GDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10
|
|
- Lizbeth Lindsay McBride
- 5 years ago
- Views:
Transcription
1 GDPR AMC SAAS AND HOSTED MODULES UK version AMC Consult A/S June 26, 2018 Version 1.10
2 INDEX 1 Signatures General Definitions Scoping In scope Responsibilities of the data processor Responsibilities of the data controller Using Sub processors and data transfer Security Access to audit Duration and termination General terms Changes Liability Law and jurisdiction Force majeure Definitions of personal data Categories of none sensitive personal data processed under the agreement Categories of none sensitive personal data Categories of Sensitive Personal Data which are processed under this agreement GDPR for SAAS and Hosted Modules at AMC 2
3 1 SIGNATURES AMC-Consult A/S Signature: Date: Signed by: Peter Makki, CEO Company (Name) Signature: Date: Signed by: (Name / Title in capital letters) Company contact person(s) Contact 1: 1: Contact 2: 2: (Please use capital letters) GDPR for SAAS and Hosted Modules at AMC 3
4 2 GENERAL AMC hereby makes data processing agreement that is the basis for processing personal data when you are an AMC customer. The parties are hereinafter referred to as customer the "Data Controller" and AMC as the "Data Processor" and "Party" or "Parties". If you use the AMC software, the controller will be responsible for the processing of personal data in the application. The data processor will process personal data on behalf of the data Controller. To ensure that the parties comply with their obligations in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council ("GDPR"), the Parties have entered into data processing agreements ("the Agreement") which provides instructions from the controller to data processor, thus regulating the processing of personal data by the data processor on behalf of the controller. Both Parties confirm that they are authorized to sign the Agreement. The processor as well processes Personal Data in accordance with the AMC s privacy policy. It applies to the entire Agreement and in the relationship between the Data Controller and the Data Processor that claims arising from the GDPR described in this agreement and which do not comply with current legislation will not apply until 25 May 2018, where the GDPR applies. GDPR for SAAS and Hosted Modules at AMC 4
5 3 DEFINITIONS The definition of personal information, special categories of Data (Sensitive Information), processing, the data subject, the Data controller and Data processor is the same as the relevant privacy legislation, including GDPR. The agreement governs the Data Processor's Processing of Personal Data on behalf of the Data Controller and describes how the Data Processor will help protect privacy on behalf of the Data Controller and its Data Subjects through the technical and organizational measures required under the applicable data protection legislation, including the GDPR from 25. May The purpose of the Data Processor's Processing of Personal Data on behalf of the Data Controller is to ensure the Data Controller's use of the Application and the fulfillment of this Agreement. The agreement takes precedence over other conflicting provisions relating to the processing of personal data as regards terms of use of the Application or in any other agreement between the Parties. The agreement is valid as long as the Data Controller subscribes to the AMC SAAS, and the Data Processor must therefore process Personal Data on behalf of the Data Controller. However, the agreement does not take precedence if the Parties have concluded another data processing agreement, stating that the data processing agreement takes precedence over this Agreement. GDPR for SAAS and Hosted Modules at AMC 5
6 4 SCOPING 4.1 IN SCOPE Unless you are using AMC modules on prem the GDPR agreement is in scope. GDPR for SAAS and Hosted Modules at AMC 6
7 5 RESPONSIBILITIES OF THE DATA PROCESSOR The data processor must process personal data only on behalf of and on the basis of the data controller's instructions. By concluding this Agreement, the responsible entity accountable for data processing, commissions the processing of personal data in the following ways: * in accordance with applicable law * to fulfill the obligations arising from the subscription terms for the Application * in a manner more defined by the normal use of the Application by the Data Controller * as described in this Agreement As part of providing the Application, the Data Processor is obliged at all times to provide the Data Controller with good and competitive solutions that accompany the development. The data processor can offer better solutions that are tailored to the needs of the Data Controller by registering how the Data Controller and its representatives use the Application. This makes the Data Processor in order to make a better version of the Application and generally provide better services and provide more relevant communication to the Data Controller and its representatives. The goal is for Data Controller to solve as many challenges as possible in one place. To the extent that personal data from the Application form part of this work, they are processed in accordance with this Agreement and applicable law and may be shared with companies in the AMC for this purpose. The Data Controller has no reason to believe that applicable law prevents the Data Controller from following the instructions reproduced above. If this becomes aware, the Data Processor shall provide the Data Controller a notice of instructions or other Processing Activities performed by the Data Controller, which, in the view of the Data Processor, violates the applicable data protection legislation. The Categories of Registered and Personal Data Processed under this Agreement are described in chapter 5. Taking into account the available technology and the cost of implementation, as well as the scope, context and purpose of the Process, the Data Processor is required to take all reasonable measures, including technical and organizational, to ensure a sufficient level of security in relation to the risk and the category of Personal Data to be protected. Data Processor will assist the controller with appropriate technical and organizational measures as possible and taking into account the nature and category of information that GDPR for SAAS and Hosted Modules at AMC 7
