Specific Measures. In particular, the Provider has adopted and maintains the following measures to ensure an adequate level of security: a) pseudonymisation and encryption of personal data; b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services - the measures in place and their correct functioning will be regularly controlled; c) the ability to restore the availability of and access to personal data in a timely manner in the event of physical or technical incidents; d) a process for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures in place to ensure the security of processing; e) prevention of unauthorised persons from gaining access to personal data and prevention that personal data will be used without authorization; f) persons authorized to process personal data have access only to those personal data they need and are authorized to access, and that personal data cannot be read, copied, altered or removed without authorisation during processing; g) personal data cannot be modified or deleted without authorisation during electronic transmission, transport or storage, and that the recipient entities for any transfer can be established and verified; h) all accesses to personal data are logged (entry control); i) personal data are processed only in accordance with instructions; j) personal data are not exposed to the Customer by default in the MobileApp, but only on request from the Customer.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement