Common use of General documentation to the Controller Clause in Contracts

General documentation to the Controller. 1.1 Upon written request, the Processor is obliged to submit the following general documentation to the Controller: a) A declaration from the Processor's management specifying that, during the processing of personal data on behalf of the Controller, the Processor continuously ensures compliance with its obligations under this Processor Agreement. b) A description of the practical measures, both technical and organisational, implemented by the Processor to ensure compliance with its obligations under the Processor Agreement. The description may include a presentation of established and implemented management systems for information security and for processing of personal data as well as a description of other initiatives taken. As part thereof, the Processor is also obliged to participate in follow-up meetings with the Controller. c) A description of the control measures taken and implemented by the Processor for measurement and control of the effect of the established management system for information security and processing of personal data and performance measurements thereof. 1.2 The general documentation must be provided no later than ten working days after the Controller has made its written request to the Processor, unless otherwise specifically agreed. The Processor shall prepare documentation for its own account.