Data Protection Agreement
|
|
- Amos King
- 7 years ago
- Views:
Transcription
1 Data Protection Agreement between... (the Controller ) and S.C. BITDEFENDER S.R.L. (hereafter mentioned as Bitdefender), with its official headquarters in Bucharest, district 2, Delea Veche street, no. 24, building A, registered in the Bucharest Trade Register with number J40/20427/2005, fiscal code RO , privacy@bitdefender.com processes personal data in agreement with the Romanian data protection legislation (Law 677/2001) and the EU directive on personal data (Directive 95/46/EC) and is registered at the Romanian Data Protection Authority under number (the Processor ) Preamble This annex specifies the data protection obligations of the parties which arise from data processing on behalf, as stipulated in the Bitdefender license agreement that accompanies each Bitdefender Product ( Main Agreement ). It applies to all activities performed in connection with the Main Agreement in which the staff of the data processor on behalf ( Processor ) or a third party acting on behalf of the processor may come into contact with personal data of the controller of the data ( Controller ). The following provisions shall apply to all services of order processing within the meaning of Section 11 FDPA (German Federal Data Protection Act), which are provided by Processor to Controller. 1. Subject-matter and Duration of the order 1.1 Processor shall process personal data on behalf of Controller and in accordance with Controller`s instructions, the FDPA and the provisions of this agreement. The details of the contractual services are set out in the Main Agreement. 1.2 The duration of this Data Protection Agreement is equal to the term of the Main Agreement.
2 2. Extent, type and purpose of the data processing, categories of data and circle of data subjects 2.1 The scope, nature and purpose of the collection, processing and/or use of personal data by the Processor on behalf of the Controller are described in detail in the Agreement. Processing on behalf shall include the circle of data subjects, the categories of personal data and purposes listed below: a) Circle of data subjects: users of the Bitdefender Products, including but not limited to employees and end customers. b) Categories of data: name, surname, , profession; IP address, unique internal identification code of the device on which the product was installed, licenses codes, other technical data of the device that uses the software services supplied by the data processor. c) Purpose of collection, processing or use of data: a) Processing of Controller's contact data in order to supply IT security software products and services; b) Processing the data of the employees of the data controller for the purpose of supplying IT security software services, c) Processing personal data for the purpose of embittering the quality of services/products; d) Processing personal data for the purposes of contacting, support and granting additional information ; 2.2 Within the scope of this Agreement, Controller shall be solely responsible for complying with the statutory requirements relating to data protection, in particular regarding the transfer of personal data to Processor and the processing of personal data by Processor (acting as responsible body as defined in Section 3 (7) FDPA). 2.3 Processor shall process personal data on behalf of Controller. Processing shall include such actions as may be specified in the Main Agreement and in the scope of work, especially performance of services related to the processing of data in the area of advisory and support services mentioned in the Main Agreement. 2.4 Due to Controller`s responsibility during the term of this Agreement, Processor shall be obliged: - to use the personal data only for the intended purposes pursued by the Controller and the fulfillment of the contractual obligations.
3 - to process personal data solely according to Controller s instructions and to correct, delete and block data without undue delay. 2.5 Processor shall be permitted to create necessary procedurally and safetyrelevant intermediate-, temporary- or duplication files for performance-related processing and use of personal data, in so far as this does not lead to a substantive transformation. Beyond this, Processor shall not be permitted to create unauthorized copies of personal data. 2.6 The data shall be processed and used exclusively within the territory of the Federal Republic of Germany, a Member State of the European Union or another signatory to the Agreement on the European Economic Area. Except as herein stated (as for example in art 7.1), any transfer of data to a third country shall require the prior information of Controller and shall only be permitted if the special requirements set out in Sections 4b and 4c FDPA are met. 2.7 Controller as the data controlling entity shall be responsible for ensuring the rights of the data subjects. Rights of the data subjects are to be exercised against Controller. Provided that the cooperation of Processor is needed for Controller to ensure the data subjects rights (especially the right to information, rectification, blocking or deletion), Processor shall take the necessary measures in accordance with the instructions of Controller. 3. Obligations of Processor 3.1 Processor shall collect, process and use personal data only within the scope of Controller s instructions. Any instruction by Controller to Processor related to processing shall, initially, be defined in the Agreement. 3.2 Processor shall, without undue delay, inform Controller of any material breach of regulations for the protection of Controller s personal data, committed by Processor or Processor s personnel. After consulting with Controller, Processor shall implement the measures necessary to secure the data and to mitigate potential adverse effects on the data subjects. Processor shall support Controller in fulfilling Controller s disclosure obligations under Section 42a FDPA. 3.3 Controller shall remain owner of any data / data carriers provided to Processor as well as any copies or reproductions thereof. Processor shall store such media safely and protect it against unauthorised access by third parties. Processor shall, upon Controller s request, provide to Controller all information on Controller s personal Data and information. Processor shall be obliged to securely delete any test material based on an Instruction issued by Controller on a case-by-case basis. Where Controller so decides, Processor shall hand over such material to Controller or store it on Controller s behalf. Processor shall be obliged to verify the fulfilment of these obligations and shall maintain an adequate documentation of such verification.
4 3.4 If a data subject contacts Processor directly to request the correction or deletion of his personal data, Processor must forward this request to the Controller without undue delay. Where Controller is obliged to provide information to an individual about the collection, processing or use of his/her personal data, Processor shall assist Controller in making this information available. 4. Obligations of Controller 4.1 Within the scope of this Agreement, Controller shall be solely responsible for complying with the statutory data privacy and protection regulations, including, but not limited to, the lawfulness of the transfer to Processor and the lawfulness of processing. 4.2 Controller shall, without undue delay and in a comprehensive manner, inform Processor of any defect Controller may detect in Processor s work results and of any irregularity in the implementation of statutory regulations on data privacy. 4.3 Controller shall be obliged to maintain the publicly available register as defined in Section 4g (2) sentence 2 FDPA. 4.4 Instructions shall generally be issued within the scope of the use of the application. If Controller issues single instructions that go beyond the contractually agreed services, Controller shall bear the costs incurred as a result (see also paragraph 6). 4.5 Controller shall be responsible for fulfilling the duties to inform according to Section 42a FDPA. 4.6 Controller shall be obliged to treat all information of Processor regarding business secrets and data security measures obtained within the contractual relationship strictly confidential. 5. Technical/organizational measures 5.1 Within Processor s area of responsibility, Processor shall structure Processor s internal corporate organisation to ensure compliance with the specific requirements of data protection. Processor shall take the appropriate technical and organisational measures to adequately protect Controller s personal data against misuse and loss in accordance with the requirements of Section 9 FDPA. An overview of the described technical and organisational measures shall be attached to this Agreement. 5.2 The technical and organizational measures are subject to technical progress and development, and the Processor may implement adequate alternative measures. However, these must not fall short of the level of security provided by the measures specified in the attachment. 6. Controller s authority to issue instructions
5 6.1 The data may only be handled under the terms of the agreements concluded and the instructions issued by Controller. 6.2 Processor shall inform Controller immediately, in accordance with Section 11 (3) sentence 2 FDPA, if he believes that there has been an infringement of legal data protection provisions. He may then postpone the execution of the relevant instruction until it is confirmed or changed by the Controller s representative. 6.3 Any instruction by Controller to Processor related to processing shall, initially, be defined in the Agreement. With the performance of the service in accordance with the contract Processor shall obey Controller`s instructions. 7. Subcontractors 7.1 Processor shall be entitled to subcontract Processor s obligations to third parties. Controller acknowledges that Processor s contractual obligations hereunder, or the parts of the deliverables defined, may be performed by a subcontractor, namely Amazon Web Services, using servers primary from EU territories, or using other servers compliant to the EU Standard Contractual Clauses, notified to a European Data Protection Authority according to European Union applicable legislation. 7.2 If Processor engages further subcontractors functioning as data processors in terms of Sections 9, 11 FDPA Processor shall inform Contractor thereof without undue delay. Contractor shall be able to reject the commissioning of subcontractors only for substantially justified reasons. A substantially justified reason is in particular if there are indications a that the commissioning endangers or impairs the contractual services b that the cooperation with the subcontractor endangers the fulfilment of legal or contractual obligations of Controller, in particular concerning supervisory regulations. 7.3 Processor shall set out the contractual agreements with the subcontractor(s) in a way that they reflect the data protection provisions agreed on between Controller and Processor. The Processor has to monitor the compliance with such obligations on a regular basis. Transmission of data shall be admissible only if subcontractor fulfills the obligations according to Section 11 FDPA. 8. Audit Obligations 8.1 Controller has the right to monitor Processor s compliance of all directives and provisions of this Agreement. Such monitoring and other regular evaluation activities shall be conducted during standard office hours. In general, such controls shall be
6 announced. The Controller shall coordinate such visits with Processor to ensure a minimal disturbance of Processor s ongoing operations. Processor shall not be entitled to demand payment from Controller for permitting and/or supporting the implementation of such controls. The monitoring and ensuing results shall be documented and signed by both parties. 8.2 Processor shall, upon Controller s written request and within a reasonable period of time, submit to Controller all information, documentation and other means of factual proof necessary for the conduction of an audit. 9. Deletion of data and return of data media Upon completion of the contractual work or when requested by Controller and no later than the end-date of the Main Agreement the Processor shall return to Controller all documents/data media in his possession as well as all work products and data produced in connection with the commission, or delete them in compliance with data protection law with the prior consent of Controller. The same applies to any test data and scrap material. The deletion log must be presented upon request. If Controller wishes an additional destruction by an external service provider, Processor will carry this out at the expense of Controller. 10. Correction, deletion and blockings of data Processor may only correct, delete or block the data processed on behalf of Controller when instructed to do so by Controller. 11. Data secrecy /Business secret 11.1 Processor shall provide services towards Controller solely within the scope of the provisions of this contract and according to Controller s instructions. Processor shall not use any data made available by Controller for data processing for other purposes. Copies and duplicates shall be created solely for backups as part of the usual data storage practice. Controller shall be informed thereof. Processor shall ensure that any personnel entrusted with processing Controller s personal data has to comply with the principle of data secrecy and has been sworn to data secrecy in writing. Processor confirms to have knowledge of the relevant data protection regulations. Processor shall ensure that any personnel entrusted with processing Controller s personal data has been duly instructed on the protective regulations of the FDPA. The commitment to data secrecy shall continue after the termination of the contract.
