Duties of the Controller. 4.1 In respect of the Personal Data to be processed, the Controller and the Processor shall each be responsible for compliance with the data protection laws that are relevant to them. The Controller must inform the Processor if applicable laws, regulations or guidelines entail specific duties for handling Personal Data in a particular case. 4.2 The Controller shall inform the Processor promptly and comprehensively about any errors or irregularities related to statutory provisions on the Processing of Personal Data that it becomes aware of. 4.3 Where it is legally required to keep and maintain a public directory of processing descriptions, this obligation rests with the Controller. 4.4 The Controller shall be subject to any data breach notification duties resulting from applicable Data Protection Requirements. 4.5 The Controller shall specify, contractually or by Instruction, the measures for the return of the media provided to Processor, and for the deletion of the Personal Data stored at the Processor after termination of this Processing Agreement. The Controller cannot demand the deletion of Personal Data stored with the Processor insofar as the Processor is required by statutory law to retain material that contains that Personal Data, e.g. any applicable data retention rules. Where Processor needs to retain Personal Data, it shall be blocked by the Processor until the applicable retention period has expired. In addition, Personal Data shall be blocked instead of deleting it, to the extent legally permitted under applicable Data Protection Requirements, in particular, if the deletion is not reasonably feasible or only possible with disproportional cost due to the particular type of storage. 4.6 Any additional costs incurred after this DPA was terminated due to the making available or deletion of Personal Data shall be borne by the Controller. 4.7 The Controller must notify the Processor in due time about changes in legal regulations in the area of data protection that affect the contractual duties of Processor and may require that this DPA be amended. The Parties agree to bring about a mutually acceptable solution and to take into account the effects of this action on the agreed remuneration. The Processor may also submit proposals to Controller if Processor deems a certain change to be necessary in order to remain compliant with Applicable Law.
Appears in 2 contracts
Samples: Data Processing Agreement, Data Processing Agreement
Duties of the Controller. 4.1 In respect of the Personal Data to be processed, the Controller and the Processor shall each be responsible for compliance with the data protection laws that are relevant to them. The Controller must inform the Processor if applicable laws, regulations or guidelines entail specific duties for handling Personal Data in a particular case.
4.2 The Controller shall inform the Processor promptly and comprehensively about any errors or irregularities related to statutory provisions on the Processing of Personal Data that it becomes aware of.
4.3 Where it is legally required to keep and maintain a public directory of processing descriptions, this obligation rests with the Controller.
4.4 The Controller shall be subject to any data breach notification duties resulting from applicable Applicable Data Protection Requirements.
4.5 The Controller shall specify, contractually or by Instruction, the measures for the return of the media provided to Processor, and for the deletion of the Personal Data stored at the Processor after termination of this Processing Agreement. The Controller cannot demand the deletion of Personal Data stored with the Processor insofar as the Processor is required by statutory law to retain material that contains that Personal Data, e.g. any applicable data retention rules. Where Processor needs to retain Personal Data, it shall be blocked by the Processor until the applicable retention period has expired. In addition, Personal Data shall be blocked instead of deleting it, to the extent legally permitted under applicable Applicable Data Protection Requirements, in particular, if the deletion is not reasonably feasible or only possible with disproportional cost due to the particular type of storage.
4.6 Any additional costs incurred after this DPA was terminated due to the making available or deletion of Personal Data shall be borne by the Controller.
4.7 The Controller must notify the Processor in due time about changes in legal regulations in the area of data protection that affect the contractual duties of Processor and may require that this DPA be amended. The Parties agree to bring about a mutually acceptable solution and to take into account the effects of this action on the agreed remuneration. The Processor may also submit proposals to Controller if Processor deems a certain change to be necessary in order to remain compliant with Applicable Law.
Appears in 1 contract
Samples: Data Processing Agreement
Duties of the Controller. 4.1 In respect of the Personal Data to be processed, the Controller and the Processor shall each be responsible for compliance with the data protection laws that are relevant to them. The Controller must inform the Processor if applicable laws, regulations or guidelines entail specific duties for handling Personal Data in a particular case.
4.2 The Controller shall inform the Processor promptly and comprehensively about any errors or irregularities related to statutory provisions on the Processing of Personal Data that it becomes aware of.
4.3 Where it is legally required to keep and maintain a public directory of processing descriptions, this obligation rests with the Controller.
4.4 The Controller shall be subject to any data breach notification duties resulting from applicable Data Protection Requirements.
4.5 The Controller shall specify, contractually or by Instruction, the measures for the return of the media provided to Processor, and for the deletion of the Personal Data stored at the Processor after termination of this Processing Agreement. The Controller cannot demand the deletion of Personal Data stored with the Processor insofar as the Processor is required by statutory law to retain material that contains that Personal Data, e.g. any applicable data retention rules. Where Processor needs to retain Personal Data, it shall be blocked by the Processor until the applicable retention period has expired. In addition, Personal Data shall be blocked instead of deleting it, to the extent legally permitted under applicable Data Protection Requirements, in particular, if the deletion is not reasonably feasible or only possible with disproportional cost due to the particular type of storage.
4.6 Any additional costs incurred after this DPA was terminated due to the making available or deletion of Personal Data shall be borne by the Controller.
4.7 The Controller must notify the Processor in due time about changes in legal regulations in the area of data protection that affect the contractual duties of Processor and may require that this DPA be amended. The Parties agree to bring about a mutually acceptable solution and to take into account the effects of this action on the agreed remunerationPage 3/8 Ref. The Processor may also submit proposals to Controller if Processor deems a certain change to be necessary in order to remain compliant with Applicable Law.Rev. 07/08/2014 0000 00 Xxxxxxxxxxxxx 0, X-0000 Xxxxxxxxxx a.W., AUSTRIA Xxx X. Xxxxxxx, 51 I-31020 Villorba (TV) ITALY
Appears in 1 contract
Samples: Data Processing Agreement