COMPETENT SUPERVISORY AUTHORITY Clausole campione

COMPETENT SUPERVISORY AUTHORITY. Identify the competent supervisory authority/ies in accordance with Clause 13: Italian Data Protection Authority Email account: ▇▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇ EXPLANATORY NOTE: The technical and organisational measures must be described in specific (and not generic) terms. See also the general comment on the first page of the Appendix, in particular on the need to clearly indicate which measures apply to each transfer/set of transfers. Description of the technical and organisational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons. 1 Measures to ensure confidentiality 2 Entrance control Is intended to prevent unauthorised persons from gaining physical access to data processing systems. Measures for building and room security. Applicable (if yes, please tick) Locking system ☒ Burglar-resistant windows/ Special glazing ☒ External security service ☒ Alarm system ☒ CCTV surveillance ☒ Access control concept ☒ Person verification at gatekeeper/reception desk ☒ Logging of visitor accesses / visitor book /visitor badges ☒ ID badges ☒ Electronic access code cards/ access transponders ☒ Security zones (visitor meeting, server rooms, workplaces, research) ☒ Existence of an authorisation overview for the security zones ☒ Self-closing doors are used when zones are crossed ☒ Authorisation cards (for individual zones) ☒ Key regulations ☒ Separately secured access to the server room ☒ Work instructions/guidelines regarding the locking of rooms when leaving/finishing work ☒ Careful choice of cleaning staff ☒ 3 Access Control Intended to prevent unauthorised access to and use of data processing systems. System security. Applicable (if yes, please tick) Role-based security concept/ assignment of user rights ☒ Creation of user profiles ☒ Authorisation management ☒ Avoidance of group identifiers ☒ Documented process for assigning rights when new employees join the organisation ☒ Documented process for withdrawing rights when employees change departments ☒ Documented process for withdrawing rights when employees leave the company ☒ Functional and/or time-limited assignment of user authorisations ☒ Use of individual passwords ☒ Login with user name and password ☒ Automatic password-secured locking of the screen after 10 minutes(screen saver) ☒ Password policy with minimum pa...

COMPETENT SUPERVISORY AUTHORITY. Commission Nationale de l'informatique et des Libertés (CNIL) TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA To protect Customer data, HP abides by a robust set of information security controls including policies, practices, procedures, and organizational structures to safeguard the confidentiality, integrity, and availability of its own and its customers’ information (including Personal Data as defined in HP’s Customer and Data Processing Addenda). The following sets forth an overview of HP's technical/organizational security measures throughout the company.

COMPETENT SUPERVISORY AUTHORITY. Identificare la o le autorità di controllo competenti conformemente alla clausola 13 Fare riferimento all’Autorità di protezione dei dati del Paese dell’ENTE: Garante per la protezione dei dati personali (“GPDP”) Garante per la protezione dei dati personali, ▇▇▇▇▇▇ ▇▇▇▇▇▇▇ ▇▇ -▇▇▇▇▇ ▇▇▇▇ (▇▇▇▇▇▇) Telefono +39 ▇▇.▇▇▇▇▇▇ e-mail ▇▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇ link: https// ▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇/▇▇▇/▇▇▇▇▇▇▇-▇▇▇▇▇▇▇- en. Identify the competent supervisory authority/ies in accordance with Clause 13 Please refer to the Data Protection Authority of the country of ENTITY: Garante per la protezione dei dati personali (“GPDP”) Garante per la protezione dei dati personali, ▇▇▇▇▇▇ ▇▇▇▇▇▇▇ ▇▇ -▇▇▇▇▇ ▇▇▇▇ (▇▇▇▇▇▇) Telefono +39 ▇▇.▇▇▇▇▇▇ e-mail ▇▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇ ▇▇▇▇▇://▇▇▇▇.▇▇▇▇▇▇.▇▇/▇▇▇▇▇-▇▇▇▇/▇▇▇▇▇- edpb/members_en ORGANIZZATIVE, COMPRESE MISURE TECNICHE E ORGANIZZATIVE PER GARANTIRE LA SICUREZZA DEI DATI ANNEX II TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA Le misure tecniche e organizzative devono essere descritte in termini specifici (e non generici). Si veda anche la nota esplicativa nella prima pagina dell’appendice, in particolare riguardo alla necessità di indicare chiaramente quali misure si applicano a ciascun trasferimento/insieme di trasferimenti.