The European Data Protection Supervisor (EDPS) on 2 July 2020 published a press release on Reinforcing cooperation for fair IT contracts in Europe. In this press release EDPS makes public a paper detailing its findings and recommendations on the use of Microsoft products and services by EU institutions. EDPS writes:
These findings may help any public administrations when contracting ICT services, because of the similarities between the General Data Protection Regulation (GDPR) and Regulation (EU) 2018/1725 which applies to the EUIs.
It might be useful for non-public organisations as well.
Read also EDPS’ press release of 21 October 2019, EDPS investigation into IT contracts: stronger cooperation to better protect rights of all individuals.