Last updated on August 31, 2023.
All processing operations are required to provide the Product, and the complementary services based on the Main Contract concluded with the Customer (such as collection, processing, analysis, transfer, and storage).
Measures to prevent unauthorized persons from accessing data processing systems with which personal data are processed.
The Service is a PaaS service consumed by EasyLife and governed by Microsoft 365. There is no physical access to such environments.
Measures to prevent the use of data processing systems by unauthorized persons:
Measures to ensure that those authorized to use a data processing system can only access the data subject to their access rights and that personal data cannot be processed, used, or stored without authorization, read, copied, modified, or removed:
Measures to ensure that personal data cannot be read, copied, altered, or removed without authorization during electronic transmission or while being transported or stored on data carriers and that it can be verified and ascertained to which bodies the transmission of personal data using data transmission facilities is intended:
Measures to ensure that it is possible to verify at a later date whether and by whom personal data can be entered, modified, or removed in data processing systems:
Measures to ensure that data further processed on behalf and in agreement with the data controller are only processed on its instructions:
Measures to ensure that personal data is protected against accidental destruction or loss:
Measures to ensure that personal data collected for different purposes are processed separately:
Name | Address | Processing purpose |
---|---|---|
Microsoft | Blackthorn Road - 18 Dublin, Ireland | Provision of Azure infrastructure and execution of API calls to the customer’s tenant |
HubSpot | 277 Rue Saint-Honoré in Paris, France | CRM for contract and contact management |
Bexio | Alte Jonastrasse 24 - 8640 Rapperswil, Switzerland | Billing system |
Date | Article | Subject of change |
---|---|---|
2023-08-31 | 3.1 | the understanding under GDPR |
2023-08-31 | 5.4 | Clarifying: The use of such Data is only to increase the Security and Quality of the Products of EasyLife; compliant with the regulatory requirements. |
2023-08-31 | 7.1 | a) laid down in Chapter III, b) This shall not apply in the cases where the support became necessary due to (i) a breach of law applicable to the data processing under this DPA and/or (ii) a breach of this DPA, by EasyLife. |
2023-08-31 | 7.4 | , unless the reason for the inspection was caused by (i) a breach of law applicable to the data processing under this DPA and/or (ii) a breach of contract, by EasyLife. |
2023-08-31 | 7.5->7.6 | Change in section number |
2023-08-31 | 7.7 | Clarifying 7.5 and 7.6: If and as far as Customer has reasonable grounds to believe, that the provided documents or procedures in 7.5 or 7.6 are insufficient or do not enable Customer to comply with his obligations under GDPR, Customer may conduct an inspection according to sec. 7.4. In cases of urgency or outstanding importance such inspections are not bound to business hours or prior notification |
2023-08-31 | 8.2 | (e.g. if the subcontractor does not fulfill the requirements of Art. 28 para 1 GDPR), |
2023-08-31 | 9.2 | a) according to Customer’s instructions b) or c) and d) The return and/or destruction shall be confirmed |