Data Protection Commission Data Processing Agreement

11.1 The subcontractor shall not (authorize) the processing of personal data for the treatment of officials outside the European Economic Area, unless (a) such processing is carried out in a country which, according to the European Commission, has stated that it has “appropriate” data protection legislation; or (b) the subcontractor has taken all necessary measures to ensure that such processing of personal data for the processing of personal data is in line with the provisions of EU data protection legislation. The federal party can reasonably contradict the subcontractor who uses a new subcontractor (for example. (b) if the provision of personal data to the subcontractor violates or weakens the protection of the data protection of the subcontractor by immediately notifying the subcontractor in writing within five (5) working days of receiving the subcontractor`s notification, in accordance with the mechanism described in Section 5.2. This opinion must explain the reasons for the objection. In the event that the responsible order is contrary to a new subcontractor, as permitted in the previous paragraph, the subcontractor will make reasonable economic efforts to make available to the subcontractor an amendment to the agreement or recommend an economically appropriate change in the configuration or use of the contract of the processing manager in order to avoid the processing of personal data by the new subcontractor in question. , without imposing an undue burden on the person in charge of the treatment. If the transformer is unable to provide such a change within a reasonable period of time of no more than thirty (30) calendar days, any party may terminate the applicable agreement, which cannot be made available by the transformer without the use of the new offending subcontractor transformer, by written notification to the processor. Processing managers can only use subcontractors who can provide sufficient safeguards to take appropriate technical and organizational measures to ensure that their treatment meets the requirements of the RGPD and protects the rights of those concerned. This Splitmetrics Data Processing Agreement (DPA), which contains the standard contractual clauses adopted by the European Commission, reflects the agreement between the parties on the terms of processing of personal data in accordance with the terms of use (“the agreement”). This DPA is an amendment to the agreement and will enter into force as soon as the agreement is adopted. measures to prevent unauthorized persons from accessing computer systems (including databases) available in premises and facilities, 9.2 Subject to the agreement, the subcontractor may retain personal data to the processing managers to the extent authorized or required by the Data Protection Act, provided that the subcontractor guarantees the confidentiality of all personal data of the persons responsible for processing and ensures that the persons responsible for the processing are they are treated only for legal purposes. In particular, the processor can keep longer certain personal data of controllers such as end-user IDFA (IDFA (ID For Advertisers iOS), Id Android, Google Advertiser ID ID (GAID), which are recognized by the processor that it is involved in fraudulent activities. The processor collects and analyzes this data to develop and develop its fraud detection technologies.