ERASURE AND RETURN OF PERSONAL DATA. (1) Copies or duplicates of the data will not be made without the knowledge of the client. The only exceptions to this are backup copies, insofar as they are necessary to ensure proper data processing, as well as data that is required in order to comply with statutory retention obligations.
(2) After completion of the provision of the processing services, the Contractor either deletes all personal data or returns it to the customer, unless it is required by law there is an obligation to store the personal data or if this is evident from the service descriptions and the respective contractual agreements.
(3) Documentation that serves as proof of the orderly and proper data processing shall be retained by the Contractor beyond the end of the contract in accordance with the respective end of the contract. The Contractor may hand them over to the Client at the end of the contract.
(4) The Contractor waives the assertion of rights of retention within the meaning of § 273 BGB on the personal data processed by him.
ERASURE AND RETURN OF PERSONAL DATA. (1) No copies or duplicates of data shall be made without the prior knowledge of the Client. This shall not apply to security copies, provided they are required to ensure proper data processing, as well as to data required to comply with statutory retention requirements.
(2) Upon completing the work contractually agreed upon, or earlier upon request by the Client – at the latest upon termination of the CONTRACT or Service Agreement(s) – the Supplier shall hand the Client all documents and processing utilisation results prepared as well as databases that have come into its possession in the course of the contractual relationship, or the Supplier shall destruct any such data pursuant to data protection law upon prior consent. The same shall apply to testing or rejection materials. The erasure protocol shall be submitted upon request.
(3) Documentation which is used to demonstrate orderly data processing in accordance with the Order or Contract shall be stored beyond the contract duration by the Supplier in accordance with the respective retention periods. It may hand such documentation over to the Client at the end of the contract duration to relieve the Supplier of this contractual obligation. Appendix 1 to the Data processing agreement – Technical and Organizational Measures
1. Confidentiality (Article 32 Paragraph 1 Point b GDPR)
(1) Physical Access Control No unauthorised access to Data Processing Facilities, e.g.: magnetic or chip cards, keys, electronic door openers, facility security services and/or entrance security staff, alarm systems, video/CCTV Systems
(2) Electronic Access Control No unauthorised use of the Data Processing and Data Storage Systems, e.g.: (secure) passwords, automatic blocking/locking mechanisms, two-factor authentication, and encryption of data carriers/storage media
(3) Internal Access Control (permissions for user rights of access to and amendment of data) No unauthorised Reading, Copying, Changes or Deletions of Data within the system, e.g. rights authorisation concept, need-based rights of access, logging of system access events
ERASURE AND RETURN OF PERSONAL DATA. (1) No data shall be copied or duplicated without the Controller’s knowledge. This shall not apply to backup copies as far as they are required to ensure due data processing, as well as to data required to be archived pursuant to statutory obligation to retain data.
(2) Upon completion of the contractually agreed work or earlier upon request by the Controller – at the latest upon termination of the service agreement - the Processor shall hand over to Controller all documents that have come into its possession, generated processing and usage results, as well as data stocks connected with the contractual relationship, or destroy them in accordance with data protection laws upon prior consent. This also goes for test material and rejected material. Erasure or deletion must be confirmed upon Controller’s request. Any additional costs incurred by the Processor due to handover or erasure of data shall be borne by Controller.
(3) The Processor shall retain any documentations evidencing due data processing in keeping with the commission beyond the end of the Agreement in compliance with the respective retention periods. For its convenience, Processor may hand over such documentations to Controller at the termination of the Agreement.
ERASURE AND RETURN OF PERSONAL DATA. 11.1 On termination of the provision of the Services involving processing of personal data, Cleura shall, depending on the instructions given by Customer:
a) delete all personal data processed on behalf of the controller and certify to Customer that it has done so, unless Union or Member State law requires further processing of the personal data, or
b) make the personal data available to the controller and delete existing copies, unless Union or Member State law requires further processing of the personal data.