8 is available for Data processor, in order to ensure compliance with the obligations of the controller in accordance with applicable Data protection legislation, including assistance in relation to the fulfilment of the requests by data subjects and general compliance with the provisions of the GDPR Articles The Data Processor shall notify the Data Controller without undue delay via a contact person specified in the Data Processing Agreement if the Data Processor becomes aware of a security shortage. In addition, the Data Processor shall, as far as possible and legally, inform the Data Controller if: * A request for insight into Personal Information is received directly from the Data Subject * A request for insight into Personal Data is received directly from government agencies, including the police. The Data Processor may not respond to such requests from data subject, unless authorized by the Data Controller to do so. The data processor will also not disclose information about this Agreement to governmental authorities such as the police, including Personal Data unless the Data Processor is required by law, such as a court order or similar. If the Data Controller requires information or assistance regarding security, documentation or information about how the Data Processor Processes Personal Data generally and such request contains information that goes beyond what is required by applicable Data Protection Law, the Data Processor may require payment for such additional services. The data processor and its employees shall ensure confidentiality in relation to Personal Data processed under the Agreement. This provision shall also apply after termination of the Agreement. GDPR for SAAS and Hosted Modules at AMC 8
9 6 RESPONSIBILITIES OF THE DATA CONTROLLER The Data Controller confirms after conclusion of this contract that: * The Data Controller shall use the application provided by the Data Processor to only process personal data in accordance with the requirements of the applicable Data protection law. * The Data controller has a legal basis to process and disclose personal data to a Data processor (including Sub processor which Data Processor uses). * The Data Controller is responsible for the accuracy, the integrity, credibility and the lawfulness of the personal data processed by the data processor. * The Data Controller has fulfilled all mandatory requirements and duties in relation to notification to, or obtaining permission from, the relevant public authorities as regards the Processing of Personal Data. * The Data Controller has fulfilled his disclosure obligations to the Data Subject regarding the processing of Personal Data in accordance with applicable data protection legislation. * The controller agrees that Data Processor have given the appropriate assurances in respect of the implementation of the technical and organizational security measures to safeguard the data subjects ' rights and their personal data. * When using the Application, the Data Controller shall not process Sensitive Information, unless specified in chapter 12 to this Agreement. * The Data Controller must have an updated list of the categories of Personal Data it treats, especially if such treatment differs from the categories of information listed in chapter 12. GDPR for SAAS and Hosted Modules at AMC 9
10 7 USING SUB PROCESSORS AND DATA TRANSFER As part of the operation of the Application, the Data Processor uses subcontractors ("Sub processors"). Such Sub processors may be other companies within the AMC group to which AMC is a part or third-party supplier within and outside the EU / EEA. The data provider's subcontractors will be listed on AMC website in a list of Sub processors. (Currently there is no, but there may be some in the future. Be aware that some banks the data controller may transfer payment files to can contain information mentioned in the chapter 12) The data processor must ensure that its Sub processor is subject to the corresponding obligations and requirements described in the Agreement. All use of Sub processors is also subject to the AMC Privacy Statement. This agreement constitutes the controller prior general and specific written approval of the Data Processor's Use of Sub processors. If a Sub processor or Personal Data is respectively established outside or is stored outside of the EU / EEA, the Data Processor provides authorization to ensure a sufficient basis for transferring Personal Data to a third country on behalf of the Data Controller, using the EU Commission Standard Contracts. The Data controller must be informed before the Data Processor replaces its Sub processor. However, the Data Controller is only entitled to protest against a new Sub processor who processes Personal Data on behalf of the Data Controller if it does not process data in accordance with applicable data protection legislation. In such a situation, the Data Processor shall demonstrate compliance by giving the Data Controller access to the Data Processor's data protection assessment by the Data Processor. If there is still disagreement about the use of the Sub processor, the Data controller may terminate its subscription to the Application, including with a shorter notice than usual, to ensure that the Data Controller's Personal Information is not processed by the appropriate Sub processor. GDPR for SAAS and Hosted Modules at AMC 10
