Common use of Personal data processing by PP Clause in Contracts

Personal data processing by PP. The project promoter shall process the personal data under this grant agreement in accordance with the applicable EU and national data protection laws (including the authorization or notification requirements). PP may grant its staff access only to data that is strictly necessary for the implementation, management and monitoring of the grant agreement. PP shall take appropriate technical and organizational security measures taking into account the inherent risks in the processing, as well as the nature of the personal data concerned. This for: (a) prevent any unauthorized person from accessing computer systems processing personal data, and in particular: (i) unauthorized reading, copying, modification or deletion of the storage media; (ii) unauthorized input of data, as well as unauthorized disclosure, modification or deletion of stored personal data; (iii) unauthorized use of data-processing systems by means of data transmission. (b) ensure that authorized users of the data-processing system can only access personal data for which they have access; (c) record what personal data have been communicated, when and to whom; (d) ensure that personal data processed on behalf of third parties can be processed only in the manner prescribed by the regulations in force; (e) ensure that, during the communication of personal data and the transport of storage media, the data cannot be read, copied or deleted without authorization; (f) design an organizational structure that meets the data protection requirements.