Simplifying GDPR Compliance

Discover a clear path towards GDPR compliance.

The GDPR (Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data) is an EU law with mandatory rules for how organizations must use personal data. One of the key objectives of the GDPR is to strengthen and unify personal data protection for all individuals within the EU. The GDPR restricts transfers of personal data outside the European Economic Area, unless the rights of individuals in respect of their personal data are protected.

The GDPR applies to any organization established in the EU that processes personal data. The GDPR also applies to organizations outside the EU, if they target offering goods or services to, or monitor the behavior of data subjects in the EU.

The GDPR also forms part of UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (often referred to as “UK GDPR”).

FIS clients who are subject to the GDPR (including the UK GDPR) must have a compliant Data Processing Agreement/Addendum (DPA) in place with FIS. You can request a DPA for completion and electronic signature by sending an email to

Request FIS DPA