Management of PoC in agreements in relation to GDPR
I have recevied a NDA where the counterparty has not included a Point of Contact (PoC) - NDA's previously received from this party always stated a PoC. They say that the General Data Protection Regulation (GDPR) prohibits them to specify a contact person in their agreements. One can only refer to a title and/or funtion. Within my organization we always state one or more PoC's as this person(s) are the ones handling any information that is classified as confidential.
Has anyone discussed this issue within your organization? If so - what is your view on it?
And if there is no PoC in the agreement - how can you make sure that the confidential information is handled in a proper manner?