News & Events

View All
25th May 2018

GDPR: Impact on NEPO’s contracted suppliers

The introduction of new General Data Protection Regulations (GDPR) from 25 May 2018 has led to changes in contract provisions for solutions which involve the processing of personal data.

If you are a contracted supplier on a solution identified by NEPO as being affected by the new GDPR, you will have been contacted by the relevant procurement lead regarding the changes. (Please note that not all suppliers will receive this correspondence, only those contracted under solutions that process personal data.)

If you are a contracted supplier who meets the above criteria:
  • You have received a letter and amended clauses from NEPO (or the Lead Authority) requesting agreement to the variation of the T&Cs for any clauses which previously related to Data Protection,
  • You have been asked to complete and return a Data Protection schedule which covers the specifics of processing personal data,
  • You will receive a request from NEPO Member Authorities and Associate Members to vary any call-off contracts made under the solution where applicable.
If you have received the above correspondence and have not yet responded please do so at your earliest convenience.

In addition to the above activity, all suppliers registered on the NEPO Portal will be prompted to accept new terms relating to GDPR the next time they log in to the system.

All of NEPO’s procurement documentation for new tender processes will incorporate the GDPR provisions.