Common use of Pseudonymisation Clause in Contracts

Pseudonymisation. Personal data is processed in such a way that the data can no longer be assigned to a specific data subject without additional information being provided, given that such additional information is kept separately and is subject to appropriate technical and organisational measures. • Definition of the pseudonymisation rule, possibly based on personnel, customer or patient identification numbers (use of UUID v4) • Authorisation: Determination of persons authorised to manage the pseudonymisation process, carry out pseudonymisation and, if necessary, de-pseudonymisation • Random generation of assignment tables or secret parameters used in an algorithmic pseudonymisation • Protection of assignment tables or secret parameters, both against unauthorised access and against unauthorised use • Separation of data to be pseudonymised into identifying information to be replaced and further information

Pseudonymisation. Personal data is processed in such a way that the data can no longer be assigned to a specific data subject without additional information being provided, given that such additional information is kept separately and is subject to appropriate technical and organisational measures. • Definition of the pseudonymisation rule, possibly based on personnel, customer or patient identification numbers (use of UUID v4) • Authorisation: Determination of persons authorised to manage the pseudonymisation process, carry out pseudonymisation and, if necessary, de-pseudonymisation • Random generation of assignment tables or secret parameters used in an algorithmic pseudonymisation • Protection of assignment tables or secret parameters, both against unauthorised access and against unauthorised use • Separation of data to be pseudonymised into identifying information to be replaced and further informationinformation sample

Pseudonymisation. Personal The processing of personal data is processed in such a way that the data can no longer be assigned to a specific data subject without additional information being provided, given that such additional information is kept separately and is subject to appropriate technical and organisational measures. • Definition of the pseudonymisation rule, possibly based on personnel, customer or patient identification numbers (use of UUID v4) • Authorisation: Determination of persons who are authorised to manage the pseudonymisation process, process and carry out pseudonymisation and, if necessary, de-pseudonymisation • Random generation of assignment tables or secret parameters used in an algorithmic pseudonymisation • Protection of assignment tables or secret parameters, both against unauthorised access and against unauthorised use • Separation of data to be pseudonymised into the identifying and the further information to be replaced and further informationreplaced II. Integrity (Art. 32 [1] [b] GDPR)