Last revised: February 5th, 2019
This Data Processing Policy and its exhibits apply to the processing of Personal Data by the Company on behalf of a client in order to provide cloud services as agreed in the agreement with the Client.
The Company will take any measure to comply with the European General Data Protection Regulation (“GDPR”) in respect of the services applicable to the Client. The Company will not be responsible for determining the applicable privacy protection legislation of the Client and Client approves that the Company’s service meets the requirements of such legislation. Client is responsible for the lawfulness of the processing of Client’s personal data. Client undertakes to not use the service if such service violates any applicable data protection legislation.
If a Client disapproves the use of a specific subcontractor used by the Company, it may inform the Company with a written notice, and Company will reply within reasonable time if that specific subcontractor may be replaced for the Client’s needs, or that Client may terminate the agreement with the Company effectively from Company’s respond.
Company may use, for the purpose of its’ services, subcontractors and/or Sub-Processors which are established outside of the EU countries, by implementing the EU Standards Contractual Clauses and only to countries considered by the EU commission to have adequate protection of personal data.
Client confirms that the company’s security measures provide the Client appropriate level of protection for the Client’s personal data, in consideration with risks associated with the Client’s personal data.
The Company will not share Client’s personal data with third parties unless the Company instructed in writing by Client or required by law. Company will notify Client about disclosure requirements received from third parties and authorities, unless company was ordered otherwise.
Client will notify the company of any personal data breach, which Client becomes aware of, and the Company will assist the Client to investigate the personal data breach, with regard to the services provided to the Client on the Company’s network infrastructure and platforms.
The Company will verify that any of the Company’s employees and contractors which have access to Client’s personal data, signed with the Company a confidentiality agreement / undertaking with regard to Client’s personal data.
|Type of Data||**Timeline for Deletion (after deletion process begins) for Cancellation, Termination or Migration**|
Annex – A list of current subcontractors engaged with the Company