Processing managers can only use subcontractors who can provide sufficient safeguards to take appropriate technical and organizational measures to ensure that their treatment meets the requirements of the RGPD and protects the rights of those concerned. (e) to process without delay and formal any request from the exporter of data concerning the processing of personal data subject to transmission and to comply with the advice of the supervisory authority when processing the transmitted data; The contract (or any other legislative act) contains details of the processing, including: Personal data is retained by the data processor until the data manager requests the removal or return of the data, see paragraph 12.1 of this data protection authority. However, under the RGPD, contractual requirements are more comprehensive and are no longer limited to the guarantee of the security of personal data. They must also demonstrate that each party complies with the details of the regulation. To the extent that the content of a customer statement is unable to respond, Contentsquare (i) will inform the customer of the problem by giving relevant details, (ii) Contentsquare may, without any responsibility to the customer, the processing of the relevant personal data (except the secure storage of this data) temporarily ceases and/or suspends access to the account and (iii) if the parties do not agree to a solution to the problem in question and its costs, the customer may, exclusively, terminate the contract and this DPA with respect to the treatment concerned, and the customer must pay Contentsquare all the sums due or the content. The Customer has no other claims against Contentsquare (including, but not limited to reimbursement of services) under the termination of the contract and data protection rules in accordance with this paragraph. (iv) describe the actions taken or proposed by the data processor to remedy the breach of personal data, including, if necessary, measures to mitigate its potential negative effects. For more details, you can read the ProtonMail data processing agreement or the generic model of data processing agreements that we have made available on this site. Nothing difficult here — this list should contain all the data subcontractors and the addresses of their seats. 9.2. When data is responsible for the processing of officials in another country (except one EEA country) with one or more laws: imposing restrictions or prohibitions on data transmission and the data manager has informed the data manager of these restrictions or transmission bans, the proposal and the data processor ensure that there is an appropriate transmission mechanism (to meet the country`s data transfer requirements), as the data manager reasonably requires and has agreed between the two parties before transmitting or entering the data from the data manager outside that country.
In order to avoid any doubt, this transmission limitation does not apply to the data manager or authorized users of his partners who have access to the software and data management data, and the data processor will not be responsible for the actions of the data manager or authorized users of his partner agency. Neither the data manager nor its authorized users have the right to use the software or subscription services in a country where data geolocation laws require the hegesity of the data manager in that country. In case the term does not ring – a data processing agreement (DPA) or a controlled data processing clause is a legally binding document signed between two major players in the data processing under the RGPD – the person in charge of processing and the subcontractor. If you want to know how lexology can advance your content marketing strategy, please email firstname.lastname@example.org.