11 8 SECURITY The data processor is required to ensure a high level of security in its products and services, which is ensured by relevant organizational, technical and physical security measures required by information about security measures as described in article 32 GDPR. In addition, the AMC internal data protection policies aim at ensuring confidentiality, integrity, resilience and access to Personal Data. The following measures are particularly important: * Classification of Personal Data to ensure implementation of security measures relevant to risk assessments. * Assessment of encryption and pseudonymizing as risk mitigating factors * Assessment of anonymizing as risk mitigating factors * Limit access to personal data to the relevant persons to comply with the requirements and obligations of the agreement or in accordance with the parties ' agreement on the use of the application. * Operation and implementation of systems that can detect, restore, respond and report events related to Personal Data. * Identify the security structure and how to transfer Personal Data between the Parties. * Carry out assessment of own security level in order to ensure that the current technical and organizational measures are adequate for the protection of personal data in accordance with article 32 on the security of processing as well as GDPR article 25. GDPR for SAAS and Hosted Modules at AMC 11
12 9 ACCESS TO AUDIT The Data Controller is entitled to initiate a review of the Data Processor's obligations under the Agreement once a year. If the Data Controller is required to do so under applicable legislation, audits may be repeated more often. The Data controller must provide a detailed audit plan with a description of the scope, duration and start date at least four weeks prior to the proposed start date. It must be decided jointly between the Parties if a third party is to conduct the audit. However, the Data Controller may allow the Data Processor to conduct the security review by a neutral third party after the Data Processor's choice, if it is a processing environment where multiple data controller data is used. If the proposed scope of the audit follows an ISAE, ISO or similar certification report conducted by a qualified third-party auditor within the previous twelve months and the Data Processor confirms that there have been no material changes in the measures under review, it shall Data controllers accept this review instead of requesting a new review of the measures already covered. In any case, audits must take place during normal office hours on the relevant facility in accordance with the Data Processor policies and may not unreasonably interfere with the Data Processor's usual commercial activities. The Data Controller is responsible for all costs in connection with the request for audit. The Data processor s assistance in connection therewith, which exceeds the regular service, are billed separately. GDPR for SAAS and Hosted Modules at AMC 12
13 10 DURATION AND TERMINATION The agreement is valid as long as the Data Processor Processes Personal Data on behalf of the Data Controller in connection with the Data Controller's use of the Application. This Agreement will automatically terminate at the end of the Data Controller's termination period in relation to Application Subscription. Upon termination of the subscription, the Data Processor will delete all Personal Data that the Data Processor has processed on behalf of the Data controller under the Agreement. If the Data Controller requests data retrieval assistance, the associated costs shall be covered by the Data controller and will be based on: * hourly rates for the Data Processor's time spent * the complexity of the requested process and * the chosen format. The Data Processor is entitled to retain Personal Data after termination of the Agreement to the extent required by applicable law, which in such case will be in accordance with the technical and organizational safeguards described in the Agreement. GDPR for SAAS and Hosted Modules at AMC 13
14 11 GENERAL TERMS 11.1 CHANGES Changes to the Agreement must be enclosed in a separate amendment to the Agreement. If any of the provisions of the Agreement are invalid, this will not affect the remaining provisions. The parties shall replace invalid provisions with a legal provision that reflects the purpose of the invalid provision LIABILITY Liability for actions contrary to the provisions of this Agreement is governed by liability stated in the General Terms for Supply of Software and Consultancy Services Agreement found here. This also applies to any violation by the Data Processor Sub processors LAW AND JURISDICTION Law and jurisdiction is governed by the General Terms for Supply of Software and Consultancy Services Agreement found here FORCE MAJEURE Force majeure is governed by the General Terms for Supply of Software and Consultancy Services Agreement found here. GDPR for SAAS and Hosted Modules at AMC 14
15 12 DEFINITIONS OF PERSONAL DATA 12.1 CATEGORIES OF NONE SENSITIVE PERSONAL DATA PROCESSED UNDER THE AGREEMENT 1. Categories of Data Subjects 2. The Data Controller s end users 3. The Data Controller s staff (salary payments) 12.2 CATEGORIES OF NONE SENSITIVE PERSONAL DATA 1. Name 2. Title 3. Phone number Address 6. Bank account number (only for personal bank transfers) 12.3 CATEGORIES OF SENSITIVE PERSONAL DATA WHICH ARE PROCESSED UNDER THIS AGREEMENT Data processor on behalf of the Data controller must deal with one or more of the following information about: 1. CPR number via nem konto (only for easy account transfers in DK) GDPR for SAAS and Hosted Modules at AMC 15
Data Processing Agreement
In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal
More informationData Processing Agreement
Data Processing Agreement Merchant (the "Data Controller") and Nets (the "Data Processor") (separately referred to as a Party and collectively the Parties ) have concluded this DATA PROCESSING AGREEMENT
More informationData Processing Clauses
Data Processing Clauses The examples of processing clauses below are proposed pending the adoption of standard contractual clauses within the meaning of Article 28.8 of general data protection regulation.
