This data processing agreement is adapted by the DPA De ProtonMail which is on this page. Organizations can use the following document as part of their compliance with the RGPD. 8. The data protection impact analysis and the data protection subcontractor provide the company with appropriate support for all data protection impact assessments and prior consultations with supervisory authorities or other data protection authorities; that the company considers reasonably necessary in accordance with section 35 or 36 of the RGPD or equivalent provisions of another data protection law, in any case only with respect to the processing of the company`s personal data by contract processors and taking into account the nature of the processing and information available to processors. The following agreement between the entity and the supplier reflects the agreements they have entered into to facilitate the transmission of personal data to potential students between the parties acting as processing managers and specifies the purposes for which this personal data can be used. 7.2 Contracting parties keep a record of requests for access to consultation, decisions made and all information exchanged. The recordings must contain copies of the enquiries, details of the data collected and shared, and, if applicable, meeting notes, correspondence or telephone calls related to the request. 2.5 The transmission of personal data is necessary: in order to support the purposes agreed upon by both parties: 5.3 Both parties ensure that their confidentiality guidelines are clear with regard to the sharing of personal data and provide the persons concerned with sufficient information to understand what personal data the parties transmit, under what circumstances they are shared, the purpose of data sharing and either the identity with which the data is shared or a description of the type of organization that personal data receives. 9.3 Paragraph 9.2 does not apply to data transfers made by the data developer with respect to common personal data. 2.8 The entity will seek permission, on behalf of the supplier, for the purpose of sending marketing messages. This consent is passed on to the supplier when the shared personal data is transmitted for the supplier`s own records.
The Company provides the disclosed personal data listed in item 4 of this agreement only as a listing in point 2.5. As the data manager, the provider retains the responsibility to ensure that all uses of shared personal data comply with applicable data protection and data protection laws and regulations. 3.1 Each party must ensure compliance with existing national data protection legislation at all times during the campaign. (C) The parties are working to implement a data processing agreement in line with the requirements of the current legal framework for data processing and the 2016/679 European Parliament and Council 27 April 2016 on the protection of individuals in the processing of personal data and the free movement of personal data and repealing Directive 95/46/EC (General Data Protection Regulation). (B) The company wishes to provide the data processor with certain services that involve the processing of personal data. 11.1 The subcontractor may not transfer or authorize the transfer of data to countries outside the EU and/or the European Economic Area (EEA) without the company`s prior written consent. When personal data processed under this agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the parties ensure that personal data is adequately protected.