Monitoring rights of the Controller. (1) The Controller shall be entitled, after prior notification in good time and during normal business hours, to carry out an inspection of compliance with the provisions on data protection and the contractual agreements to the extent required, either himself or through third parties, without disrupting the Processor’s business operations or endangering the security measures for other Controller and at his own expense. Controls can also be carried out by accessing existing industry-standard certifications of the Processor, current attestations or reports from an independent body (such as auditors, external data protection officers or external data protection auditors) or self- assessments. The Processor shall offer the necessary support to carry out the checks.
Monitoring rights of the Controller. 8.1 The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual case. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services. The Processor shall ensure that the Processing activities carried out by any sub-processors, sub-contractors or any third parties which the Processor may use to attain its Purpose and provide its Services meet the requirements laid down in this Agreement and in Applicable Law.
Monitoring rights of the Controller. (1) The Controller shall at all times be entitled to monitor compliance with the provisions on data protection and the contractual agreements to the extent necessary, and may perform the inspections itself or using third parties, in particular by obtaining information and inspecting the stored data and systems as well as other on-site checks. The Parties shall agree on the time of the inspection or auditing and other details ahead of time and at latest fourteen (14) days before the inspection. The auditing shall be carried out in a way that does not impede the obligations of Processor or its subcontractors in regard to third parties. The representatives of the Controller and the auditor must sign conventional non-disclosure commitments.
Monitoring rights of the Controller. The Processor agrees that the Controller or a person commissioned by the Controller shall be entitled to monitor compliance with the provisions on data protection and the contractual agreements to the necessary extent, in particular by obtaining information and requesting relevant documents or access to the Processor's offices during the designated business hours after prior notification. Appropriate and valid IT security certificates (e.g. IT-Grundschutz, ISO 27001) can also provide proof of proper processing, provided that the respective object of the certification also applies to data processing on behalf in a specific case. However, providing a relevant certificate does not waive the obligation of the Processor to document the security measures within the meaning of Section 3 of this Agreement.
Monitoring rights of the Controller. 8.1. The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor. The Controller has the right to convince itself of the compliance with this Agreement by the Processor in its business operations by means of random checks, which are to be announced in advance with good time. These rights of the Controller shall not extend to facilities which are operated by sub- processors, sub-contractors or any third parties which the Processor may use to attain the Service Objectives and provide its Services. The Processor shall ensure and proof to the reasonable satisfaction of the Controller that the processing activities carried out by any sub-processors, or sub-contractors which the Processor may use to attain the Service Objectives and to provide its Services meet the requirements laid down in this Agreement and in Applicable Law.
Monitoring rights of the Controller. The Controller may carry out control visits and/or audits on the Processor’s business premises before the start of the Processing and in regular intervals thereafter in order to verify compliance of the technical and organizational measures implemented by the Processor with the Agreement or appoint auditors to do so.
Monitoring rights of the Controller. The controller has the right to carry out the checks envisaged in Art. 28 Para. 3 Sub-Para. 1 point h) GDPR – including inspections - or to arrange to have them carried out by examiners who are to be appointed on a case-by-case basis. It shall be entitled to ensure the processor is complying with the provisions of this agreement in its business by conducting random checks that must generally be announced in good time. The processor agrees to make the relevant evidence available and give the controller any information it requests and requires to fulfill its obligation to control data processing contracts. With regard to the monitoring obligations in respect of the controller, the processor shall make sure the controller is able to monitor the implementation of the agreed technical and organisational measures to fulfil the monitoring obligations to be assumed by the controller in accordance with point
Monitoring rights of the Controller. 7.1 The Controller has the right, after consultation with the Processor, to carry out inspections or to have them carried out by an auditor to be designated in each individual case. The Processor agrees to contribute to such inspections and reserves the right to invoice the Controller for any reasonable costs incurred by the Processor in contributing to such inspections.