More informationData Processor Agreement
Data Processor Agreement Data Controller: Customer located within the EU (the Data Controller ) and Data Processor: European Representative Company: ONE.COM (B-one FZ-LLC) One.com A/S Reg.no. Reg.no. 19.958
More informationData Processing Agreement
Data Processing Agreement Addendum to the Main Contract between Simonsen Chartering Aps Christiansmindevej 74 CBR no.: 20702206 (hereinafter referred to as the Shipping Company ) and 3 rd party processing
More informationDATA PROCESSING TERMS
DATA PROCESSING TERMS Safetica Technologies s.r.o. These Data Processing Terms (hereinafter the Terms ) govern the rights and obligations between the Software User (hereinafter the User ) and Safetica
More information"PPS" is Private Practice Software as developed and produced by Rushcliff Ltd.
Rushcliff Ltd Data Processing Agreement This Data Processing Agreement ( DPA ) forms part of the main terms of use of PPS, PPS Express, PPS Online booking, any other Rushcliff products or services and
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version January 12, 2018 1. Scope, Order of Precedence and Term 1.1 This data processing agreement (the Data Processing Agreement ) applies to Oracle
More informationSHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT
SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT AGREEMENT DATED [ ] BETWEEN: (1) SHELTERMANAGER LTD and (2) [ ] ( The Customer ) BACKGROUND (A) (B) (C) This Agreement is to ensure there is in place
More informationData Processing Agreement DPA
Data Processing Agreement DPA between Clinic Org. no. «Controller». and Calpro AS Org. nr. 966 291 281. «Processor» If the parties have executed a Data Management Agreement, the Date Management Agreement
More informationData Processing Agreement
Data Processing Agreement This Data Processing Agreement ( the Agreement or DPA ) constitutes the obligations for TwentyThree ApS Sortedam Dossering 5D 2200 Copenhagen N Denmark (hereinafter The Data Processor
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA ) is entered into between: A. The company stated in the Subscription Agreement (as defined below) ( Data Controller ) and B. Umbraco A/S Haubergsvej
More informationData Protection. Code of Conduct for Cloud Infrastructure Service Providers
Data Protection Code of Conduct for Cloud Infrastructure Service Providers 27 JANUARY 2017 Introduction... 3 1 Structure of the Code... 5 2 Purpose... 6 3 Scope... 7 4 Data Protection Requirements... 9
More informationDATA PROTECTION POLICY THE HOLST GROUP
DATA PROTECTION POLICY THE HOLST GROUP INTRODUCTION The purpose of this document is to provide a concise policy regarding the data protection obligations of The Holst Group. The Holst Group is a data controller
More informationData Processing Agreement
Data Processing Agreement between The Data Controller Name Address Postcode and city Country and The Data Processor Idha Sweden AB Norra vägen 28 856 50 Sundsvall Sweden] Page 1 of 15 1 Content 2 Data
More informationGerman Data Processing Addendum MailChimp
Customer EU Data Processing Addendum This Data Processing Addendum ("DPA"), forms part of the Agreement between The Rocket Science Group LLC d/b/a MailChimp ("MailChimp") and CK Coaching Köln ("Customer")
More informationHPE DATA PRIVACY AND SECURITY
ARUBA, a Hewlett Packard Enterprise company, product services ( Services ) This Data Privacy and Security Agreement ("DPSA") Schedule governs the privacy and security of Personal Data by HPE in connection
More informationIndividual Agreement. commissioned processing
Individual Agreement commissioned processing (in the following: AGREEMENT) Between 1. - Address owner / Controller - and 2. - Service provider / Processor - As of: 09/2017, Page 2 of 12 The following provisions
More informationEmsi Privacy Shield Policy
Emsi Privacy Shield Policy Scope The Emsi Privacy Shield Policy ( Policy ) applies to the collection and processing of Personal Data that Emsi obtains from Data Subjects located in the European Union (
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT HIRINGBOSS HOLDINGS PTE LTD This DPA is entered into between the Controller and the Processor and is incorporated into and governed by the terms of the Agreement. 1. Definitions
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More informationCustomer EU Data Processing Addendum
From: MailChimp Legal Team To: TC - Info - Heart of the City Subject: MailChimp Data Processing Addendum Date: 10 May 2018 13:15:11 Attachments: ATT00001.png Customer EU Data Processing Addendum This Data
More informationWithin the meanings of applicable data protection law (in particular EU Regulation 2016/679, the GDPR ):
Privacy Policy Introduction Ikano S.A. ( Ikano ) respects your privacy and is committed to protect your Personal Data by being compliant with this privacy policy ( Policy ). In addition to Ikano, this
More informationBend Mailing Services, LLC, dba BMS Technologies ( us, we, or our ) operates the website (the Service ).
Privacy Policy online-billpay.com Effective date: May 18, 2018 Bend Mailing Services, LLC, dba BMS Technologies ( us, we, or our ) operates the https://www.online-billpay.com/ website (the Service ). This
More informationEco Web Hosting Security and Data Processing Agreement
1 of 7 24-May-18, 11:50 AM Eco Web Hosting Security and Data Processing Agreement Updated 19th May 2018 1. Introduction 1.1 The customer agreeing to these terms ( The Customer ), and Eco Web Hosting, have
More informationPS Mailing Services Ltd Data Protection Policy May 2018
PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect
More informationWorkday s Robust Privacy Program
Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield
More informationQ&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR )
Q&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR ) May 2018 Document Classification Public Q&A for Citco Fund Services clients in relation to The General Data Protection
More informationTERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY
TERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY Trademarks-Intellectual Property Rights Xtrade BLZ (hereinafter called the Company or we or us) is the owner of the Copyright in the pages
More informationPRIVACY POLICY PRIVACY POLICY
PRIVACY POLICY 1 A. GENERAL PART 1.1. COLLECTION AND PROCESSING OF USER DATA Within the scope of the availability of the website hosted in www.alpinushotel.com and of the services and communications made
More informationVersion 1/2018. GDPR Processor Security Controls
Version 1/2018 GDPR Processor Security Controls Guidance Purpose of this document This document describes the information security controls that are in place by an organisation acting as a processor in
More informationCD STRENGTH LLC. A MASSACHUSETTS, USA BASED COMPANY
CD STRENGTH LLC. A MASSACHUSETTS, USA BASED COMPANY PRIVACY POLICY This Privacy Policy will be effective as of May 23, 2018 for all new users and users in EU and EEA member countries. For all other users,
More informationUWTSD Group Data Protection Policy
UWTSD Group Data Protection Policy Contents Clause Page 1. Policy statement... 1 2. About this policy... 1 3. Definition of data protection terms... 1 4. Data protection principles..3 5. Fair and lawful
More informationGDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd
GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document
More informationIBM Sterling B2B Services File Transfer Service
Service Description IBM Sterling B2B Services File Transfer Service This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
More informationRules for Commissioned Processing. (DDV Declaration of Conformity)
Rules for Commissioned Processing (DDV Declaration of Conformity) Service provider (in the following Service Provider) Representative Street name and number Postal code, place E-mail address Website Version:
More informationSecure Messaging Mobile App Privacy Policy. Privacy Policy Highlights
Secure Messaging Mobile App Privacy Policy Privacy Policy Highlights For ease of review, Everbridge provides these Privacy Policy highlights, which cover certain aspects of our Privacy Policy. Please review
More information1 About GfK and the Survey What are personal data? Use of personal data How we share personal data... 3
Privacy Notice For ad-hoc CAWI (without target list) V1.0 June 4, 2018 Contents 1 About GfK and the Survey... 2 2 What are personal data?... 2 3 Use of personal data... 2 4 How we share personal data...
More informationFabric Data Processing and Security Terms Last Modified: March 27, 2018
Fabric Data Processing and Security Terms Last Modified: March 27, 2018 The customer agreeing to these terms ( Customer ), and Google LLC (formerly known as Google Inc.), Google Ireland Limited, Google
More informationIt applies to personal information for individuals that are external to us such as donors, clients and suppliers (you, your).