7 11.4 Processor shall maintain strict confidentiality and shall not disclose, disseminate or use any confidential information belonging to Controller. Processor will put his employees under an obligation to confidentiality. 12. Duties to inform, mandatory written form 12.1 Where Controller s data becomes subject to search and seizure, an attachment order, confiscation during bankruptcy or insolvency proceedings, or similar events or measures by third parties while in Processor s control, Processor shall notify Controller of such action without undue delay. Processor shall, without undue delay, notify to all parties involved in such action, that any data affected thereby is in Controller s sole property and area of responsibility, that data is at Controller s sole disposition, and that Controller is the responsible body in the sense of the FDPA No modification of this annex and/or any of its components including, but not limited to, Processor s representations and warranties, if any shall be valid and binding unless made in writing and then only if such modification expressly states that such modification applies to the regulations of this annex. The foregoing shall also apply to any waiver or modification of this mandatory written form. An overview of the technical and organisational measures taken by Processor are available below. Bitdefender SRL... Florin Talpes... President... Date:... Please send a scanned copy of the executed Agreement at privacy@bitdefender.com
8 Technical and organizational measures for Bitdefender SRL as a data processor All Bitdefender information security policies are ISO certified the information below just highlights some of the technical and organizational measures on place that could be shared with our partners if you need further details on these measures please contact us at privacy@bitdefender.ro 1. Access control to premises and facilities Unauthorized access (in the physical sense) must be prevented. Technical and organizational measures to control access to premises and facilities, particularly to check authorization: 2. - Access control system: Magnetic card; - (Issue of) keys: Keys. - Door locking: electronic doors - Security staff, janitors: Magnetic card - Surveillance facilities : Alarm system, Video/CCTV monitor and alarm connected to an external specialized security company. Access control to systems Unauthorized access to IT systems must be prevented. Technical (ID/password security) and organizational (user master data) measures for user identification and authentication: e) User name, distinct for each employee; f) Password procedures (incl. special characters, minimum length, change of password): password, for each user name a different password, composed of 9 characters, including small and big letters, number, signs and diacritical; when the password is being written the password is not visible and the passwords are being changed at each 60 days, by authorizes staff: the user name and the password are confidential; g) Automatic blocking (e.g. password or timeout): at each five minutes. h) Active directory i) User review
9 3. Access control to data Activities in IT systems not covered by the allocated access rights must be prevented. Requirements-driven definition of the authorization scheme and access rights, and monitoring and logging of accesses: Differentiated access rights (profiles, roles, transactions and objects) Reports: Logs and alerts Access: internal procedure regarding the access. Change and Deletion: Access control policy based on need to know and need to use 4. Disclosure control Aspects of the disclosure of personal data must be controlled: electronic transfer, data transport, transmission control, etc. Measures to transport, transmit and communicate or store data on data media (manual or electronic) and for subsequent checking: Secure communication channels Logging, reports and reviews Transport security 5. Input control Full documentation of data management and maintenance must be maintained. Measures for subsequent checking whether data have been entered, changed or removed (deleted), and by whom: Logging and reporting systems Authentication and authorization 6. Job control Commissioned data processing must be carried out according to instructions. Measures (technical/organizational) to segregate the responsibilities : Unambiguous wording of the contract Access control policy based on need to know and need to use
10 Monitoring Privileged User account administration policy 7. Availability control The data must be protected against accidental destruction or loss. Measures to assure data security (physical/logical): Examples: Backup procedures Mirroring of hard disks, e.g. RAID technology Remote storage Anti-virus/firewall systems 8. Segregation control Data collected for different purposes must also be processed separately. Measures to provide for separate processing (storage, amendment, deletion, transmission) of data for different purposes: Examples: Limitation of use Segregation of functions (production/testing/support) Access control policy based on need to know and need to use
ECSA EuroCloud Star Audit Data Privacy Audit Guide
ECSA EuroCloud Star Audit Data Privacy Audit Guide Page 1 of 15 Table of contents Introduction... 3 ECSA Data Privacy Rules... 4 Governing Law... 6 Sub processing... 6 A. TOMs: Cloud Service... 7 TOMs:
More informationAstaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between
Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen Supplementary data protection agreement to the license agreement for license ID: between...... represented by... Hereinafter referred to as the "Client"
More informationThis Amendment consists of two parts. This is part 1 of 2 and must be accompanied by and signed with part 2 of 2 (Annex 1) to be valid.
