Legal Business Blogs

Legal technology sponsored briefing: GDPR contract amendment and remediation

Simplify, automate and expedite contract amendment and remediation (repapering)

The General Data Protection Regulation (GDPR) became effective on 25 May 2018. An important part of GDPR compliance is amending or ‘repapering’ vendor contracts, which can be time consuming and expensive. Our digitally powered approach to repapering can save you 40-80%.1

Higher-stakes data privacy protection

GDPR gives individuals greater rights over their data and limits how companies process private information.2 The fine for non-compliance with GDPR is up to 4% of annual revenues.

GDPR places liability on organisations that own the data (controllers) and those that manage that data (processors), so non-compliance by third-party processors can result in your organisation being non-compliant.

Ensure your contracts are GDPR-strong

With the onus that GDPR places on organisations, existing contracts with processors must be revised to define consistent processes for managing and protecting data, and reporting on breaches. On top of this, client contracts must be amended to reflect the regulatory changes.

Having a digital solutions partner with broad capabilities can help you efficiently and effectively ensure your contracts are GDPR compliant.

Our digitally powered solutions help clients handle complex contract repapering. Applying a hybrid approach, we work closely with organisations and their attorneys to design a solution that combines the best of people, process and digital technology.

Our solution architects and legal project managers assist in:

  • ‘Datafying’ contracts to speed identification and extraction of relevant terms, clauses and sections from contracts.
  • Applying analytics to assess risks, obstacles, trends and opportunities within the contract portfolio.
  • Assessing and analysing contracts, for example, to identify multiple forms of a specific clause, specific lacking provisions, etc.
  • Drafting, transmitting and tracking notices and conducting outreach efforts.
  • Repapering (eg, incorporating new clauses and sections) and executing new contracts.
  • Uploading contracts into client databases.

Broad capabilities

Contracts are an essential component of doing business. However, most contract portfolios contain significant latent and unmonitored risk because most companies lack adequate transparency into their contracts. This lack of visibility and access to contracts puts them in jeopardy with third parties, counterparties, clients, and regulatory agencies that increasingly require near-real time transparency into a company’s contractual risk.

As a digital interactions company, we leverage advanced data science and machine learning approaches to digitise contract terms and clauses in our proprietary contract analytics platform, so that contract governance is more strongly integrated in your business operations, driving immediate and powerful insights and process automation.

Discover and assess the real risks inherent in their contracts and plan the appropriate actions

Quickly respond to regulatory demands

Maintain compliance with contractual relationships

Optimise future contracting standards to generate greater contract value

Realise the full negotiated potential of both individual contracts and the entire portfolio

Proactively identify contractual and counterparty risk

Remediate, renegotiate or re-paper contracts as needed

Global data centres

With managed data centres and operations throughout the US and Europe, we can handle projects of any scale, language or international complexity. Our data centres have petabytes of capacity, hundreds of gigabytes of throughput each day and virtually limitless scalability.

Data security and privacy

Keeping data secure is of critical importance. Conduent data centres are accredited with ISO 27001 and Tier 3+, the gold standard for security certification and uptime. We employ comprehensive security measures to minimise risk and protect your data at the physical, application and user levels, including redundant backup, and extensive disaster and business continuity planning. We regularly undergo comprehensive, independent, third-party audits of security controls, including network penetration and application vulnerability testing.

Conduent complies with international standards for data privacy as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from EU member countries. Conduent adheres to privacy principles of notice, choice, onward transfer, security, data integrity and access, and EU data is stored and processed exclusively in our UK data centres.


Our services are designed to ensure the utmost defensibility in every stage of the process. Rigorous protocols, including chain of custody records, quality control processes that include a combination of automated and human checks, and the highest security standards ensure a defensible audit trail at every stage in the process.

Conduent Legal and Compliance Solutions (‘Conduent’) is not authorised to practice law, and neither offers legal advice nor provides legal services in any jurisdiction. The services offered by Conduent are limited to the non-legal, administrative aspects of document review and discovery projects. Conduent provides such services solely at the direction and under the supervision of its clients’ authorised legal counsel.

© 2018 Conduent, Inc. All rights reserved. Conduent and Conduent Agile Star are trademarks of Conduent, Inc. and/or its subsidiaries in the United States and/or other countries.

For more information, please contact:


T: +1 844 663 2638

1. Savings vary based on scope of project.
2. A growing number of practitioners suggest that restrictions on individuals’ data will extend beyond the EU either by law or through market forces. Facebook’s valuation dropped by nearly $70bn due in large part to the release of its users’ information.