Skip to main content
Back to Glossary
Legal

Data Protection in Procurement

GDPR and BDSG requirements for processing personal data in procurement procedures and public contracts.

What is Data Protection in Procurement?

Data protection in procurement encompasses all GDPR and BDSG requirements for processing personal data in procurement procedures and public contracts.

Legal Framework

  • GDPR (EU) 2016/679
  • BDSG: Federal Data Protection Act
  • Section 5 VgV: Confidentiality in procurement
  • Art. 28 GDPR: Data processing agreements

Data Processing Agreement (DPA)

For contracts involving personal data processing, a DPA under Art. 28 GDPR must cover the subject of processing, technical measures, subcontractors, audit rights, data location, and deletion concept.

Data Protection Requirements in Tenders

Increasingly included as criteria: data protection concepts, DPO appointment, technical measures, certifications (ISO 27701), and EU data processing requirements.

How Patterno Helps

Patterno analyzes tender documents and identifies data protection requirements, flagging compliance aspects like DPAs, GDPR conformity, and data protection concepts.

Related Terms

Procurement Procedures

E-Procurement

Documents

Tender Documents

Documents

Confidentiality Agreement

Legal

Public Procurement Law

Digital

AI in Procurement

Find Matching Tenders

With Patterno you automatically find relevant tenders - based on your profile.

Start for free