Microsoft Online Subscription Agreement Amendment adding Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Proposal ID MOSA number Microsoft to complete This Amendment
More informationOffice 365 Data Processing Agreement with Model Clauses
Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services
More informationGeneral Terms and Conditions of Trade for the use of the Bitplaces management platform and the Bitplaces software
General Terms and Conditions of Trade for the use of the Bitplaces management platform and the Bitplaces software I. Definitions, application area / conclusion of contract 1. Definitions 1.1 "App" in the
More informationProcessor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
More informationMicrosoft Online Services - Data Processing Agreement
Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID This Amendment consists of
More informationBinding Corporate Rules ( BCR ) Summary of Third Party Rights
Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting
More informationThe supplier shall have appropriate policies and procedures in place to ensure compliance with
Supplier Instructions for Processing of Personal Data 1 PURPOSE SOS International has legal and contractual obligations on the matters of data protection and IT security. As a part of these obligations
More informationPORTERS HR Business Cloud Terms of Use
PORTERS HR Business Cloud Terms of Use A Customer using the PORTERS HR Business Cloud Service ( PORTERS HR Business Cloud ) shall be deemed to have agreed to the following provisions and conditions simultaneously
More informationAccess Control Policy
Version 3.0 This policy maybe updated at anytime (without notice) to ensure changes to the HSE s organisation structure and/or business practices are properly reflected in the policy. Please ensure you
More informationService Schedule for CLOUD SERVICES
Service Schedule for CLOUD SERVICES This Service Schedule is effective for Cloud Services provided on or after 1 September 2013. Terms and Conditions applicable to Cloud Services provided prior to this
More informationThe Manitowoc Company, Inc.
The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational
More informationData Protection Policy.
Data Protection Policy. Data Protection Policy Foreword 2 Foreword Ladies and Gentlemen, In the information age, we offer customers the means to be always connected, even in their cars. This requires data
More informationUNIPOLSAI ASSICURAZIONI S.p.A. Ordinary and Extraordinary Meeting of 26 January 2015 Proxy form and Voting instructions to Computershare S.p.A.
Computershare S.p.A., through its employee or duly entrusted staff member, acting as Appointed Representative of UNIPOLSAI ASSICURAZIONI S.p.A. (the Company) pursuant to article 135-undecies of Italian
More informationon Electronic Signature and change to some other laws (Electronic Signature Act) The Parliament has hereby agreed on this Act of the Czech Republic:
227/2000 Coll. ACT of 29 th June 2000 on Electronic Signature and change to some other laws (Electronic Signature Act) Amendment: 226/2002 Coll. Amendment: 517/2002 Coll. Amendment :440/2004 Coll. Amendment:
More informationHow To Protect Your Data In European Law
Corporate Data Protection Code of Conduct for the Protection of the Individual s Right to Privacy in the Handling of Personal Data within the Deutsche Telekom Group 2010 / 04 We make ICT strategies work
More information<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129
Addendum Amendment ID Proposal ID Enrollment number Microsoft to complete This addendum ( Windows Azure Addendum ) is entered into between the parties identified on the signature form for the
More informationPRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy)
PRESIDENT S DECISION No. 40 of 27 August 2013 Regarding Data Protection at the European University Institute (EUI Data Protection Policy) THE PRESIDENT OF THE EUROPEAN UNIVERSITY INSTITUTE, Having regard
More informationTerms & Conditions of HYPE Softwaretechnik GmbH ( HYPE ) for HYPE Enterprise Express (Version October 2015) 1 Scope
1 Scope 1 (1) These terms and conditions (the T&C HYPE Enterprise Express ) together with the description of the Software Services provided by HYPE accepted by Customer by completing the HYPE Enterprise
More informationEnrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES17 --------------
w Microsoft Volume Licensing Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 Enrollment for Education Solutions number Microsoft to complete --------------
More informationSOFTWARE LICENSE AGREEMENT
SOFTWARE LICENSE AGREEMENT This Software License Agreement (this Agreement ) is entered into as of the installation date of the software by and between Nanotron Technologies GmbH, a German corporation
More informationMicrosoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10
Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID This Microsoft Online Services Security Amendment ( Amendment ) is between
More informationClause 1. Definitions and Interpretation
[Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-
More informationUNIPOLSAI ASSICURAZIONI S.p.A. Ordinary and Extraordinary Meeting of 27 April 2016 Proxy form and Voting instructions to Computershare S.p.A.