11.2 Customer is responsible for downloading and/or deleting the personal data well before access to the Services is terminated, and Customer’s use of these options shall constitute instructions given to Cleura. Customer shall immediately notify Cleura if Customer is unable to download or delete the data. If Customer does not use these options, Customer instructs Cleura to delete the personal data when the relevant Services involving processing of personal data are deactivated.
ERASURE AND RETURN OF PERSONAL DATA. 11.1 Service Provider is not entitled to erase any Personal Data processed on behalf of User without User’s explicit request. Service Provider is obliged to deliver within reasonable time Personal Data processed by it or a copy or extract thereof to User upon User’s written request to email address xxxxxxx@xxxxxxx.xx.
11.2 Service Provider shall, in accordance with User’s election, erase or return all Personal Data to User upon its written request or at the latest when TOU is no longer in force or when the processing of Personal Data is no longer necessary to provide Services. After Personal Data has been successfully erased or returned to User, Service Provider shall destroy Personal Data. Service Provider shall have the right to charge for the erasure or return of Personal Data to User.
ERASURE AND RETURN OF PERSONAL DATA. 11.1. On termination of the Main Agreement, all Personal Data created in the BitaBIZ HR, scheduling, time- and absence-management system processed by BitaBIZ on behalf of the Customer must be deleted, unless the applicable law requires the storage of such data.
11.2. For the avoidance of doubt and with reference to the Customer's access to and control over the Personal Data entered or created in the BitaBIZ HR, scheduling, time- and absence- management system, the Customer is responsible for the extraction and deletion of such data.
ERASURE AND RETURN OF PERSONAL DATA. 9.1 Copies and duplicates of the data must not be made without the knowledge of the Client, with the exception of backup copies insofar as they are needed to ensure proper data processing and data required to meet statutory retention obligations.
9.2 After conclusion of the contracted work, or earlier upon request by the Client or upon completion or termination of this contract, the Contractor must hand over to the Client all documents, processing and utilization results, and data sets related to the contract that have come into the Contractor’s possession or, subject to prior consent by the Client in text form, destroy them in accordance with data protection regulations. The erasure and destruction of all the data in its entirety must be performed using recognized, state-of-the-art procedures for overwriting data multiple times. The same also applies to test, waste, redundant and discarded material, which is to be kept under lock and key in compliance with data protection regulations until it is erased or returned. The log of the deletion must be presented to the Client upon request and a copy handed over.
ERASURE AND RETURN OF PERSONAL DATA. Upon termination of the Agreement, Azets is obliged to return, erase or anonymise all Personal Data in accordance with the Data Controller's more detailed instructions at the time of termination. The Parties shall loyally agree on the practical implementation of this duty that safeguards the needs of both Parties to comply with statutory requirements and ensure day-to-day operations. In any case, the erasure obligation does not apply to Personal Data that is included in Azets' own assignment documentation, cf. the final paragraph of this Data Processor Agreement.
ERASURE AND RETURN OF PERSONAL DATA. 10.1 Copies or duplicates of the data shall not be produced without the knowledge of the Principal. This shall not include backup copies if they are required to ensure proper data processing and data that are necessary to fulfill legal retention obligations.
10.2 At the end of the contractually agreed work or earlier following a request by the Principal – immediately after the end of the Service Agreement – the Contractor shall return to the Principal all documents, produced pro- cessing and utilization results and datasets which are in his possession and relate to the Agreement or shall xx- xxxxx these documents, results, and datasets according to data protection requirements after prior agreement. This provision shall also apply to test and scrap material. On request, the erasure report shall be presented. P-eDE-2001-24V3
10.3 Documentation serving as proof of contractual and orderly data processing shall be kept by the Contractor ac- cording to the respective retention periods after the Agreement has ended. The Contractor may hand over this documentation to the Principal for his exculpation at the end of the Agreement. The contractor reserves the right to determine the format in which the data will be handed over. For exports in other formats, the contractor may demand an expense allowance.
