Measures for user identification and authorisation. Only authorised internal and external users through user identification and authorisation get access to the dedicated private area where the data is made available from Controller to Processor and vice versa. Users or resources will be granted access only to permissioned systems that are necessary to fulfil their roles and responsibilities. Furthermore, users or resources will be provided with the minimum privileges on their accounts which are necessary to fulfil their specific roles and responsibilities.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement