However, depending on the severity and nature of the injury, there are two levels of fines. Fines imposed on the RGPD for breaches of data processors are generally covered by the first stage, whose guidelines can be as serious as 10 million euros or 2% of global turnover. In any case, it is much less painful to sign a data processing agreement and to comply with the terms than to pay a penalty from the RGPD. We hope this guide will help. Other easy-to-digest helps for RGPD compliance can be accessed in our RGPD checklist. This HubSpot data processing agreement and its appendices („DPA”) reflect the agreement between the parties regarding the processing of personal data that we have entered into on behalf of you in relation to HubSpot subscription services, in accordance with The HubSpot customer terms between you and us (also known as „Agreement” in this DATA agency). 2. The parties agree that the decision taken by the person concerned does not infringe on his or her physical or procedural rights of appeal, in accordance with other provisions of national or international law. d. Notification and objection to new subprocessors. We will notify you of the changes made to the subcontractors by updating Schedule 4 of this data protection authority and will give you the opportunity to object to the obligation of the new subprocessor for reasonable reasons related to the protection of personal data within 30 days of the update of Schedule 4 of this authority.

If you express such an objection to us, the parties will discuss your concerns in good faith in order to reach an economically reasonable solution. If no such solution can be found, we will not name the new subprocessor or allow you to suspend or terminate the subscription service in accordance with the termination provisions of the contract without any of the parties being held liable (without prejudice to the costs you receive prior to the suspension or termination). The subcontractor only processes personal data on and in accordance with the instructions of the processor. The subcontractor does not process personal data without prior written agreement with the person in charge of the processing or without written instructions from the person in charge of processing beyond what is necessary to meet its obligations to the person in charge of the processing in accordance with the contract. Depending on the Name Offers and Conventions and the Environment of the Manager, personal data as it can be found in a computer name, username or file name, or technical artifacts intended for the purposes described by the Data Protection Authority. ……………………………………………………………………………………………………………………………………………………………………………………………… Specific data categories (if any) Personal data transmitted relates to the following specific data categories (please specify): With respect to international data transfers, Privacy Shield is an authorized solution as personal data is transferred from the EEA to the United States, but in which data is transferred across many borders , other solutions, such as standard contractual clauses approved by the European Commission or binding business rules, may be more appropriate.

Categories: