What Is A System Protection Agreement

ROLE:

ARE AGREEd on the following contractual clauses (the clauses) to ensure the protection of the privacy and fundamental rights and freedoms of individuals with respect to the transfer of personal data covered by the data importer. `data protection legislation`, legislation on the protection of fundamental human rights and freedoms, and, in particular, their right to privacy with regard to the handling of personal data that applies to the customer, including, but not exclusively, the General Data Protection Regulation (European Parliament and Council Regulation 2016/679 on the protection of individuals with respect to the processing of personal data and the free movement of such data); and repealing Directive 94/46/RC (`RGPD`) and any modification, replacement or extension of any binding national legislation transposing EU legislation and other binding data protection or data protection directives, laws, regulations and provisions applicable in a timely manner, including the guidelines and codes of conduct adopted by the relevant supervisory authority; The data importer accepts and guarantees: (a) processing personal data only on behalf of the data exporter and in accordance with its instructions and clauses; if, for whatever reason, it is unable to comply, it undertakes to immediately inform the data exporter of its inability to comply, in which case the data exporter is authorized to suspend the transfer of data and/or terminate the contract; (b) that it has no reason to believe that the current legislation prevents it from complying with the instructions received from the data exporter and its contractual obligations and that, in the event of a change in this legislation that could have a material negative effect on the safeguards and obligations in the clauses, it will immediately inform the exporter as soon as it becomes aware of it, in which case the data exporter is allowed to suspend the data transmission; (c) that it implemented the technical and organizational security measures covered by Appendix 2 prior to the processing of personal data transmitted; (d) promptly inform the data exporter of the following issues: (i) any legally binding request for disclosure of personal data by a law enforcement agency, unless otherwise prohibited, such as a criminal prohibition. B to preserve the confidentiality of a criminal investigation, (ii) any fortuitous or unauthorized access, and (iii) any request that goes directly against the persons concerned without responding to that request, unless it has been authorized to do so; (e) to process without delay and formal any request from the exporter of data concerning the processing of personal data subject to transmission and to comply with the advice of the supervisory authority when processing the transmitted data; (f) at the request of the data exporter, to present its data processing services for the review of processing activities covered by the clauses, carried out by the data exporter or by a supervisory body composed of independent members and holding the required professional qualifications, which are bound by a confidentiality obligation, possibly selected by the data exporter in agreement with the supervisory authority; (g) make available to the person concerned, upon request, a copy of the clauses or an existing contract for sub-treatment, unless the clauses or contract contain commercial information, in which case they may withdraw this commercial information, with the exception of Appendix 2, which is replaced by a summary description of security measures in cases where the person concerned is unable to obtain a copy of the exporter; (h) that it has previously informed the data exporter in the event of subconscition and obtained its prior written consent; (i) that processing services be provided by the subcontractor in accordance with Point 11; (j) to provide the data exporter with a copy of a subcontract that it enters into in accordance with the terms.