Privacy Policy

PRIVACY POLICY The parties must comply with the rules and obligations imposed by the provisions in force regarding the protection of personal data. The parties are aware that the European rules in Regulation 679/2016 apply to any data controller or proxy located in the European Union and to any person who processes personal data of data subjects located in the European Union or providing services to them. Therefore, the Parties confirm full compliance with the following provisions, including but not limited to: the ability to respect the rights of data subjects to the deletion, correction or transfer of personal information, information in case of data breach of all relevant recipients, in a a maximum of 72 hours and, in the case of the Supplier no later than 24 hours from the time when such a breach of data security came to his attention, the fulfillment of all mandatory duties regarding the documentation of compliance with Regulation 679/2016. The parties may use the personal data of the signatories within the limits of the contract they have concluded, this being the legal basis for the processing of any additional processing or for another purpose is the subject of a separate data processing agreement concluded between the Parties. Also, the period of storage of personal data processed by the contract is limited to the period corresponding to the realization of the main object of the contract. Personal data exchanged between the Parties may not be made accessible or disclosed to unauthorized third parties or otherwise made available for use. Therefore, the Parties shall take all necessary technical and in particular organizational measures with regard to the obligations assumed by this clause: • prevent unauthorized persons from gaining access to the data processing systems with which personal data are processed or used; • prevent the unauthorized use of data processing systems; • ensure that persons who have the right to use a data processing system have access only to the data to which they have a right of access and that personal data cannot be read, copied, modified or deleted without authorization during processing, or use and after storage; • ensure that personal data cannot be read, copied, modified or deleted without authorization during electronic transmission or transport and that it is possible to check and determine to which bodies the personal data is to be transferred by means of data transmission; • ensure that they can verify and determine whether and by whom personal data have been entered, modified or deleted in / from the data processing systems; • ensure that, in the case of an action for the processing of personal data, the data are processed strictly in accordance with this contract concluded between the Parties • ensure that personal data is protected from destruction or accidental loss, ensure that data collected for different purposes can be processed separately.