RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 5.1 The Data Controller hereby instructs the Data Processor to take such steps in the processing of Personal Data as are reasonably necessary for the performance of the Data Processor’s obligations under the Agreement, and agrees that such instructions, comprising the terms of this DPA and the Agreement, constitute its full and complete instructions as to the means by which Personal Data shall be processed by the Data Processor.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 2.1 The Controller (i) shall ensure that the Controller when Processing Controller Data, complies with Applicable Data Protection Law; (ii) is at all times entitled to provide new or amended instructions regarding the Processing of the Controller Data, whereby the Processor shall be given reasonable time for implementation; (iii) shall without undue delay inform the Processor of any circumstances that may require modifications to the Processor’s Processing of the Controller Data; (iv) is at all times entitled to, by written notification to the Processor, terminate the Processor's Processing of the Controller Data if the Controller has reasonable grounds to believe that the Processor is unable, or has failed, to comply with the provisions of the DPA or Applicable Data Protection Law; and (v) provides a general authorisation to the Processor to engage Sub- processors, provided however that the Controller’s authorisation is subject to such Sub- processor‘s compliance with all the provisions set out in this DPA.
2.2 This DPA shall apply to all Processing of the Controller Data performed by the Processor on behalf of the Controller; in no event shall the Parties Process any Personal Data as joint controllers, as such term is defined in the GDPR.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 1. The Controller shall be solely responsible for assessing the admissibility of the processing requested and for the rights of affected parties.
2. The Controller shall document all orders, partial orders or instructions. In urgent cases, instructions may be given verbally. These instructions will be immediately confirmed and documented by the Controller.
3. The Controller shall immediately notify the Processor if he finds any errors or irregularities when reviewing the results of the processing.
4. The Controller is entitled to appoint a third party independent auditor in the possession of the required professional qualifications and bound by a duty of confidentiality, which auditor must be reasonably acceptable to the Processor, to inspect Processor’s compliance with this Data Processing Agreement and the applicable data protection legislation required to determine the truthfulness and completeness of the statements submitted by the Processor under this Data Processing Agreement. Controller’s right to audit shall be subject to giving the Processor at least 4 weeks prior written notice of any such audit. The Controller shall bear any and all cost of the audit.
5. Inspections at the Processor’s premises must be carried out without any avoidable disturbances to the operation of his/her business. Unless otherwise indicated for urgent reasons, which must be documented by the Controller, inspections shall be carried out after appropriate advance notice and during the Processor’s business hours, and not more frequently than every 12 months. If the Processor provides evidence of the agreed data protection obligations being correctly implemented, any inspections shall be limited to samples.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 11.1. The Controller shall periodically evaluate the organizational, technical and security measures adopted by the Processor in the Processing of Personal Data, in order to verify that the Processor acts in compliance with the obligations set forth in this DPA and with the Privacy Law. In this regard, the Controller may access the offices, computers, information systems and other information systems/archives of the Processor directly or through its appointees, with 5 working days' notice.
11.2. Whether the Controller, following the inspection activities carried out pursuant to Article
11.1 above, deems that the sufficient guarantees mentioned in the whereas B of this DPA have failed and/or find a violation of the obligations set forth in this DPA may immediately terminate this DPA.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 3.1 The Controller is the responsible person within the meaning of Article 4 No. 7
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 4.1 Within the framework of the contractual relationship, the controller is solely responsible for the legality of the data transfer to the processor and for the legality of the data processing. If individual data subjects do not agree to the intended data processing, the controller is responsible for deleting the respective data in their KLARA account accordingly.
4.2 The controller has the right to receive information about the technical and organisational measures taken by the processor to ensure data security before and during data processing.
4.3 The controller is responsible for the security of the data on devices and the transport route to the processor.
4.4 The controller has the right to contact the processor with questions about data processing and to ensure compliance with this agreement.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. (1) The Controller is responsible, in accordance with Art. 4 No. 7 GDPR, for the commissioned processing of data by the processor. The Processor has the right, in accordance with Subpar. 4 Para. 5, to inform the Controller, if, in his opinion, legally inadmissible data processing is the objective of the contract and/or directive.
(2) The Controller is liable for the safeguarding and protection of all parties concerned. The Processor will immediately inform the Controller if the rights of those affected is infringed upon.
(3) The Controller has the right, at any time, to issue additional instructions concerning type, extent and procedures of data processing granted to the processor. Instructions may be expressed in text form as an email, for example.
(4) Rules and regulations regarding compensation for additional expenses that may arise as a result of the Controller's additional instructions for the Processor, remain unaffected.
(5) The Controller has the right to appoint personnel authorized to give instructions. If the authorized personnel are to be appointed, they will be named in Annex 1. In the case that the nominated individual is to be replaced, the Controller will immediately inform the Processor in writing.
(6) Should the Controller detect any errors or irregularities in the processing of personal data by the Processor, the Controller shall immediately inform the Processor.
(7) In the event of a disclosure obligation regarding a third party, the Controller is legally liable to comply, pursuant to Art.33, 34 of the GDPR.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. (1) The Controller is solely responsible for assessing the lawfulness of the data processing and for safeguarding the rights of data subjects and is therefore the responsible controller within the meaning of Art. 4(7)
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 1. The Processing of Data partially takes place outside the EU and the EEA. Countries, in which the Processing takes place, and the basis for an appropriate level of data security are listed in Schedule § III.1.
RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 1. The controller is responsible for compliance with the relevant data protection regulations.
2. The controller has to inform the processor immediately and completely if he finds violations of the processor against data protection regulations.
3. The controller meets the information requirements resulting from Art. 24 GDPR and Art. 13 and 14 GDPR.
