Common use of Processing of personal data by the contractor Clause in Contracts

Processing of personal data by the contractor. Where during contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation, the following provisions apply: For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] . Filling out and signing this annex is therefore a condition of regularity of the tender.

Processing of personal data by the contractor. Where Where, during contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation, the following provisions apply: . For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor (Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] 6]. Filling out and signing this annex is therefore a condition of regularity of the tender.

Processing of personal data by the contractor. Where during contract performance, the contractor may process processes personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation, the following provisions apply: For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor (Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] . Filling out and signing this annex is therefore a condition of regularity of the tender.