DESCRIPTION OF THE PROCESSING. This Schedule 1 applies to describe the Processing of Personal Data for the purposes of the Standard Contractual Clauses (2010), New Standard Contractual Clauses and applicable Data Protection Law.
DESCRIPTION OF THE PROCESSING. Categories of data subjects whose personal data is processed
DESCRIPTION OF THE PROCESSING. This Data Processing Agreement shall apply to all Processing of Personal Data carried out by Telia as a data processor under the scope of the Agreement. Telia shall Process the Personal Data for the purpose of providing the Products to Customer and in accordance with its obligations under the Agreement. Personal Data shall be processed for the following purposes:
DESCRIPTION OF THE PROCESSING. Controller and Processor The Client is a controller within the meaning of the GDPR and uses the Contractor's whistleblowing system to enable its employees and other third parties to report potential compliance violations in the Client’s com- pany. The Contractor shall provide the whistleblowing system as a Software-as-a-Service (SaaS) to the Client as a data processor. Data Subjects The personal data processed relates to whistleblowers who use the whistleblowing system to confidentially report potential compliance violations in the Client's company. The Client decides whether to make the whistleblowing system available only to its employees or also to other third parties (customers, suppliers, etc.). Furthermore, the Contractor shall process personal data of the persons indicated by the person providing the information in the context of a notification, e.g., as an accused of a potential compliance violation or in any other context.
DESCRIPTION OF THE PROCESSING. Categories of data subjects whose personal data is processed All persons whose personal data is contained in the projects stored by the customer in the MAXQDA TeamCloud. Categories of personal data processed All data contained in the projects stored by the customer in MAXQDA TeamCloud. Sensitive data processed (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures. No sensitive personal data will be processed. The customer undertakes to anonymise sensitive data prior to processing in the MAXQDA TeamCloud using state-of-the-art measures. Furthermore, the AWS security standards apply in the respective current version (Annex 1 to the AWS DPA). Nature of the processing Hosting of customer projects. Purpose(s)for which the personal data is processed on behalf of the controller Duration of the processing Storage of customer projects in the MAXQDA TeamCloud. For processing by (sub-) processors, also specify subject matter, nature and duration of the processing The MAXQDA TeamCloud is stored on an AWS cloud server in Germany. The processing serves the hosting of the MAXQDA TeamCloud. The duration of the processing is again based on the duration of the customer's subscription. The Parties waive the obligation under clause 7.7 lit. (e), according to which the processor is obliged to agree on a third-party beneficiary clause with the sub-processors. ANNEX III - TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA Description of the technical and organisational security measures implemented by the processors) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, as well as the risks for the rights and freedoms of natural persons.
DESCRIPTION OF THE PROCESSING. This Annex forms part of the Clauses. The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Annex.
DESCRIPTION OF THE PROCESSING. Skedul 1 Deskripsi Pemrosesan This Schedule 1 applies to describe the Processing of Personal Data for the purposes of the Standard Contractual Clauses (2010), New Standard Contractual Clauses and applicable Data Protection Law./ Skedul 1 ini berlaku untuk menjelaskan Pemrosesan Data Pribadi untuk tujuan Klausul Kontrak Standar (2010), Klausul Kontrak Standar Baru dan Undang-Undang Perlindungan Data yang berlaku.
DESCRIPTION OF THE PROCESSING. The data affected by this Agreement will be used for the sole purpose of identifying and authenticating the persons who access the systems that are the subject of the Agreement on behalf of the DATA CONTROLLER.
DESCRIPTION OF THE PROCESSING. Subject-Matter Playerlync provision of the Services as defined in Section 1.1 of the Data Processing Agreement. Duration of the Processing Data will not be kept for any longer than is necessary for achieving the purposes for which it was collected, processed or used, or as it is established in the applica- ble laws related to data retention periods. The Term plus the period from the expiry of the Term until deletion of all Personal Data by Playerlync in accordance with the Terms, in accordance with Section 5.1 of the Data Processing Agreement. Extent, Type and Purpose of the Processing Playerlync will process Personal Data for the purposes of providing the Services. Data Subjects The Data Processor may process the Personal Data of the customers of the Data Controller’s subsidiary, CLIENT. The Data Processor also may process the Personal Data provided by the end users of the Services, which may include the Personal Data of current employees, former employees, and end users. Categories of Data Data relating to individuals provided by the Data Controller via the Services, by (or at the direction of) Customer or by Customer End Users. As the Data Processor, the following types of data are provided by the Data Con- troller: • Contact data, such as first name, name, phone, email address, and birthday. • Employment data, such as employee identification, department, job title, location, employment status, start date, and supervisor The Data Controller will inform the Data Processor in writing in advance if any ad- ditional Personal Data is provided. Schedule 2
DESCRIPTION OF THE PROCESSING. For the sole purpose of execution of the Main Agreement, the Customer hereby authorizes the Service Provider to carry out Processing of the Entrusted Personal Data as specified hereinafter (hereinafter the “Entrusted Processing”): Purpose of the Entrusted Processing: to provide the services specified in the Main Agreement Nature of the Entrusted Processing: all and any processing activities necessary to provide the services specified in the Main Agreement Categories of Entrusted Personal Data: Prescription data Categories of Data Subjects: Optician’s customers Duration of the Entrusted Processing: the duration specified under Article 4 hereunder. Besides, the Service Provider hereby informs the Customer of the following conditions for carrying out the Entrusted Processing: Location of Service Provider’s servers: Entrusted Personal Data may be stored by the Service Provider and/or its Processors authorized by the Customer in accordance with Article 3.1.7 hereunder in the following countries Thailand, India. List of Service Provider’s Processors: The list of the Service Provider’s Processors authorized by the Customer in accordance with Article 3.1.7 hereunder as of the date of entering this Data Processing Agreement is attached under Annex A of this Data Processing Agreement.
