Access to Audit. 6.1 Plandisc makes any information available to the Customer that is required to demonstrate compliance with the requirements of Article 28 in the Regulation. 6.2 The Customer is entitled to commence an audit of Plandisc's obligations pursuant to the Data Processing Agreement once every year. If the Customer is obliged pursuant to current legislation, an audit may be made more than once every year. In connection with a request for an audit, the customer must send a detailed audit plan, including a description of the extent, duration and commencement date, at least four (4) weeks before the suggested commencement date. It must be agreed jointly between Plandisc and the Customer if a third party is to do the audit. However, the Customer may let Plandisc determine that the audit, for security reasons, must be performed by a neutral third party at Plandisc's option, if the processing environment includes data from several data subjects. 6.3 Under all circumstances, the audit must take place during normal office hours at the relevant facility in accordance with Plandisc's policies and cannot unfairly interfere with Plandisc's general commercial activities. 6.4 The Customer is liable for all costs related to the audit. Any assistance from the data processor in this regard, which exceeds the general service that Plandisc must provide as a result of current data protection legislation, will be invoiced separately.
Appears in 2 contracts