Commissioned Data Processing Agreement

4 Categories of persons concerned who are affected by the treatment PRESENT ACCORD DEFINEs the obligations of the contracting parties with respect to the processing of personal data on behalf of the client by the contractor under the main contract. This agreement on THE DATA replaces previous data protection agreements between the parties. (3) With respect to the processing of personal customer data only in relation to cloud services, Section 7, paragraph 2 of the RP agreement is replaced by the following text: “When a person contacts the cloud service provider as part of the exercise of his rights in accordance with Chapter III of the RGPD (for example.B. Correction, deletion and blocking of data, right to data portability) the cloud service provider will make economically reasonable efforts to transmit such a request or pass on the person concerned to the contractor, and the contractor will transmit this request to the customer if the supplier is able, based on the information provided by the Da-ta subject. , to identify the client as the person responsible for responding to the request of these individuals. 8.4 If the subcontractor does not comply with its data protection obligations, the holder is liable to the contractor for compliance with the subcontractor`s obligations and for his own fault. 6.4 The contractor provides the licensee with all the information necessary for the holder to maintain the data set relating to the categories of processing activities covered by Section 30, paragraph 2, of the RGPD. The EU`s general data protection regulation is more serious about contracts than previous EU data protection rules. If your organization is subject to the RGPD, you must have a written data processing agreement with all data processors. Yes, a data processing agreement is boring paperwork. But it is also one of the most fundamental steps of RGPD compliance and necessary to avoid RGPD sanctions.

11.1 The subcontractor may not transfer or authorize the transfer of data to countries outside the EU and/or the European Economic Area (EEA) without the company`s prior written consent. When personal data processed under this agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the parties ensure that personal data is adequately protected. To do so, contracting parties, unless otherwise agreed, rely on standard contractual clauses approved by the EU for the transfer of personal data. The subcontractor immediately makes available to the processing manager, upon request, the information necessary to establish a record of processing operations.