Computershare S.p.A., through its employee or duly entrusted staff member, acting as Appointed Representative of UNIPOLSAI ASSICURAZIONI S.p.A. (the Company) pursuant to article 135-undecies of Italian
More informationGeneral Terms and Conditions Regarding Accepting Ticket solutions for Meal and/or Sports and Cultural Services
General Terms and Conditions Regarding Accepting Ticket solutions for Meal and/or Sports and Cultural Services 1. Purpose and Scope 1.1 The General Terms and Conditions shall be applicable to a contractual
More informationINFORMATION TECHNOLOGY MANAGEMENT CONTENTS. CHAPTER C RISKS 357-7 8. Risk Assessment 357-7
Information Technology Management Page 357-1 INFORMATION TECHNOLOGY MANAGEMENT CONTENTS CHAPTER A GENERAL 357-3 1. Introduction 357-3 2. Applicability 357-3 CHAPTER B SUPERVISION AND MANAGEMENT 357-4 3.
More informationMIS Privacy Statement. Our Privacy Commitments
MIS Privacy Statement Our Privacy Commitments MIS Training Institute Holdings, Inc. (together "we") respect the privacy of every person who visits or registers with our websites ("you"), and are committed
More informationAIRBUS GROUP BINDING CORPORATE RULES
1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These
More informationDOCUMENT. General Purchase Conditions
1. Scope 1.1 These general purchase conditions (hereinafter the GPC ) shall apply to all kinds of materials, articles, products and services related to them, (hereinafter Products ), offered, sold or supplied
More informationM E M O R A N D U M. Revised Information Technology Security Procedures INFORMATION TECHNOLOGY SECURITY PROCEDURES. I. General
M E M O R A N D U M To: From: IT Steering Committee Brian Cohen Date: March 26, 2009 Subject: Revised Information Technology Security Procedures The following is a revised version of the Information Technology
More informationCorporate Policy. Data Protection for Data of Customers & Partners.
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,
More informationGuidelines on Data Protection. Draft. Version 3.1. Published by
Guidelines on Data Protection Draft Version 3.1 Published by National Information Technology Development Agency (NITDA) September 2013 Table of Contents Section One... 2 1.1 Preamble... 2 1.2 Authority...
More informationPolicy and Procedure for approving, monitoring and reviewing personal data processing agreements
Policy and Procedure for approving, monitoring and reviewing personal data processing agreements 1 Personal data processing by external suppliers, contractors, agents and partners Policy and Procedure
More informationANGUS COUNCIL SUPPLEMENTARY CONDITIONS OF CONTRACT. SC 01 - Contract Performance Guarantee Insurance
SC 01 - Contract Performance Guarantee Insurance For contracts equal to or exceeding 750,000 in value the Contractor shall, within 28 days of the date of the award of the Contract, obtain and provide to
More informationAnnex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015
Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred
More informationLicense Agreement Software as a Service (SaaS)
License Agreement Software as a Service (SaaS) Please read the following terms and conditions carefully. By clicking the accept option, downloading or installing the Software, paying for or using the Service,
More informationACT. of 15 March 2002
215 ACT of 15 March 2002 on electronic signature and on the amendment and supplementing of certain acts as amended by Act No. 679/2004 Coll., Act No. 25/2006 Coll., Act No. 275/2006 Coll., Act No. 214/2008
More informationeprivacyseal GmbH Criteria catalogue EU November 2013
eprivacyseal GmbH Criteria catalogue EU November 2013 The EPS data privacy seal certifies for the respective applicant that its product or service is in line with the detailed criteria in the following
More informationAPPLICANT VERIFICATION SERVICES TERMS AND CONDITIONS OF USE
APPLICANT VERIFICATION SERVICES TERMS AND CONDITIONS OF USE 1 P a g e Contents 1. Interpretation and Definitions 2. Commencement and Term 3. Recitals and Relationship 4. Services 5. Systems and Software
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BA Agreement ) is entered into by Medtep Inc., a Delaware corporation ( Business Associate ) and the covered entity ( Covered Entity
More informationTerms and Conditions of Use - Connectivity to MAGNET
I, as the Client, declare to have read and accepted the terms and conditions set out below for the use of the network connectivity to the Malta Government Network (MAGNET) provided by the Malta Information
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationSupplier IT Security Guide
Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA
More informationAppendix : Business Associate Agreement
I. Authority: Pursuant to 45 C.F.R. 164.502(e), the Indian Health Service (IHS), as a covered entity, is required to enter into an agreement with a business associate, as defined by 45 C.F.R. 160.103,
More informationEND USER LICENSE AGREEMENT DATABASE MANAGEMENT TOOL LICENSE
END USER LICENSE AGREEMENT DATABASE MANAGEMENT TOOL LICENSE IMPORTANT: BY INSTALLING THIS SOFTWARE THE LICENSEE ACCEPTS THE TERMS AND CONDITIONS CONTAINED HEREIN AND THIS AGREEMENT ENTERS INTO FORCEBETWEEN
More informationPrivacy Policy documents for
Privacy Policy documents for Praendex Incorporated doing business as PI Worldwide Product User Privacy Policy - For Customers, as well as those invited to our websites to complete a PI Survey or SSAT General
More informationEstate Agents Authority
INFORMATION SECURITY AND PRIVACY PROTECTION POLICY AND GUIDELINES FOR ESTATE AGENTS Estate Agents Authority The contents of this document remain the property of, and may not be reproduced in whole or in
More informationOVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.
