Telf:11.4. There is no limitation of liability if and to the extent that the damage is due to negligence or gross negligence on the part of the party concerned or its managers. The term “treatment” appears in this article with a repugnant frequency. In the definitions of the RGPD, the treatment essentially refers to everything you can do with a person`s personal data: collection, storage, monetization, destruction, etc. Subject to this section 9, is the processor managed without delay and, in all cases, within this site, by the encrypted messaging provider ProtonMail (and partly funded by the European Union`s Horizon 2020 programme). As part of our RGPD compliance efforts, we have made our own data processing agreements available to all our users for download, control and signature. 6.4. The processing manager only makes personal data available to the subcontractor for processing purposes if he ensures that the necessary security measures have been taken. The person in charge of the treatment is responsible for the compliance of these security measures by the parties. Our DATA AGENCY provides a number of guarantees to companies that entrust us with personal data. For example, ProtonMail`s data processing agreement promises the use of technical security measures, such as encryption, in accordance with Article 32 of the RGPD. In addition, it provides appropriate support to those responsible for processing in the implementation of a data protection impact assessment. “data protection legislation”: (a) RGPD; and/or b) the Federal Data Protection Act of 19 June 1992 (Switzerland), as well as all data protection laws, replace or replace the bulk of the RGPD, the Swiss Federal Data Protection Act and/or other applicable EU national data protection laws, or applicable national/federal or provincial data protection laws, where appropriate, statutes, decisions, guidelines, codes of conduct, codes of conduct and data protection certification mechanisms adopted from time to time by the relevant judicial or regulatory authority with respect to the handling of personal data and privacy.
All of these documents must be submitted in writing and made available to a supervisory authority at the request of the supervisory authority. Organizations with fewer than 250 employees are exempt from these requirements, unless they regularly process data that could jeopardize the rights and freedoms of the individuals concerned, including, but not limited to, the processing of specific categories of data or information relating to criminal hisities. 10.1. The processing manager has the right to have audits of the subcontractor carried out by an independent third party bound by confidentiality obligations, in order to verify compliance with security requirements, compliance with the RGPD, unauthorized use of personal data by the subcontractor`s staff, compliance with the processing agreement and all related problems. 4.2. The responsible owner ensures and guarantees that the content, use and instructions for the processing of personal data are lawful under this contract for the processing of personal data and do not infringe the rights of a third party. Sharing data processing responsibilities with a third party creates a risk that needs to be managed. Some third parties help you manage this risk through insurance.