Obligations Processor Clause Samples
Obligations Processor. 3.1. With regard to the processing referred to in Article 1, Processor shall ensure compliance with the conditions laid down, pursuant to the GDPR, for the processing of personal data by Processor in its role.
3.2. Processor shall inform Controller, at its first request and within a reasonable period of time, of the measures taken regarding its obligations under this DPA.
3.3. Processor shall notify Controller if, in its opinion, an instruction from Controller is in breach of relevant privacy laws and regulations.
3.4. Processor shall provide Controller with the necessary cooperation when a data protection impact assessment, or prior consultation of the supervisor, should be necessary in the context of the processing.
3.5. The obligations of Processor arising from this DPA also apply to those who process personal data under the authority of Processor, including but not limited to employees, in the broadest sense of the word.
3.6. The processing takes place under the responsibility of Controller.
3.7. Processor shall only make the personal data available to those employees who need the personal data for the performance of their work or who necessarily need to take note of the personal data in the context of and for the performance of the Agreement, and shall otherwise keep it confidential, except where it is subject to different statutory obligations.
Obligations Processor. 2.1 Processor will process the personal data solely upon instruction and on behalf of Controller. The processing of the personal data will occur in accordance with the written instructions of Controller and the GDPR, such under (ultimate) responsibility of Controller. Processor will only process the personal data for other, own purposes to the extent it obtains a legitimate ground, such as consent of the data subject, for such processing.
2.2 Processor’s obligations under this DPA will also apply to third parties processing personal data on behalf of Processor, such as but limited to employees.
2.3 To the extent within Processor’s power, Processor will provide assistance to Controller in the execution of data protection impact assessments (DPIA). Processor may charge Controller with the reasonable costs in connection with providing such assistance.
2.4 Processor will generally process the personal data in countries within the European Economic Area (EEA). The transfer of personal data to countries outside the EER is permitted, provided such transfer meets the applicable legal requirements. In such event, Processor will inform Controller of the country or countries involved.
Obligations Processor. 2.1 With regard to the processing operations referred to in Article 1, the Processor will ensure compliance with the applicable laws and regulations, including in any case the laws and regulations in the field of the protection of (personal) data, such as the General Regulation Data Protection (GDPR).
2.2 The Processor will inform the Controller, at its first request, about the measures it has taken regarding its obligations under this Processing Agreement.
2.3 The Processor is expressly not permitted to use personal data for its own purposes. The Processor ensures that these obligations are also fulfilled by the personnel it engages.
2.4 The obligations of the Processor arising from this Processing Agreement also apply to those who process (personal) data under the authority of the Processor, including but not limited to employees, in the broadest sense of the word.
2.5 The Processor will immediately notify the Controller if, in its opinion, an instruction from the Controller constitutes a breach of privacy laws and regulations or may lead to this. The Processor accompanies this notification of the motivated reasons why the Processor believes that the instruction constitutes or may constitute an infringement of privacy laws and regulations.
Obligations Processor. 4.1 Processor undertakes to take measures to guarantee the confidentiality, integrity and availability of the information provision.
4.2 Processor works in accordance with ISO 27001.
4.3 The Processor will inform the Controller, at its first request, about these measures it has taken and the measures regarding its obligations under this Processor Agreement.
4.4 The Processor will limit the distribution of personal data or other data of the Controller necessary for the functioning of PublicSonar and for the purposes and processing referred to in Article 2 to a minimum.
4.5 The obligations of the Processor arising from this Processor Agreement also apply to those who process personal data under the authority of the Processor, including but not limited to employees, in the broadest sense of the word.