Joint work between experts from the Article 29 Working Party and from APEC Economies, on a referential for requirements for Binding Corporate Rules submitted to national Data Protection Authorities in
More informationCorporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data
Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data *) For the purposes of these Corporate Guidelines, Third Countries are all those countries, which do not
More informationStandard conditions of purchase
Standard conditions of purchase 1 OFFER AND ACCEPTANCE 2 PROPERTY, RISK & DELIVERY 3 PRICES & RATES The Supplier shall provide all Goods and Services in accordance with the terms and conditions set out
More informationACT. of 22 May 2003. on insurance mediation 1. Chapter 1. General Provisions
Kancelaria Sejmu Page 1 of 29 ACT of 22 May 2003 on insurance mediation 1 Chapter 1 General Provisions Article 1. This Act lays down rules for pursuing insurance mediation in the field of life and non
More informationTEXTURA AUSTRALASIA PTY LTD ACN 160 777 088 ( Textura ) CONSTRUCTION PAYMENT MANAGEMENT SYSTEM TERMS AND CONDITIONS OF USE
TEXTURA AUSTRALASIA PTY LTD ACN 160 777 088 ( Textura ) CONSTRUCTION PAYMENT MANAGEMENT SYSTEM TERMS AND CONDITIONS OF USE Welcome to the Textura Construction Payment Management ( CPM ) System. By clicking
More informationZIMPERIUM, INC. END USER LICENSE TERMS
ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationRecommendations for companies planning to use Cloud computing services
Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation
More informationGRTGAZ NETWORK TRANSMISSION CONTRACT
Page 1 of 9 GRTGAZ NETWORK TRANSMISSION CONTRACT APPENDIX A3 STANDARD EVIDENCE AGREEMENT English translation for information. Disclaimer The present translation is not binding and is provided by GRTgaz
More informationGENERAL SOFTWARE LICENCE TERMS AND CONDITIONS of Fritz & Macziol GmbH Current as of March 2014
GENERAL SOFTWARE LICENCE TERMS AND CONDITIONS of Fritz & Macziol GmbH Current as of March 2014 Section 1 Preamble The following software licence terms and conditions stipulate the extent of the rights
More informationOn Data Protection and the Detailed and Uniform Data Management Regulation
Rector s Directive No. 1/2013 On Data Protection and the Detailed and Uniform Data Management Regulation Budapest, 2013 Version effective as of 31 January 2013 Directives on Data Protection and the Uniform
More informationData Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document
Data Protection Processing and Transfer of Personal Data in Kvaerner Binding Corporate Rules Public Document 1 of 19 1 / 19 Table of contents 1 Introduction... 4 1.1 Scope... 4 1.2 Definitions... 4 1.2.1
More informationSWEDBANK AS TERMS AND CONDITIONS FOR PAYMENT CARDS SERVICING Valid from 01.12.2014
SWEDBANK AS TERMS AND CONDITIONS FOR PAYMENT CARDS SERVICING Valid from 01.12.2014 1. TERMS AND DEFINITIONS 1.1 Account is a current account of the Merchant specified in the Agreement. 1.2 Agreement is
More informationCOMMISSION REGULATION (EU)
L 122/22 Official Journal of the European Union 11.5.2011 COMMISSION REGULATION (EU) No 445/2011 of 10 May 2011 on a system of certification of entities in charge of maintenance for freight wagons and
More informationElectronic Communications Privacy Protection Act. SECTION 1. {Title} This Act may be cited as the Electronic Communications Privacy Protection Act.
