Processing of personal data by the contractor Clause Samples

Processing of personal data by the contractor. The processing of personal data by the contractor shall meet the requirements of Regulation (EU) No 2018/1725 and be processed solely for the purposes set out by the controller. The contractor shall assist the controller for the fulfilment of the controller’s obligation to respond to requests for exercising rights of person whose personal data is processed in relation to this FWC as laid down in Chapter III (Articles 14-25) of Regulation (EU) No 2018/1725. The contractor shall inform without delay the controller about such requests. The contractor may act only on documented written instructions and under the supervision of the controller, in particular with regard to the purposes of the processing, the categories of data that may be processed, the recipients of the data and the means by which the data subject may exercise its rights. The contractor shall grant personnel access to the data to the extent strictly necessary for the implementation, management and monitoring of the FWC. The contractor must ensure that personnel authorised to process personal data has committed itself to confidentiality or is European Asylum Support Office ▇▇▇.▇▇▇▇.▇▇▇▇▇▇.▇▇ Tel: +▇▇▇ ▇▇▇▇ ▇▇▇▇ ▇▇▇▇@▇▇▇▇.▇▇▇▇▇▇.▇▇ MTC Block A, Winemakers Wharf Valletta, MRS 1917, MALTA

Processing of personal data by the contractor. Where during contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation, the following provisions apply: For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processor with regard to the personal data controller and that sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor Article 28 §3 of the GDPR). To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex [X] . Filling out and signing this annex is therefore a condition of regularity of the tender.

Processing of personal data by the contractor. This clause is not applicable to this FWC.

Processing of personal data by the contractor. Where during contract performance, the contractor processes personal data of the contracting authority or in execution of a legal obligation, the following provisions apply: For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. Given the public contract, it is to be considered that the contracting authority and the contractor will each be responsible, individually, for the processing.

Processing of personal data by the contractor. The processing of personal data by the Contractor shall meet the requirements of Regulation (EU) No 2018/1725 and be processed on behalf of Fusion for Energy, as “processor” solely for the purpose set out by the Data Controller. The Contractor may act only on documented instructions and under the supervision of the Data Controller, in particular with regard to the purpose of the processing, the categories of data that may be processed, the recipients of the data and the means by which the data subject may exercise its rights. The Contractor shall have measures in place to ensure that the data subjects can exercise their rights. The Contractor may be asked by Fusion for Energy to use ITER Organization IT applications that store information in data centers or similar premises located on the territory of the European Union (incl. back-up storage). The Contractor shall assist the Data Controller in the fulfilment of its obligation to respond to requests for exercising rights of persons whose personal data is processed in relation to this Contract as laid down in Chapter III (Articles 14-25) of Regulation (EU) No 2018/1725. The Contractor shall inform without delay the Data Controller of such requests. The Contractor shall grant its Staff access to the data to the extent strictly necessary for the implementation, management and monitoring of the Contract. The Contractor must ensure that Staff authorised to process personal data has committed itself to confidentiality or is under appropriate statutory obligation of confidentiality in accordance with the provisions of Article II.24 (Confidentiality). The Contractor shall adopt appropriate technical and organisational security measures, addressing the risks inherent in the processing, the nature, the scope, the context and the purpose of the processing, in order to ensure, as appropriate: (a) the pseudonymisation and encryption of personal data. Data in transit on public networks (e.g. internet) shall be encrypted. Other security measures than encryption of stored data may be defined during contract implementation (b) the ability to ensure continuous confidentiality, integrity, availability and resilience of processing systems and services;

Processing of personal data by the contractor. The processing of personal data by the Contractor shall meet the requirements of Regulation (EU) 2016/679 and be processed solely for the purposes set out by the controller.

Processing of personal data by the contractor. Where, during contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation, the following provisions apply. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract.

Processing of personal data by the contractor. Where during contract performance, the contractor may process personal data of the contracting authority exclusively in the name and on behalf of the contracting authority, for the sole purpose of performing the services in accordance with the provisions of the Tender Specifications or in execution of a legal obligation. For any processing of personal data carried out in connection with this public contract, the contractor is required to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. By simply participating in the contracting process, the tenderer certifies that he will strictly comply with the obligations of the GDPR for any processing of personal data conducted in connection with that public contract. The personal data that will be processed are confidential. The contractor will therefore limit access to data to the strictly necessary personnel for the performance, management and monitoring of the public contract. For the performance of the public contract, the contracting authority will determine the purposes and means of processing personal data. In this case, the contracting authority will be responsible for the processing and the contractor will be its processor, within the meaning of Article 28 of the GDPR. Processing carried out on behalf of a controller must be governed by a contract or other legal act that is binding on the processorwith regard to the personal data controllerandthat sets out that the subcontractor acts only on the instruction of the person in charge of the processing and that the confidentiality and security obligations regarding the processing of personal data are also the responsibility of the subcontractor - Article 28 §3 of the GDPR. To this end, the tenderer must fill out, sign and submit to the contracting authority the subcontracting agreement given in Annex 16.

Processing of personal data by the contractor. The processing of personal data by the contractor shall meet the requirements of Regulation (EU) 2018/1725 and be processed solely for the purposes set out by the controller. The contractor shall assist the controller for the fulfilment of the controller’s obligation to respond to requests for exercising rights of person whose personal data is processed in relation 5 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, ▇▇▇▇▇://▇▇▇-▇▇▇.▇▇▇▇▇▇.▇▇/legal- content/EN/TXT/?uri=celex%3A32018R1725 to this contract as laid down in Chapter III (Articles 14-25) of Regulation (EU) 2018/1725. The contractor shall inform without delay the controller about such requests. The contractor may act only on documented written instructions and under the supervision of the controller, in particular with regard to the purposes of the processing, the categories of data that may be processed, the recipients of the data and the means by which the data subject may exercise its rights.