligating their employees to maintain confidentiality. In general, confidentiality statement must be documented in order to be able to provide proof.
But also from the perspective of the controller, the combination of demonstrable obligation and (above all!) employee training is still virtually indispensable for meeting one’s own accountability requirements (Article 5 Paragraph 2 GDPR).
Templates for the obligation to maintain confidentiality or secrecy
In addition, the template declaration also contains clauses for the special agreement of people obligated to maintain the confidentiality of business or trade secrets, such as lawyers or doctors. For these occupational groups, the information sheet includes instructions pertaining to the violation of private secrets according to § 203 of the German Criminal Code [StGB].
Please review the template for the declarations of obligation and modify them for the circumstances in your company as needed.