Summary: The proliferation of electronic communications presents new challenges for state laws protecting personal information from unauthorized search. This model act aims to provide some clarity for
More informationNew Relic EU Data Protection Whitepaper
New Relic EU Data Protection Whitepaper November 2015 New Relic, Inc. 188 Spear Street San Francisco, CA 94105 1 Table of Contents I. Introduction II. Purpose III. Overview of Directive 95/46/EC IV. New
More informationData Protection Policy
Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and
More informationGeneral Terms and Conditions of Business of e-spirit AG
General Terms and Conditions of Business of e-spirit AG for the purchase and use of FirstSpirit as well as for software maintenance and training services I. Scope These General Terms and Conditions of
More informationData protection compliance checklist
Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing
More informationsingapore american school
Background The Singapore Personal Data Protection Act - 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use, disclosure, and care of personal data.
More informationCredit Reporting Privacy Policy of Baybrick Pty Ltd
Credit Reporting Privacy Policy of Baybrick Pty Ltd Introduction 1. This Credit Reporting Privacy Policy is the official privacy policy of Baybrick Pty Ltd and its subsidiaries which includes JBS Australia
More informationTrading Terms and Conditions for the @FAKTURA.24 Service of Česká spořitelna, a.s.
Trading Terms and Conditions for the @FAKTURA.24 Service of Česká spořitelna, a.s. 1. Definition of scope I. INITIAL PROVISIONS 1.1. The Trading Terms and Conditions for the @FAKTURA.24 Service of Česká
More information07/2013. Specific Terms and Conditions Mobile Device Management
07/2013 Specific Terms and Conditions Mobile Device Management GENERAL PROVISIONS 1. Offer and Agreement 1.1 The present contractual terms and conditions (hereinafter referred to as Terms and Conditions
More informationPRINCIPLES OF THE TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY. Introduction
PRINCIPLES OF THE TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY Introduction The continuous globalization of the world economy influences the international transfer of personal data. The transfer of personal
More informationWEBSITE HOSTING SERVICES AGREEMENT. Effective Date: 1/1/2015
WEBSITE HOSTING SERVICES AGREEMENT Effective Date: 1/1/2015 1) Scope of Services. Company will provide Client a shared or dedicated virtual machine, an Internet address for storage and access to Content,
More informationProcessing Regulations for SWICA's Automated Data Collections SWICA Römerstrasse 38, 8401 Winterthur
Processing Regulations for SWICA's Automated Data Collections SWICA Römerstrasse 38, 8401 Winterthur 15.04.2016 1/11 Table of contents 1 General... 4 1.1 Legal basis... 4 1.2 Purpose of the regulations...
More informationHow To Write A Report On A Recipe Card
Opinion on a notification for Prior Checking received from the Data Protection Officer of the European Investment Bank (EIB) concerning procedures related to "360 Leadership feedback report" Brussels,
More informationApplication Programming Interface (API) Application (app) - The API app is the connector between epages and the developers service.
Developer Program 0. Preamble epages is the owner and vendor of the online shop software epages which enables merchants to run their online shop in the cloud. epages provides a developer program for third
More informationHIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as
HIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as required by HIPAA. 1. Definitions. a. Business Associate, as used in this Contract, means the
More informationHow To Use Nordea Internet And Telephone Banking
TERMS AND CONDITIONS OF INTERNET AND TELEPHONE BANKING SERVICES FOR PRIVATE CUSTOMERS Effective as of 2014-07-10 1. DEFINITIONS 1.1. Terms and Conditions these Terms and Conditions of Internet and Telephone
More informationTerms and Conditions for Remote Data Transmission
Terms and Conditions for Remote Data Transmission (Status 31 October 2009) 1. Scope of services (1) The Bank is available to its Customers (account holders) for remote transmission of data by electronic
More informationProtective security governance guidelines
Protective security governance guidelines Security of outsourced services and functions Approved 13 September 2011 Version 1.0 Commonwealth of Australia 2011 All material presented in this publication
More informationMODEL CONTRACTS FOR SMALL FIRMS LEGAL GUIDANCE FOR DOING INTERNATIONAL BUSINESS
