PBENG Clause Samples
The PBENG clause typically refers to provisions related to performance bonds and engineering guarantees in contracts. It outlines the requirements for the contractor to provide a performance bond or similar security, ensuring that the project will be completed according to agreed specifications and timelines. For example, it may specify the amount, form, and duration of the bond, as well as the conditions under which it can be called upon by the client. The core function of this clause is to protect the client from financial loss if the contractor fails to fulfill their contractual obligations, thereby allocating risk and ensuring project completion.
PBENG. 1.05 Baseline format The requirements for the implementation of the privacy legislation are presented in the form of a standards framework. This standards framework is based on the ▇▇▇▇ method. The requirements are structured on the basis of a template in which the elements “who”, “what” and “why” are addressed. In principle, an answer is given to the question: "who does what and why?". *** Tabelletje invoegen A conformity indicator is a (sub) standard that must be met in order to meet the criterion (the main standard). Conformity indicators in the text of the main standard take the form of a keyword that identifies the sub standard. You can say that every underlined keyword is defined and elaborated in the form of measures. For each conformity indicator, one or more measures (/ 01, / 02, etc.) are formulated, on the basis of which a statement is possible on the relevant conformity indicator. In many cases, the explanatory notes to the framework provide further explanation of the measures.
PBENG. U Execution domain PBENG-U.T1 Objective PBENG-U.T2 Risk
PBENG. 1.01 Process personal data yourself or outsource After we have determined that we have to process personal data to achieve a certain objective, we must also determine whether we do so in the role of controller or processor. A controller has to determine the purpose and means for the relevant processing (s) of personal data; a processor processes personal data on behalf of or for the benefit of a controller. These roles can coincide; an organization may also choose not to process (certain) personal data itself (including the choice not to collect and store (certain) personal data). When outsourcing the processing or when processing personal data from another party, agreements must be made between the controller and the processor. These agreements can be recorded in a contract which we will call the 'Data Processing Agreement' in this Privacy Baseline. This is a common, but not official term from the GDPR. The agreements may also follow from another legal act under Union law or Member State law. It is important that, among other things, responsibilities are appointed, for example with is accountable and where data subject can find a contact point with regard to processing. When exchanging data between two controllers, it is also advisable to include details in which the parties agree on the sharing of data, for example that the sharing of the data is lawful and takes place safely. There must always be a valid basis for the processing of the personal data: of course this also applies to processing for a different purpose. The receiving party is responsible for the technical and organizational measures necessary for the security of the data.
PBENG. 1 Principle of the GDPR and the baseline
PBENG. U.01 Data Processing Purpose The basic principle of purpose limitation is that data are processed and collected for a specific, explicit and legitimate purposes. ‘Specific and explicit’ means that no data may be collected without a precise purpose description. The purpose must be determined before the collection is started. 'Specific' means that this description must be so clear, that it offers a framework during the collection process for testing whether the data is necessary for that purpose or not. The purpose may also not be formulated in the course of the collection process. ‘Explicit’ means that the controller should have defined the purpose of data collection.