Common use of Monitoring rights of the Controller Clause in Contracts

Monitoring rights of the Controller. 8.1 The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual case. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services. The Processor shall ensure that the Processing activities carried out by any sub-processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services meet the requirements laid down in this Agreement and in Applicable Law. 8.2 The Processor shall ensure that the Controller is able to verify compliance with the obligations of the Processor in accordance with the Applicable Laws. The Processor undertakes to provide to the Controller all necessary information on request and, in particular, to demonstrate the execution of the technical and organizational measures as mentioned in Schedule 2 within a reasonable timeframe. 8.3 Evidence of the implementation of any measures in this regard may also be presented in the form of up-to-date attestations, reports or extracts thereof from independent bodies (e.g. external auditors, internal audit, the data protection officer, the IT security department or quality auditors) or suitable certification by way of an IT security or data protection audit or by other measures provided by law.

Monitoring rights of the Controller. 8.1 The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual case. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- sub-processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services. The Processor shall ensure that the Processing activities carried out by any sub-processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services meet the requirements laid down in this Agreement and in Applicable Law. 8.2 The Processor shall ensure that the Controller is able to verify compliance with the obligations of the Processor in accordance with the Applicable Laws. The Processor undertakes to provide to the Controller all necessary information on request and, in particular, to demonstrate the execution of the technical and organizational measures as mentioned in Schedule 2 within a reasonable timeframe. 8.3 Evidence of the implementation of any measures in this regard may also be presented in the form of up-to-date attestations, reports or extracts thereof from independent bodies (e.g. external auditors, internal audit, the data protection officer, the IT security department or quality auditors) or suitable certification by way of an IT security or data protection audit or by other measures provided by law.

Monitoring rights of the Controller. 8.1 The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual case. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processorssubprocessors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services. The Processor shall ensure that the Processing activities carried out by any sub-processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services meet the requirements laid down in this Agreement and in Applicable Law. 8.2 The Processor shall ensure that the Controller is able to verify compliance with the obligations of the Processor in accordance with the Applicable Laws. The Processor undertakes to provide to the Controller all necessary information on request and, in particular, to demonstrate the execution of the technical and organizational measures as mentioned in Schedule 2 within a reasonable timeframe. 8.3 Evidence of the implementation of any measures in this regard may also be presented in the form of up-to-date attestations, reports or extracts thereof from independent bodies (e.g. external auditors, internal audit, the data protection officer, the IT security department or quality auditors) or suitable certification by way of an IT security or data protection audit or by other measures provided by law.

Monitoring rights of the Controller. 8.1 8.1. The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual caseauditor. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processors, sub-contractors or any third parties which the Processor may use to attain its Purpose the Service Objectives and provide its Services. The Processor shall ensure and proof to the reasonable satisfaction of the Controller that the Processing processing activities carried out by any sub-processors, or sub-contractors or any third parties which the Processor may use to attain its Purpose the Service Objectives and to provide its Services meet the requirements laid down in this Agreement and in Applicable Law. 8.2 8.2. The Processor shall ensure that the Controller is able to verify compliance with the obligations of the Processor in accordance with the Applicable Laws. The Processor undertakes to provide to the Controller all necessary information on request and, in particular, to demonstrate the execution of the technical and organizational organisational measures as mentioned in Schedule 2 within a reasonable timeframe. 8.3 8.3. Evidence of the implementation of any measures in this regard may also be presented in the form of up-to-date attestationscertificates, reports or extracts thereof from independent bodies (e.g. external auditors, internal audit, the data protection officer, the IT security department or quality auditors) or suitable certification by way of an IT security or data protection audit or by other measures provided by lawApplicable Law).

Monitoring rights of the Controller. 8.1 8.1. The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual caseauditor. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services. The Processor shall ensure that the Processing activities carried out by any sub-processors, sub-contractors or any third parties which the Processor may use to attain the Service Objectives and provide its Purpose Services. The Processor shall ensure and proof to the reasonable satisfaction of the Controller that the processing activities carried out by any sub-processors, or sub-contractors which the Processor may use to attain the Service Objectives and to provide its Services meet the requirements laid down in this Agreement and in Applicable Law. 8.2 8.2. The Processor shall ensure that the Controller is able to verify compliance with the obligations of the Processor in accordance with the Applicable Laws. The Processor undertakes to provide to the Controller all necessary information on request and, in particular, to demonstrate the execution of the technical and organizational organisational measures as mentioned in Schedule 2 within a reasonable timeframe. 8.3 8.3. Evidence of the implementation of any measures in this regard may also be presented in the form of up-to-date attestationscertificates, reports or extracts thereof from independent bodies (e.g. external auditors, internal audit, the data protection officer, the IT security department or quality auditors) or suitable certification by way of an IT security or data protection audit or by other measures provided by lawApplicable Law).