Processing Control Clause Samples

Processing Control. Ensuring compliant data processing in accordance with instructions. Measures (technical/organizational) for defining the responsibilities between the Client and the Supplier: ● The software and system architecture allow for the implementation of instructions from the client regarding the input, modification, or removal of personal data. ● The selection of subcontractors by the Supplier has been conducted with careful consideration, particularly regarding data security. ● Control rights over the Supplier have been defined. ● The Supplier’s employees are bound by confidentiality obligations. ● Data destruction after the completion of the assignment is ensured.

Processing Control. Control of contract performance • The contract contains detailed information on the purpose of the controller’s personal data as well as the prohibition of use of the personal data by the processor not specified in the contract • The contract contains detailed information on the nature of the data processing and the use of personal data by the controller • The processor designated a data protection officer and ensures appropriate and effective involvement in relevant operational processes • Data Processing Agreements are in place with all other relevant processors • A comprehensive order procedure is in place including the existence of an offer and order • Placing an order is a formalised procedure (form) • A general security concept is in place • All employees with access rights have committed themselves to confidentiality in written form • All employees received instructions/guidelines/leaflets giving information on measures implemented to ensure a security of data as well as IT security • If an error occurs with regards to the processing of data or if the processor becomes aware of a personal data breach they will inform the controller immediately