Privacy Declaration FastPay Solutions
FastPay Solutions Agency (hereinafter: 'we' or 'us') is committed to protecting your privacy. FastPay Solutions Agency processes the personal data in the capacity of controller in accordance with the European General Data Protection Regulation (hereinafter: 'GDPR'). The personal data obtained from you via this website will be processed in accordance with the applicable privacy regulations and will only be used in the manner described in this Privacy Statement.
1. Concepts
The terms stated below and above in this processing agreement have the following meaning:
1.1 Personal data: any information relating to an identified or identifiable natural person (“the data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
1.2 Processing: an operation or a set of operations relating to personal data or a set of personal data, whether or not carried out by automated processes, such as collecting, recording, organizing, structuring, storing, updating or changing, retrieving, consulting, using, providing by means of forwarding, distributing or otherwise making available, aligning or combining, blocking, erasing or destroying data;
1.3 Agreement: the agreement between FastPay Solutions Agency and the contractor regarding the provision of e-mail customer service;
1.4 Processor Agreement: this agreement including considerations;
1.5 Data subject: the person to whom personal data relates;
1.6 Data protection officer: the officer appointed by the client as referred to in Article 37 of the GDPR;
1.7 GDPR: General Data Protection Regulation, no. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;
1.8 Breach: a personal data breach as referred to in Article 4(12) of the GDPR.
2. Formation, duration and termination of the Processor Agreement
2.1 This processing agreement takes effect on the date on which the parties have signed the agreement.
2.2 This processing agreement will be in force during the term of the agreement. If the agreement ends, this processing agreement will end by operation of law.
2.3 None of the parties can terminate this processing agreement prematurely.
3. Object of the Processor Agreement
3.1 The contractor processes the client's personal data described in Appendix 1 on behalf of the client. The purpose of the processing is to fulfill the agreement and to provide customer service for the benefit of the client.
3.2 The Contractor will process the personal data in a proper and careful manner and in accordance with the GDPR and other applicable regulations regarding the processing of personal data.
3.3 The contractor only processes personal data on behalf of the client and follows all written instructions from the client in this regard, subject to deviating legal obligations.
3.4 The Contractor engages third parties for the implementation of the agreement. These third parties (mainly freelancers) may be located outside the EEA. The contractor ensures that these third parties handle the processing of personal data with due care, follow the written instructions of the client and are bound by a duty of confidentiality.
3.5 If the contractor is required to provide data on the basis of a legal obligation, the contractor will verify the basis of the request and the identity of the requester and inform the client immediately, if possible prior to the provision.
3.6 The parties will fully cooperate with each other to comply with the obligations under the GDPR within the legal terms, more in particular the rights of data subjects, such as, but not limited to, a request for inspection, improvement, addition, deletion or shielding of personal data and the execution of a successful registered objection.
3.7 If the contractor identifies (attempts to) an Infringement in connection with (a) personal data(s), including the occurrence of a data leak, it will immediately inform the client about this and provide all assistance to the client that it needs in this respect. considers making a notification to the Uk Data Protection Authority as referred to in Article 33 of the AVG. The Contractor will, not at its own expense, take all necessary measures to prevent or limit (further) violation of the GDPR or other regulations regarding the processing of personal data.
3.8 The provision of information by the contractor as referred to in the previous paragraph of this article includes in any case (but not limited to) providing the client with all information about:
What is the (alleged) cause of the Breach;
What the (as yet) known and/or expected consequence is;
What the (proposed) solution is;
And furthermore all information that the Client deems necessary.
3.9 The contractor also provides the client with full cooperation and assistance in adequately informing those involved in the context of the Data Leaks Reporting Obligation as it came into effect on 1 January 2016.
3.10 The client indemnifies the contractor against all fines imposed by the
the client may be imposed on the basis of the GDPR by the Dutch Data Protection Authority in respect of an infringement that has occurred that falls under the scope of this processing agreement.
3.11 the client and the contractor ensure that the Data Protection Officer (if appointed) is properly and timely involved in all matters related to the protection of Personal Data.
3.12 The contractor will assist the client in carrying out a data protection impact assessment as referred to in Articles 35 and 36 of the GDPR.
4. Applicable Terms
The provisions of the Agreement apply to this processing agreement and these go beyond the provisions of the processing agreement and are not deviated from.
5. Return of personal data
After the agreement and the processing agreement have ended, all personal data, copies and edits thereof, as well as all data carriers on which the personal data, copies or edits thereof have been or will be recorded, must immediately be returned or provided to the client (or a third party) at the first request of the client. third party to be designated by the client), or to be destroyed, all this at the discretion of the client. The costs involved in these efforts by the contractor will be borne by the client insofar as these costs are not included in the agreed prices and fees of the contractor arising from the performance of the agreement.
6. Liability and Indemnity
6.1 The contractor is not responsible or liable for a violation of any laws and regulations by the client.
6.2 The client indemnifies the contractor against claims from third parties and clients of the client.
7. Security
The client and the contractor will both implement appropriate technical and organizational security measures as described in Appendix 2 / Article 32 GDPR. These measures, taking into account the state of the art and the costs involved in the implementation and execution of the measures, will ensure an adequate level of protection, taking into account the risks that the processing of the Personal Data entails, and the nature thereof.
8. Confidentiality
8.1 The contractor is obliged to maintain the confidentiality of all personal data and information that it processes as a result of this processing agreement, except insofar as that data or information is apparently not of a secret or confidential nature, or is already generally known.
8.2 The Contractor guarantees that the persons authorized by it (freelancers or employees) to process the personal data have committed themselves to observe all confidentiality with regard to this personal data.
8.3 If and insofar as the Client expressly requests this in writing, the Contractor will take special measures with regard to the data or information indicated with a view to its confidentiality, which measures may include the destruction of the data or information concerned as soon as the need for The Contractor no longer has the right to take cognizance thereof.
8.4 After the end of the agreement and this processing agreement, this article 9 and the confidentiality discussed herein will remain in force for a period of five years.
9. Control
9.1 The Client can check the processing and compliance with the agreed technical and organizational security measures of the Contractor, or those of third parties engaged by the Contractor, or have it checked at any time it wishes. The client has the right to carry out an audit for the purpose of the operation of the processing agreement.
9.2 The contractor will provide the client with all information necessary to demonstrate by means of an audit that the processing agreement is being complied with.
The contractor will immediately inform the client if, in its opinion, an instruction constitutes a violation of the GDPR and/or other laws and regulations.
9.3 The Contractor will provide all reasonably necessary cooperation with the inspection and will ensure that the third parties engaged by it also provide the cooperation that is reasonably required for this purpose.
9.4 Carrying out an inspection may not lead to a delay in the work to be performed by the contractor in the context of the agreement and this processing agreement. In the unlikely event that this is the case, the parties will enter into consultation in order to find a solution as quickly as possible.
9.5 The inspection takes place at the expense of the client.
9.6 The contractor will implement the recommendations for improvement indicated by the client within the term agreed by the parties.
10. Final Provisions
10.1 Deviations from this Processing Agreement are only binding insofar as they have been expressly agreed in writing between the parties.
10.2 General terms and conditions of delivery or other general or special terms and conditions of the contractor do not apply to this processing agreement and are expressly rejected by the client.
10.3 This processing agreement supplements the agreement. In the event of a contradiction between provisions of this processing agreement and the agreement, the provisions of the agreement shall prevail.