Versions Compared

Old Version 2

changes.mady.by.user Sami Lindgren

Saved on

compared with

New Version Current

changes.mady.by.user Sami Lindgren

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The terms “Data Controller”, “Data Processor”, “Data Subject”, and “Personal Data” have the meanings given to these terms in the GDPR or secondarily in the EU Data Protection Law.

PARTIES AND PURPOSE

This Data Processing Policy (“DPP”) is attached to and supplements the IDaaS Trial Terms and Conditions  ("Agreement") between the Company, who acts as the Data Controller,  and Ubisecure Oy, who acts as the Data Processor.

The purpose of this DPP is to set out the terms and conditions for the processing of Personal Data by the Data Processor on behalf of the Data Controller, in accordance with the requirements of the applicable EU Data Protection Laws.

APPLICABILITY

This Data Processing Policy only applies in respect of Your Controlled Data, when your Data Subjects are residents within the EEA or Switzerland.

...

In case of any conflict between the terms of the Agreement and the terms of this DPP, the relevant terms of this DPP shall take precedence, unless expressly stated otherwise.

PROCESSING ROLES AND ACTIVITIES

Ubisecure is the Data Processor for Your Controlled Data. The Data Controller is responsible for ensuring that their instructions comply with all laws, regulations and rules applicable in relation to Your Controlled Data and that Your Controlled Data is collected lawfully by you or on your behalf and provided to us by you in accordance with such laws, rules and regulations. The Data Controller will also ensure that the processing of Your Controlled Data in accordance with your instructions will not cause or result in us or you breaching any laws, rules or regulations (including EU Data Protection Law). Ubisecure will not access or use Your Controlled Data except as provided in the Agreement, as necessary to maintain or provide the Services or as necessary to comply with the law or binding order of a governmental, law enforcement or regulatory body.

...

Ubisecure audits. Ubisecure may (but is not obliged to) use internal or external auditors to verify the adequacy of our security measures.

RIGHTS AND RESPOSIBILITIES OF THE DATA CONTROLLER

The Data Controller shall

...

This Annex forms a part of the DPP.

1.    CATEGORIES OF DATA SUBJECTS

The Data Processor processes Personal Data on the following categories of Data Subjects:

  • Employees, including job applicants and agency contract workers
  • Customers and customer employees
  • Potential customers and employees of potential customers
  • Partners, such as suppliers and their employees

 2 2.    TYPES OF PERSONAL DATA

The Data Processor processes Personal Data on the following categories of Data Subjects:

...