What is a vendor in Cerivo?
Understand who your vendors are and how they fit into your data and compliance setup.
What we mean by a vendor
In Cerivo, a vendor is any external party that provides a system or service to your organization.
This includes vendors who:
- deliver software or tools
- support your operations
- process data on your behalf
You should also include vendors that receive data from you, such as:
- banks
- authorities
- pension providers
Mapping vendors helps you understand how your organization works with external partners—especially where data is involved.
Data processing agreements (DPA)
If a vendor processes data on your behalf, they are a data processor.
In this case, you should have a data processing agreement (DPA) in place.
To stay compliant:
- ensure a DPA exists
- review that it reflects current legal requirements
If the vendor is located outside the EU/EEA, you also need to document the legal basis for transferring personal data.
Keep documentation in one place
Attach relevant documentation to each vendor, such as:
- data processing agreements
- contracts
- supporting documentation
This ensures you have a clear and accessible record when you need it.
Any questions? Contact us at support@cerivo.com!