Common use of Evidence and Audits Clause in Contracts

Evidence and Audits. 11.1 The Processor shall provide the Customer, at the Customer’s request, with all information required and available to the Processor to prove compliance with its obligations under this Agreement. 11.2 The Customer shall be entitled to audit (including inspections) the Processor with regard to compliance with the provisions of this Agreement, in particular the implementation of the technical and organisational measures. 11.3 In order to carry out inspections in accordance with Sec. 11.2., the Customer is entitled to access the business premises of the Processor in which Customer Data is processed within the usual business hours (Mondays to Fridays from 10 am to 6 pm) after timely advance notification in accordance with Sec. 11.5 at its own expense, without disruption of the course of business and under strict secrecy of the Processor’s business and trade secrets. 11.4 The Processor is entitled, at its own discretion and taking into account the Customer’s legal obligations, not to disclose information which is sensitive with regard to the Processor’s business or if the Processor would be in breach of statutory or other contractual provisions as a result of its disclosure. The Customer is not entitled to get access to data or information about the Processor’s other customers, cost information, quality control and contract management reports, or any other confidential data of the Processor that is not directly relevant for the agreed audit purposes. 11.5 The Customer shall inform the Processor in good time (usually at least two weeks in advance) of all circumstances in relation to the performance of the audit. The Customer may carry out not more than one audit per calendar year. 11.6 If the Customer commissions a third party to carry out the audit, the Customer shall obligate the third party in writing in the same way as the Customer is obliged vis-à-vis the Processor according to this Sec. 11. In addition, the Customer shall by way of written agreement obligate the third party to maintain secrecy and confidentiality unless the third party is subject to a professional obligation of secrecy. At the request of the Processor, the Customer shall immediately submit to the Processor the commitment and confidentiality agreements with the third party. The Customer may not commission any of the Processor’s competitors to carry out the audit. 11.7 At the discretion of the Processor, proof of compliance with the obligations under this Agreement may be provided, instead of an inspection, by submitting an appropriate current opinion or report from an independent authority (e.g. auditor, audit department, data protection officer, IT security department, data protection auditors or quality auditors) or a suitable certification by IT security or data protection audit (the “Audit Report”), if the Audit Report makes it possible for the Customer in an appropriate manner to convince itself of the Processor’s compliance with the contractual obligations contained in this Agreement.

Evidence and Audits. 11.1 1. The Processor shall provide the Customer, at the Customer’s 's request, with all information required and available to the Processor to prove compliance with its obligations under this Agreement. 11.2 2. The Customer shall be entitled to audit (including inspections) the Processor with regard to compliance with the provisions of this Agreement, in particular the implementation of the technical and organisational measures. 11.3 3. In order to carry out inspections in accordance with Sec. 11.2., the Customer is entitled to access the business premises of the Processor in which Customer Data is processed within the usual business hours (Mondays to Fridays from 10 am to 6 pm) after timely advance notification in accordance with Sec. 11.5 at its own expense, without disruption of the course of business and under strict secrecy of the Processor’s 's business and trade secrets. 11.4 4. The Processor is entitled, at its own discretion and taking into account the Customer’s 's legal obligations, not to disclose information which is sensitive with regard to the Processor’s 's business or if the Processor would be in breach of statutory or other contractual provisions as a result of its disclosure. The Customer is not entitled to get access to data or information about the Processor’s 's other customers, cost information, quality control and contract management reports, or any other confidential data of the Processor that is not directly relevant for the agreed audit purposes. 11.5 5. The Customer shall inform the Processor in good time (usually at least two weeks in advance) of all circumstances in relation to the performance of the audit. The Customer may carry out not more than one audit per calendar year. 11.6 6. If the Customer commissions a third party to carry out the audit, the Customer shall obligate the third party in writing in the same way as the Customer is obliged vis-à-vis the Processor according to this Sec. 11. In addition, the Customer shall by way of written agreement obligate the third party to maintain secrecy and confidentiality unless the third party is subject to a professional obligation of secrecy. At the request of the Processor, the Customer shall immediately submit to the Processor the commitment and confidentiality agreements with the third party. The Customer may not commission any of the Processor’s 's competitors to carry out the audit. 11.7 7. At the discretion of the Processor, proof of compliance with the obligations under this Agreement may be provided, instead of an inspection, by submitting an appropriate current opinion or report from an independent authority (e.g. auditor, audit department, data protection officer, IT security department, data protection auditors or quality auditors) or a suitable certification by IT security or data protection audit (the “"Audit Report”"), if the Audit Report makes it possible for the Customer in an appropriate manner to convince itself of the Processor’s 's compliance with the contractual obligations contained in this Agreement.

Evidence and Audits. 11.1 1. The Processor shall provide the Customer, at the Customer’s 's request, with all information required and available to the Processor to prove compliance with its obligations under this Agreement. 11.2 2. The Customer shall be entitled to audit (including inspections) the Processor with regard to compliance with the provisions of this Agreement, in particular the implementation of the technical and organisational measures. 11.3 3. In order to carry out inspections in accordance with Sec. 11.2., the Customer is entitled to access the business premises of the Processor in which Customer Data is processed within the usual business hours (Mondays to Fridays from 10 am to 6 pm) after xxxx timely advance notification in accordance with Sec. 11.5 at its own expense, without disruption of the course of business and under strict secrecy of the Processor’s 's business and trade secrets. 11.4 4. The Processor is entitled, at its own discretion and taking into account the Customer’s 's legal obligations, not to disclose information which is sensitive with regard to the Processor’s 's business or if the Processor would be in breach of statutory or other contractual provisions as a result of its disclosure. The Customer is not entitled to get access to data or information about the Processor’s 's other customers, cost information, quality control and contract management reports, or any other confidential data of the Processor that is not directly relevant for the agreed audit purposes. 11.5 5. The Customer shall inform the Processor in good time (usually at least two weeks in advance) of all circumstances in relation to the performance of the audit. The Customer may carry out not more than one audit per calendar year. 11.6 6. If the Customer commissions a third party to carry out the audit, the Customer shall obligate the third party in writing in the same way as the Customer is obliged vis-à-vis the Processor according to this Sec. 11. In addition, the Customer shall by way of written agreement obligate the third party to maintain secrecy and confidentiality unless the third party is subject to a professional obligation of secrecy. At the request of the Processor, the Customer shall immediately submit to the Processor the commitment and confidentiality agreements with the third party. The Customer may not commission any of the Processor’s 's competitors to carry out the audit. 11.7 7. At the discretion of the Processor, proof of compliance with the obligations under this Agreement may be provided, instead of an inspection, by submitting an appropriate current opinion or report from an independent authority (e.g. auditor, audit department, data protection officerofficer, IT security department, data protection auditors or quality auditors) or a suitable certification by IT security or data protection audit (the “"Audit Report”"), if the Audit Report makes it possible for the Customer in an appropriate manner to convince itself of the Processor’s 's compliance with the contractual obligations contained in this Agreement.