vendor-monitoring-program
Installation
SKILL.md
Vendor Privacy Monitoring Program
Overview
GDPR Article 28(1) imposes a continuing obligation on controllers to ensure that processors maintain sufficient guarantees. This is not a one-time assessment — the EDPB Guidelines 07/2020 (paragraph 87) explicitly state that the controller's assessment obligation is ongoing. The Vendor Privacy Monitoring Program at Summit Cloud Partners implements continuous oversight proportionate to the risk each vendor presents.