Common use of Selection of the Services Clause in Contracts

Selection of the Services. The Client is solely responsible for the selection of the Services. The Client shall ensure that the selected Services have the required characteristics and conditions to comply with the Controller’s activities and processing purposes, as well as the type of Personal Data to be processed within the Services, including but not limited to when the Services are used for processing Personal Data that is subject to specific regulations or standards (as an example, health or banking data in some countries). The Client is informed that OVH proposes certain Services with organisational and security measures specifically designed for the processing of health care data or banking data. If the Controller’s processing is likely to result in high risk to the rights and freedom of natural persons, the Client shall select its Services carefully. When assessing the risk, the following criteria shall notably, but not limited to, be taken into account: evaluation or scoring of data subjects; automated-decision making with legal or similar significant effect; systematic monitoring of data subjects ; processing of sensitive data or data of a highly personal nature; processing on a large scale; matching or combining datasets; processing data concerning vulnerable data subjects; using innovative new technologies unrecognised by the public, for the processing. OVH shall make available information to the Client, in the conditions set out below in section “Audits”, concerning the security measures implemented within the scope of the Services, to the extent necessary for assessing the compliance of these measures with the Controller’s processing activities.

Selection of the Services. The Client is solely responsible for the selection of the Services. The Client shall ensure that the selected Services have the required characteristics and conditions to comply with the Controller’s activities and processing purposes, as well as the type of Personal Data to be processed within the Services, including but not limited to when the Services are used for processing Personal Data that is subject to specific regulations or standards (as an example, health or banking data in some countries). The Client is informed that OVH NAMSOR proposes certain Services with organisational and security measures specifically designed for the processing of health care data or banking data. If the Controller’s processing is likely to result in high risk to the rights and freedom of natural persons, the Client shall select its Services carefully. When assessing the risk, the following criteria shall notably, but not limited to, be taken into account: evaluation or scoring of data subjects; automated-decision making with legal or similar significant effect; systematic monitoring of data subjects ; processing of sensitive data or data of a highly personal nature; processing on a large scale; matching or combining datasets; processing data concerning vulnerable data subjects; using innovative new technologies unrecognised by the public, for the processing. OVH NAMSOR shall make available information to the Client, in the conditions set out below in section clause “Audits”, concerning the security measures implemented within the scope of the Services, to the extent necessary for assessing the compliance of these measures with the Controller’s processing activities.