GDPR. SAP and Customer agree that it is each party’s responsibility to review and adopt requirements imposed on Controllers and Processors by the General Data Protection Regulation 2016/679 (“GDPR”), in particular with regards to Articles 28 and 32 to 36 of the GDPR, if and to the extent applicable to Personal Data of Customer/Controllers that is processed under the DPA. For illustration purposes, Appendix 3 lists the relevant GDPR requirements and the corresponding sections in this DPA.
GDPR. 3. In accordance with Clause 9(2)(a), the data processor shall assist the data controller in notifying the personal data breach to the competent supervisory authority, meaning that the data processor is required to assist in obtaining the information listed below which, pursuant to Article 33(3)GDPR, shall be stated in the data controller’s notification to the competent supervisory authority:
GDPR. The Supplier undertakes to give the Client the necessary information on request and, in particular, to demonstrate the execution of the Technical and Organizational Measures.
GDPR. The processor undertakes to give the controller the necessary information on request and, in particular, to demonstrate the execution of the technical and organisational measures.
GDPR. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
GDPR. The Supplier entrusts only such employees with the data processing defined in this agreement who have been bound to confidentiality and have previously been familiarized with the data protection provisions relevant to their work. The Supplier and any person acting under its authority who has access to personal data may only process that data in accordance with the instructions of the Client (which includes the powers granted in this Agreement) unless otherwise required to do so by law. • The implementation and observance of all technical and organizational measures necessary for this Agreement in accordance with Art. 28 Para. 3 Sent. 2 Claus c, Art. 32 GDPR are specified in Appendix 2 of this Agreement. • The Supplier and the Client shall, upon request, cooperate with the supervisory authority in the performance of their duties. • The Client shall be informed immediately of any inspections and measures conducted by the supervisory authority, insofar as they relate to this Agreement or Contract. This also applies insofar as the Supplier is under investigation or is party to an investigation by a competent authority in connection with infringements to any civil or criminal law, administrative rule, or regulation regarding the processing of personal data in connection with the processing of this Agreement or Contract. • Insofar as the Client is subject to an inspection by the supervisory authority, an administrative or summary offence or criminal procedure, a liability claim of an Affected Person or a third party or any other claim in connection with the processing of the Agreement or Contract by the Supplier, the Supplier shall make every effort to support the Client to the best of his ability. • The Supplier shall regularly monitor the internal processes as well as the Technical and organizational measures to ensure that the processing in his area of responsibility is executed in accordance with the requirements of the applicable data protection law and that the rights of the Affected People are protected. • The Client may request documentation to verify the execution of the Technical and organizational measures taken by the Supplier in accordance with section 3 of this Agreement by completing the form at xxxxx://xxx.xxxxxxx.xxx/AV/TOM_en.pdf.
GDPR. The purpose of the data processing and our legitimate interest is the performance of the business relationship between us.
GDPR. Okta will Process Personal Data in accordance with the GDPR requirements directly applicable to Okta's provision of the Service.
GDPR. The contractor undertakes to provide the client with the necessary information upon request and, in particular, to prove the implementation of the technical and organizational measures.
GDPR. (2) The Controller is entitled to issue instructions concerning the nature, scale and method of data processing. Upon request by the Controller, the Processor shall confirm verbal instructions immediately in writing or in text form (e.g. by email).