MODEL CONTRACTS FOR SMALL FIRMS LEGAL GUIDANCE FOR DOING INTERNATIONAL BUSINESS International Trade Centre, August 2010 Contents Foreword Acknowledgements Introduction Chapter 1 International Contractual
More informationAlign Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:
More informationTERMS AND CONDITIONS OF PAYMENT CARD ACQUIRING SERVICES AGREEMENT Valid from 16.02.2015
TERMS AND CONDITIONS OF PAYMENT CARD ACQUIRING SERVICES AGREEMENT Valid from 16.02.2015 1. DEFINITIONS 1.1 Settlement Day a day on which the Bank is open for general banking operations. Generally, the
More informationDEALERSHIP IDENTITY THEFT RED FLAGS AND NOTICES OF ADDRESS DISCREPANCY POLICY
DEALERSHIP IDENTITY THEFT RED FLAGS AND NOTICES OF ADDRESS DISCREPANCY POLICY This Plan we adopted by member, partner, etc.) on Our Program Coordinator (date). (Board of Directors, owner, We have appointed
More informationADP Ambassador /Referral Rewards Program. Terms and Conditions of Use
ADP Ambassador /Referral Rewards Program Terms and Conditions of Use These Terms and Conditions ("Terms") are an agreement between ADP, LLC ("ADP"), on behalf of its Major Accounts Services Division ("MAS"),
More informationData protection issues on an EU outsourcing
Data protection issues on an EU outsourcing Saam Golshani, Alastair Gorrie and Diego Rigatti, Orrick Herrington & Sutcliffe www.practicallaw.com/8-380-8496 Outsourcing can mean subcontracting a process
More informationSOFTWARE LICENSING SUPPLEMENT
SOFTWARE LICENSING SUPPLEMENT TERMS AND CONDITIONS This Agreement is Buyer s offer to Seller. Acceptance of this Agreement is strictly limited to its terms. Buyer shall not be bound by and specifically
More informationCCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING
CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE response regarding the European Commission Public Consultation on Cloud Computing The Council of Bars and Law
More informationGUIDE ON DATA PROTECTION REQUIREMENTS IN THE CONTEXT OF CLOUD COMPUTING SERVICES
GUIDE ON DATA PROTECTION REQUIREMENTS IN THE CONTEXT OF CLOUD COMPUTING SERVICES CONTENT 1. WHY A CLOUD COMPUTING GUIDE?... 2 2. WHAT IS CLOUD COMPUTING?... 4 3. WHAT ARE THE ROLES OF THE CLOUD SERVICES
More informationDATA SECURITY AGREEMENT. Addendum # to Contract #
DATA SECURITY AGREEMENT Addendum # to Contract # This Data Security Agreement (Agreement) is incorporated in and attached to that certain Agreement titled/numbered and dated (Contract) by and between the
More informationLeonardo Hotels Group Page 1
Privacy Policy The Leonardo Hotels Group, represented by Sunflower Management GmbH & Co.KG, respects the right to privacy of every individual who access and navigate our website. Leonardo Hotels takes
More informationPerfectForms End-User License Agreement
PerfectForms End-User License Agreement 2011 PerfectForms Page 1 of 12 Contents 1. DEFINITIONS... 4 2. GRANT OF RIGHTS... 4 3. FEES... 5 4. CONFIGURATION... 5 5. INTELLECTUAL PROPERTY... 5 6. TERM AND
More informationCloud Hosting Terms and Conditions
1 DEFINITIONS. 1.1 The following definitions shall apply in this Schedule. Any reference in this Schedule to "day" will be a calendar day. "Acceptable Use Policy" "Affiliate" "Cloud Services" "Customer
More informationELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING
ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING This Supplemental Terms and Conditions of Trading is supplemental to and forms part of the terms and conditions set out in the
More informationPLEASE READ THIS AGREEMENT CAREFULLY. BY INSTALLING, DOWNLOADING OR OTHERWISE USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT.
Access Governance Suite 6 Lifecycle Manager 6 Compliance Manager 6 Software License Agreement PLEASE READ THIS AGREEMENT CAREFULLY. BY INSTALLING, DOWNLOADING OR OTHERWISE USING THE SOFTWARE, YOU AGREE
More informationSPECIAL CONDITIONS OF PRIVATE CLOUD Version dated 08/06/2011
SPECIAL CONDITIONS OF PRIVATE CLOUD Version dated 08/06/2011 DEFINITIONS : Cloud: Technology that uses remote resources and storage. Host Server: Physical Server with a memory load and a processor load.
More informationCompliance Management Systems
Certification Scheme Y03 Compliance Management Systems ISO 19600 ONR 192050 Issue V2.1:2015-01-08 Austrian Standards plus GmbH Dr. Peter Jonas Heinestraße 38 A-1020 Vienna, Austria E-Mail: p.jonas@austrian-standards.at
More informationHOB_Software_License_en 002 20120508
Software License Agreement I. Scope of this Agreement The terms and conditions in this agreement apply to all software sold or provided for use by HOB and only to merchant as stated in sec. 310 para (1)
More information