Our Privacy Policy 1 Purpose Mission Australia is required by law to comply with the Privacy Act 1988 (Cth) (the Act), including the Australian Privacy Principles (APPs). We take our privacy obligations
More informationData Processing Amendment to Google Apps Enterprise Agreement
Data Processing Amendment to Google Apps Enterprise Agreement The Customer agreeing to these terms ( Customer ) and Google Inc., Google Ireland, or Google Asia Pacific Pte. Ltd. (as applicable, Google
More informationWebsite Privacy Policy
Website Privacy Policy 1 Introduction This Policy applies to the following companies: Navios Ship Management Inc, Navios Tankers Management Inc., Navios Corporation, Navios Containers Management Inc.,
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationEU GDPR & ISO Integrated Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-iso integrated-documentation-toolkit
EU GDPR & https://advisera.com/eugdpracademy/eu-gdpr-iso-27001-integrated-documentation-toolkit Note: The documentation should preferably be implemented in the order in which it is listed here. The order
More informationPrivacy Policy. Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data
Privacy Policy Datacenter.com (referred to as we, us, our, Datacenter or the Company ) is committed to protecting your privacy and handling your data in an open and transparent manner. The personal data
More informationACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION
ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION Document Control Owner: Distribution List: Data Protection Officer Relevant individuals who access, use, store or
More informationBuilding Information Modeling and Digital Data Exhibit
Document E203 2013 Building Information Modeling and Digital Data Exhibit This Exhibit dated the day of in the year is incorporated into the agreement (the Agreement ) between the Parties for the following
More informationhave concluded the following data processing agreement (hereinafter the Data Processing Agreement or this Agreement ):
DATA PROCESSING AGRE EMENT Between [Firm] [Address] [Postal code and city] [VAT no. ] (hereinafter the Data Controller ) and TimeLog A/S Vesterbrogade 149, building. 4, 1. 1620 Copenhagen V VAT no. 25
More informationHF Markets SA (Pty) Ltd Protection of Personal Information Policy
Protection of Personal Information Policy Protection of Personal Information Policy This privacy statement covers the website www.hotforex.co.za, and all its related subdomains that are registered and
More informationPRIVACY POLICY FOR THE LIDC 2018 INTERNATIONAL CONGRESS
PRIVACY POLICY FOR THE LIDC 2018 INTERNATIONAL CONGRESS This privacy policy ("Privacy Policy") is intended for natural person participants, speakers and their accompanying persons and contact persons whose
More informationData Protection Policy
Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...
More informationBUZCOIN TOKENS SALE PRIVACY POLICY. Last updated:
BUZCOIN TOKENS SALE PRIVACY POLICY Last updated: 20.10.2018 STATUS AND ACCEPTANCE OF PRIVACY POLICY 1. This Privacy Policy (hereinafter referred to as the Policy ) sets forth the general rules of Participant
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationReference Offer for Wholesale Roaming Access
Reference Offer for Wholesale Roaming Access Published on the grounds of Article 3 of Regulation (EU) No 531/2012 of the European Parliament and the Council of 13 June 2012 Whereas, Regulation (EU) No
More informationMASTERCARD PRICELESS SPECIALS INDIA PRIVACY POLICY
Effective Date: 12 September 2017 MASTERCARD PRICELESS SPECIALS INDIA PRIVACY POLICY Mastercard respects your privacy. This Privacy Policy describes how we process personal data, the types of personal
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM DATA PROCESSING ADDENDUM This Data Processing Addendum (this Addendum ) is executed by and between Paragon Internet Group Limited t/a Tsohost ( Tsohost ) and you ( Customer ) and
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationOnline Ad-hoc Privacy Notice
Online Ad-hoc Privacy Notice Last revised: 24 May 2018 Table of contents 1 About us and our Surveys... 2 2 What is personal data?... 2 3 Use of personal data... 2 3.1 Categories of personal data that are
More informationDATA MANAGEMENT POLICY
DATA MANAGEMENT POLICY About personal data management in Fishinda application Applicable from May 25, 2018 until revocation Your personal information is used to ensure you the usage of the services provided
More informationEU Data Protection Agreement
EU Data Protection Agreement This Data Protection Agreement ("Agreement") is entered into by and between TechTarget, Inc., a Delaware corporation with a principle place of business at 275 Grove Street,
More informationVistra International Expansion Limited PRIVACY NOTICE
Effective Date: from 25 May 2018 Vistra International Expansion Limited PRIVACY NOTICE This Privacy Notice explains how particular companies in the Vistra Group collect, use and disclose your personal
More information1. Right of access. Last Approval Date: May 2018
Page 1 of 5 I. PURPOSE The European Union s General Data Protection Regulation (GDPR) provides greater data protection for individuals in the European Union (EU). This comprehensive regulation, effective
More informationGeneral Data Protection Regulation
General Data Protection Regulation Workshare Ltd ( Workshare ) is a service provider with customers in many countries and takes the protection of customers data very seriously. In order to provide an enhanced
More informationPPR TOKENS SALE PRIVACY POLICY. Last updated:
PPR TOKENS SALE PRIVACY POLICY Last updated: 05.03.2018 STATUS AND ACCEPTANCE OF PRIVACY POLICY 1. This Privacy Policy (hereinafter referred to as the Policy ) sets forth the general rules of Participant
More informationThis Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).
