SURF Framework of Legal Standards for (Cloud) Services

The SURF Legal Standards Framework for (Cloud) Services describes the standards with regard to confidentiality, privacy, property and availability when concluding contracts with (cloud) suppliers. It includes standard provisions and processing agreement that offer institutions a solid basis for contracts with suppliers.

Stoplicht op groen

Content of Legal Framework

An important part of the SURF Legal Standards Framework (Cloud)services is the Processors Agreement. In September 2018, this Agreement was brought into line with the General Data Protection Regulation (GDPR and was updated). 

New processors agreement 2019

The new Processor Agreement (PDF) is a new fully updated version of the previous version. There is also a Dutch version (PDF) available.

The Word versions, including previous versions of the documents,  can be obtained at SCIPR's private wiki.

The Legal Committee plays an important role in the drafting of the Processors' Agreement. More information on the role and composition of the Committee on Legal Affairs can be found in this document (in Dutch)

In addition to the Processors' Agreement, the Appendix B (Instructional Instruction), C (Guidelines Security Measures) and D (Guidelines Audit Obligation) will also be adapted to the new Processors' Agreement. 

Processor agreement 2016

The versions from 2016 can be found here:

The Framework also has the following annexes:

More information

SURF Model Verwerkersovereenkomst 2019
Download Dutch, File extension: PDF (File size: 209 KB)