Online replicators and backups: Production databases are designed, where possible, for you to replicate data between no less than 1 primary database and a secondary database. All databases are secure and managed by at least industrial methods. The agreement must say that the subcontractor at the end of the contract: processors and subcontractors are obliged to take appropriate technical and organisational measures to ensure the security of all personal data they process, which may include, if necessary, EU data protection legislation: the personal data of EU citizens can be processed by another party outside the European Union. , provided they sign a legal agreement governing this treatment. This is what they call the DPA IT agreement. Detection: We have designed our infrastructure to record a lot of information about system behavior, received traffic, system authentication and other application requirements. Internal systems have aggregated the protocol data and warn the appropriate personnel of malicious, involuntary or abnormal activities. Our staff, including security, operations and assistance personnel, respond to known incidents. The contract must contain these conditions in order to ensure the continued protection of personal data after the end of the contract.
This reflects the fact that it is ultimately up to the processing manager to decide what will happen to the processing of personal data once the processing is complete. When the customer`s personal data is downloaded as the Services is used, you can access, edit or delete data by connecting to the Services with general protocols and tools. After changing or deleting the customer`s personal data, the original data can be stored in the backup memory for up to ninety (90) days. At the end or expiry of the Services and at the Customer`s written request, CloudAccess.net will erase all personal data of the Client that is in his possession or under his control. This requirement does not apply, as CloudAccess.net is legally required to retain some or all of the Client`s personal data, or to the Personal Data of the Client that he has stored in the backup memory, which takes CloudAccess.net reasonable steps that are protected from further processing, unless required by law. It is likely that your client, who is also a data manager, will simply tell you what to do. In addition, as a data processor, you should take all the steps of the organization and comply with the technical requirements set by the data protection authority. In some cases, processing managers may require a subcontractor to certify or develop business rules approved by EU regulators. However, there is a very low probability that this will happen, as there is no standard RGPD certification yet and all available options are too complicated. This duration of the contract should apply to subcontractor staff as well as all temporary and third-party workers who have access to personal data. c. Even if the data importer is unable to pass on a subcontract to the data exporter, the parties agree that the data importer makes available to the data exporter (on a confidential basis) all the information it needs under such a subcontracting agreement.
The agreement should be as clear as possible on how the subcontractor will assist the processing manager in fulfilling its obligations. (e) to process without delay and formal any request from the exporter of data concerning the processing of personal data subject to transmission and to comply with the advice of the supervisory authority when processing the transmitted data; 8.