Sub Processing Agreement Gdpr

The terms “personal data”, “controller”, “data subject”, “processor” and “processing” have the meaning given to them under current data protection legislation or, in the absence of a definition thereof, the GDPR, and “process”, “process” and “process” with regard to customer data. In accordance with Article 28(3)(h), the agreement is to require: 18.1 amendments. The terms of this sub-processing agreement can only be modified by a written agreement between the parties. 2.5 Type of Data. Applivery processes the customer data provided by the customer. This data may contain specific categories of data depending on the customer`s use of the services. Customer data may be subject to the following processing activities: i) storage and processing necessary for the provision, maintenance and improvement of the services provided to the customer; (ii) to provide customer and technical support; and (iii) advertisements, as provided by law or otherwise defined in the Agreement. 2.4 Applivery processing of personal data. As a processor, Applivery only processes personal data for the following purposes: (i) processing to provide the services in accordance with the agreement; (ii) processing for the implementation of all steps necessary for the execution of the agreement; and (iii) to comply with other appropriate instructions from Customer, to the extent that they comply with the terms of this Agreement and only in accordance with Customer`s documented legal instructions.

The parties agree that this DPA and the agreement contain the customer`s complete and final instructions to Applivery regarding the processing of personal data and processing outside the scope of these instructions (if any), which require prior written consent between the customer and Applivery. 3.1.4 This Sub-Processing Agreement, including Annex 1 (Specification of Personal Data Processing), constitutes the complete instructions of the controllers of personal data under this sub-processing agreement, with the exception of any written instructions that the data controllers are required to provide during the term of the agreement in order to comply with applicable data protection legislation. . . .