PRIVACY POLICY Data Protection Policy 1. Introduction This Data Protection Policy (this Policy ) sets out how Brital Foods Limited ( we, us, our ) handle the Personal Data we Process in the course of our
More informationEU-US PRIVACY SHIELD POLICY (Updated April 11, 2018)
EU-US PRIVACY SHIELD POLICY (Updated April 11, 2018) Network TwentyOne International, Inc. located at 7320 McGinnis Ferry Road, Suwanee, Georgia USA 30024 ( N21, we, our, or us ) have the following EU-US
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Introduction The purpose of this document is to provide a concise policy regarding the data protection obligations of Youth Work Ireland. Youth Work Ireland is a data controller
More informationLearning Management System - Privacy Policy
We recognize that visitors to our Learning Management System (LMS) may be concerned about what happens to information they provide when they make use of the system. We also recognize that education and
More informationSaba Hosted Customer Privacy Policy
Saba Hosted Customer Privacy Policy Last Revised 23 May 2018 1. Introduction Saba is committed to protecting information which can be used to directly or indirectly identify an individual ( personal data
More informationDisclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates
Disclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates Index INDEX... 2 1. DISCLOSURE TEXT APPLICABLE TO NATURAL PERSON CERTIFICATES ISSUED ON QSCD...
More informationShaw Privacy Policy. 1- Our commitment to you
Privacy Policy last revised on: Sept 16, 2016 Shaw Privacy Policy If you have any questions regarding Shaw s Privacy Policy please contact: privacy@shaw.ca or use the contact information shown on any of
More informationPRIVACY POLICY OF THE WEB SITE
PRIVACY POLICY OF THE ERANOS FOUNDATION Introductory remarks The Eranos Foundation respects your privacy! Privacy policy EU Norm 2016-769 GDPR 1 We do not sell or distribute any information that we acquire
More informationSubject: Kier Group plc Data Protection Policy
Kier Group plc Data Protection Policy Subject: Kier Group plc Data Protection Policy Author: Compliance Document type: Policy Authorised by: Kier General Counsel & Company Secretary Version 3 Effective
More informationPRIVACY POLICY. What personal data we collect and why we collect it IN ORDER TO: (Date of last update: 1 st January 2019)
PRIVACY POLICY (Date of last update: 1 st January 2019) For the purpose of the Data Protection Act 1998 (the Act) and from the 25 May 2018, the EU General Data Protection Regulation 2016/679 (the GDPR),
More informationChapter 1. Purpose, definitions and application
Regulation on toll service provision for tolls and ferry tickets (the Toll service provider Regulation) Legal authority: Laid down by Royal Decree on dd.mm.yyyy pursuant to the Act of 21 June 1963 no.
More informationPrivacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria
Privacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria General Privacy is a matter of trust, and your trust is important to us. Handling personal data in a responsible
More informationPrivacy Policy. Effective date: 21 May 2018
Privacy Policy Effective date: 21 May 2018 We at Meetingbird know you care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn
More informationBy accessing your Congressional Federal Credit Union account(s) electronically with the use of Online Banking through a personal computer or any other
CONGRESSIONAL FEDERAL CREDIT UNION ELECTRONIC CORRESPONDENCE DISCLOSURE & AGREEMENT Please read this information carefully and print a copy and/or retain this information electronically for your records.
More informationTIA. Privacy Policy and Cookie Policy 5/25/18
TIA Privacy Policy and Cookie Policy 5/25/18 Background: TIA understands that your privacy is important to you and that you care about how your information is used and shared online. We respect and value
More informationDISCLOSURE ON THE PROCESSING OF PERSONAL DATA LAST REVISION DATE: 25 MAY 2018
DISCLOSURE ON THE PROCESSING OF PERSONAL DATA LAST REVISION DATE: 25 MAY 2018 Introduction This disclosure on the processing of personal data (hereinafter, the "Disclosure") is provided pursuant to Art.
More informationVERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT
VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT 84095-9998 SNOWFLY PRIVACY POLICY This Privacy Policy describes Snowfly s practices regarding the
More informationVISTRA (CYPRUS) LTD. PRIVACY NOTICE
Effective Date: from 25 May 2018 VISTRA (CYPRUS) LTD. PRIVACY NOTICE This Privacy Notice explains how particular companies in the Vistra Group collect, use and disclose your personal data, and your rights
More informationPRIVACY POLICY. 1. Introduction
PRIVACY POLICY 1. Introduction 1.1. The Pinewood Studios Group is committed to protecting and respecting your privacy. This privacy policy (together with our Website Terms of Use and Cookies Policy) (Privacy
More informationBeam Suntory Privacy Policy WEBSITE PRIVACY NOTICE
Beam Suntory Privacy Policy WEBSITE PRIVACY NOTICE Beam Suntory ("we"; "us"; "our") respects your privacy and is committed to protecting your personal information at all times in everything we do. We are
More informationVSC-PCTS2003 TEST SUITE TIME-LIMITED LICENSE AGREEMENT
VSC-PCTS2003 TEST SUITE TIME-LIMITED LICENSE AGREEMENT Notes These notes are intended to help prospective licensees complete the attached Test Suite Time-Limited License Agreement. If you wish to execute
More information_isms_27001_fnd_en_sample_set01_v2, Group A
1) What is correct with respect to the PDCA cycle? a) PDCA describes the characteristics of information to be maintained in the context of information security. (0%) b) The structure of the ISO/IEC 27001
More informationCOMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2
COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September 2018 Table of Contents 1. Scope, Purpose and Application to Employees 2 2. Reference Documents 2 3. Definitions 3 4. Data Protection Principles
More informationDeloitte Audit and Assurance Tools
Deloitte Audit and Assurance Tools Privacy Statement Last updated: 26 September 2017 Introduction This Privacy Statement applies to our various audit and assurance tools and other related online tools
More informationVISTRA NETHERLANDS PRIVACY NOTICE
Effective Date: from 25 May 2018 VISTRA NETHERLANDS PRIVACY NOTICE This Privacy Notice explains how particular companies in the Vistra Group collect, use and disclose your personal data, and your rights
More informationPrivacy Statement for Use of the Certification Service of Swisscom (sales name: "All-in Signing Service")
Swisscom (sales name: "All-in Signing Service") General Privacy is a matter of trust, and your trust is important to us. Handling personal data in a responsible and legally compliant manner is a top priority
More informationPERSONAL DATA PROTECTION POLICY
PERSONAL DATA PROTECTION POLICY With a view to protecting the privacy and data of its contacts (users of its website, contacts made at professional meetings, or through records, projects, partnerships,
More informationAfrican Theatre Association (AfTA) PRIVACY POLICY
African Theatre Association (AfTA) PRIVACY POLICY 1. Our Privacy Pledge We store your personal data safely. We won't share your details with anyone else. You can change your preferences or opt out from
More informationIntroductory guide to data sharing. lewissilkin.com
Introductory guide to data sharing lewissilkin.com Executive Summary Most organisations carry out some form of data sharing, whether it be data sharing between organisations within the group or with external
More informationADIENT VENDOR SECURITY STANDARD
Contents 1. Scope and General Considerations... 1 2. Definitions... 1 3. Governance... 2 3.1 Personnel... 2 3.2 Sub-Contractors... 2 3.3. Development of Applications... 2 4. Technical and Organizational
More informationEU Data Protection Agreement
EU Data Protection Agreement This Data Protection Agreement ("Agreement") is entered into by and between TechTarget, Inc., a Delaware corporation with a principle place of business at 275 Grove Street,
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationDigital Signatures Act 1
Issuer: Riigikogu Type: act In force from: 01.07.2014 In force until: 25.10.2016 Translation published: 08.07.2014 Digital Signatures Act 1 Amended by the following acts Passed 08.03.2000 RT I 2000, 26,
More informationDATA PROTECTION AND PRIVACY POLICY
DATA PROTECTION AND PRIVACY POLICY Data Protection Act London Capital Group (Cyprus) Limited (LCG) may process information relating to you, including holding such information in a manual format or electronic
More informationCAPGEMINI BINDING CORPORATE RULES
CAPGEMINI BINDING CORPORATE RULES Introduction As one of the world s foremost providers of consulting, technology and outsourcing services to a wide array of clients around the world, Capgemini is committed
More informationSURGICAL REVIEW CORPORATION Privacy Policy
SURGICAL REVIEW CORPORATION Privacy Policy Your privacy is very important to us. Please read below to see how Surgical Review Corporation ( SRC ) handles information. SRC respects your privacy and shares
More information