Template: Declaration of obligation and confidentiality statement according to the GDPR
When employees or external service providers have access to personal information, companies (as the responsible party) must ensure that everyone involved maintain confidentiality when handling this data. A corresponding confidentiality obligation or non-disclosure agreement of all parties is urgently advisable.
As with all corporate data protection processes, this should be documented. The free samples and templates from activeMind AG for a declaration of obligation, confidentiality statement, or non-disclosure agreement will help you with this process.
The latest version of our template also contains optional professional-secrecy obligation clauses for the respective employees.
Obligation to maintain confidentiality, non-disclosure, and compliance with data protection according to the GDPR
The EU General Data Protection Regulation (GDPR) no longer refers to the concept of data secrecy. Instead, the GDPR states in several areas that ‘confidentiality’ is to be ensured, e.g. In Article 5 Paragraph 1 f) GDPR.
The way in which this takes place is left open by the General Data Protection Regulation. Article 28 Paragraph 3) (b) GDPR only makes stipulations for the data processor, e.g. that only people who have been obliged to maintain confidentiality – insofar as they are not already subject to a non-disclosure agreement – may be commissioned or employed for data processing purposes. Service providers will not be able to avoid obligating their employees to maintain confidentiality. In general, confidentiality statement must be documented in order to be able to provide proof.
But also from the perspective of the responsible party, the combination of demonstrable obligation and (above all!) employee training is still virtually indispensable for meeting one’s own accountability requirements (Article 5 Paragraph 2 GDPR).
Templates for the obligation to maintain confidentiality or secrecy
In addition, the template declaration also contains clauses for the special agreement of people obligated to maintain the confidentiality of business or trade secrets, such as lawyers or doctors. For these occupational groups, the information sheet includes instructions pertaining to the violation of private secrets according to § 203 of the German Criminal Code [StGB].
Please review the template for the declarations of obligation and modify them for the circumstances in your company as needed.
For version 3.2, only one paragraph on page 2 has been changed:
Independently of the aforementioned legal data protection obligation, you must maintain strict confidentiality with regard to this information. This also applies if you are a witness in civil or administrative proceedings but generally not in criminal cases. Violations of this confidentiality obligation are punishable under § 203 of the German Criminal Code [Strafgesetzbuch (StGB)].
Independently of the aforementioned legal data protection obligation, you must maintain strict confidentiality with regard to this information. This also applies if you are a witness in civil, criminal or administrative proceedings. Violations of this confidentiality obligation are punishable under § 203 of the German Criminal Code [Strafgesetzbuch (StGB)].
Compared to the previous version (3.0), only minor linguistic adjustments were made. An update of existing obligation agreements is not necessary. For new obligations by employees or service providers, we recommend that you download the current version 3.1.