PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR Sample Clauses

The "Processing of Personal Data by a Subcontractor" clause defines the rules and responsibilities for how a subcontractor must handle personal data on behalf of the main contractor or data controller. Typically, this clause requires the subcontractor to process personal data only according to documented instructions, maintain appropriate security measures, and comply with relevant data protection laws such as the GDPR. Its core function is to ensure that personal data remains protected and that both parties are clear on their obligations, thereby reducing the risk of data breaches and legal non-compliance.
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. During contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor Article 28 §3 of the GDPR).
View SourceView Similar (8)
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. PROCESSING OF PERSONAL DATA BY A CONTROLLER (RECIPIENT) During contract performance, the contractor may process personal data of the contracting authority or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. Given the public contract, it is to be considered that the contracting authority and the contractor will each be responsible, individually, for the processing.
View SourceView Similar (7)
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. OPTION 1: PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR During contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] . Filling out and signing this annex is therefore a condition of regularity of the tender.
View SourceView Similar (5)
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. 21 4.5 Intellectual property (Art. 19 to 23) 21 4.6 Performance bond (Art. 25 to 33) 22 4.7 Conformity of performance (Art. 34) 22 4.8 Changes to the procurement contract (Art. 37 to 38/19) 22 4.8.1 Replacement of the contractor (Art. 38/3) 22 4.8.2 Adjusting the prices (Art. 38/7) 22
View SourceView Similar (4)
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. During contract performance, the contractor may process personal data of the contracting authority or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. Given the public contract, it is to be considered that the contracting authority and the contractor will each be responsible, individually, for the processing.
View SourceView Similar (3)
PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR. During contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] . Filling out and signing this annex is therefore a condition of regularity of the tender.
View SourceView Similar (3)

Related to PROCESSING OF PERSONAL DATA BY A SUBCONTRACTOR

  • Processing of Personal Data 1.1. With regard to the Processing of Personal Data, You are the controller and determine the purposes and means of Processing of Personal Data You provide to Us (“Controller”) and You appoint Us as a processor (“Processor”) to process such Personal Data (hereinafter, “Data”) on Your behalf (hereinafter, “Processing”). 1.2. The details of the type and purpose of Processing are defined in the Exhibits attached hereto. Except where the DPA stipulates obligations beyond the Term of the Agreement, the duration of this DPA shall be the same as the Agreement Term. 1.3. You shall be solely responsible for compliance with Your obligations under the applicable Data Protection Laws, including, but not limited to, the lawful disclosure and transfer of Personal Data to Us by upload of source data into the Cloud Service or otherwise. 1.4. Processing shall include all activities detailed in this Agreement and the instructions issued by You. You may, in writing, modify, amend, or replace such instructions by issuing such further instructions to the point of contact designated by Us. Instructions not foreseen in or covered by the Agreement shall be treated as requests for changes. You shall, without undue delay, confirm in writing any instruction issued orally. Where We believe that an instruction would be in breach of applicable law, We shall notify You of such belief without undue delay. We shall be entitled to suspend performance on such instruction until You confirm or modify such instruction. 1.5. We shall ensure that all personnel involved in Processing of Customer Data and other such persons as may be involved in Processing shall only do so within the scope of the instructions. We shall ensure that any person Processing Customer Data is subject to confidentiality obligations similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Processing.

  • Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach. 2. The data processor’s notification to the data controller shall, if possible, take place within 24 hours after the data processor has become aware of the personal data breach to enable the data controller to comply with the data controller’s obligation to notify the personal data breach to the competent supervisory authority, cf. Article 33

  • Types of Personal Data Contact Information, the extent of which is determined and controlled by the Customer in its sole discretion, and other Personal Data such as navigational data (including website usage information), email data, system usage data, application integration data, and other electronic data submitted, stored, sent, or received by end users via the Subscription Service.

  • Categories of Personal Data The categories of personal data that we will process in connection with the Plan are the Grantee’s: • name; • date of birth; • job title; • home address (and, if different, mailing address) and postal code; • telephone number; • social insurance, national insurance, US taxpayer and/or foreign tax identification number; • salary; • country of citizenship and nationality; • any Common Stock or directorships held in any of the Relevant TriMas Companies; • details of all awards or any other entitlement to Common Stock awarded, cancelled, exercised, vested, unvested or outstanding in Grantee’s favour; and • reference number (where relevant to link the Grantee’s benefits under the Plan to other documentation issued to or from the US Department of the Treasury Internal Revenue Service). The processing of the personal data set out above is mandatory in order for the Relevant TriMas Companies to provide and administer the Plan.