Effective January 1, 2023

Data Processing Agreement

This Data Processing Agreement (the “Agreement”) forms part of, and is subject to, the Master Services Agreement (“MSA”) between ServiceChannel.com, Inc. (hereinafter “ServiceChannel”) and Customer (as defined in the MSA) (hereinafter “Customer”).  Each of the Customer and ServiceChannel is referred to as a “party” and jointly as the “parties”.

WHEREAS

(i)   Customer and ServiceChannel have entered into the Master Services Agreement under which ServiceChannel will provide Customer with the Services.

(ii)  ServiceChannel will process Customer Data (which may contain personal data) in the course of providing the Services;

(iii)  The parties now wish to enter into this Processing Agreement that governs ServiceChannel’s processing of such Customer Data.

NOW, THEREFORE, the parties agree as follows:

1. Definitions:

In this Processing Agreement, terms defined in the MSA have the same meanings when used here. In addition, the following terms shall have the following meanings:

(a)     “Controller”, “Data Subject”, “Processor” and “Special categories of personal data” shall have the meanings given to them by Data Protection Laws, in each case as applicable to the Services provided by ServiceChannel under this Agreement.

(b)     “Affiliates” means any entity which is controlled by, controls or is in common control with ServiceChannel.

(c)    “Business,” “Service Provider,” and “Consumer” have the same meaning provided in the CCPA, Cal Civ. Code § 1798.140.

(d)    “CCPA” means the California Consumer Privacy Act of 2018, Cal Civ. Code § 1798.100 et seq., its associated final regulations and their successors.

(e)     “Consumer” has the meaning given in Section 1798.140(i) of the CCPA.

(f)      “Customer” means the Customer that has executed the Master Services Agreement.

(g)     “Customer Personal Data” means Personal Data provided by Customer to ServiceChannel.

(h)     “Data Protection Laws” means (i) Regulation 2016/679 (General Data Protection Regulation) (the “EU GDPR“); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018 (the “UK GDPR“); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time;

(i)      “Personal Data” and “Personal Information” have the meanings ascribed under the Data Protection Laws and Section 1798.140(v), et seq. of the CCPA and includes any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

(j)      “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning).

(k)     “Restricted Transfer” means: (i) where the EU GDPR applies, a transfer of personal data from the European Economic Area to a country outside of the European Economic Area which is not subject to an adequacy determination by the European Commission; and (ii) where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not subject based on adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018;

(l)      “Sale” or “Sell” has the meaning provided in Section 1798.140(ad) of the California Civil Code, as of the date of execution of this Agreement, and as it may be amended from time to time during the Term of this Agreement.

(m)    “Share” has the meaning provided in Section 1798.140(ah) of the California Civil Code, as of the date of execution of this Agreement, and as it may be amended from time to time during the Term of this Agreement.

(n)     “Security Breach” has the same meaning as “personal data breach” as defined under the Data Protection Laws or as described under Cal. Civ. Code § 1798.150 of the CCPA.

(o)     “Standard Contractual Clauses” means: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission’s Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (“EU SCCs“); and (ii) where the UK GDPR applies, the “International Data Transfer Addendum to the EU Commission Standard Contractual Clauses” issued by the Information Commissioner under s.119A(1) of the Data Protection Act 2018 (“UK Addendum“).

(p)     “Sub-processor” means any outside entity engaged by ServiceChannel to process Personal Information on behalf of Customer or in order to provide the services specified in the Agreement.

2. Relationship of the parties; Compliance with law

2.1       Customer (the Controller) appoints ServiceChannel as a Processor to process the Personal Data contained within the Customer Data for the purposes described in this Agreement (or as otherwise agreed in writing by the parties) (the “Permitted Purpose“).  Customer acknowledges that ServiceChannel and its sub-processors may use Customer Data for product improvement, security and anti-fraud purposes.

2.2       Each party shall comply with the obligations that apply to it under applicable Data Protection Laws. If ServiceChannel becomes aware that processing for the Permitted Purpose infringes Applicable Data Protection Law, it shall promptly inform Customer.

2.3       ServiceChannel represents and warrants that it is a “Service Provider,” for the purposes of the Services it provides to Customer pursuant to the Agreement, according to the meaning given to that term in Section 1798.140(ag) of the California Civil Code, as of the date of execution of this Agreement, and as at it may be amended from time to time during the Term of this Agreement.

2.4       ServiceChannel represents and warrants that it is a sole proprietorship, partnership, limited liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners.

3. Processing of Customer Personal Data

3.1       Customer shall, in its use or receipt of the Services, process Customer Personal Data in accordance with the requirements of the Data Protection Laws and Customer will ensure that its instructions for the Processing of Customer Personal Data comply with the Data Protection Laws. Customer shall have sole responsibility for the accuracy, quality, and legality of Customer Personal Data and the means by which Customer obtained the Customer Personal Data.

3.2       During the Term of the MSA, ServiceChannel shall only Process Customer Personal Data on behalf of and in accordance with the MSA and Customer’s documented instructions. Customer instructs ServiceChannel to Process Customer Personal Data for the following purposes: (i) Processing in accordance with the MSA and any applicable orders; and (ii) Processing to comply with other reasonable instructions provided by Customer where such instructions are consistent with the terms of the MSA. ServiceChannel shall immediately inform Customer if it is unable to follow those instructions.

3.3       To the extent that Customer discloses a Consumer’s Personal Information to ServiceChannel, ServiceChannel shall Process that Personal Information only on behalf of Customer and pursuant to this Agreement.

3.4       ServiceChannel certifies that it shall not retain, use, or disclose a Consumer’s Personal Information for any purpose other than for the specific business purpose of performing the Services specified in the MSA except to the extent permitted as a Service Provider under the CCPA.

3 5       ServiceChannel certifies that it shall not combine the Personal Information it receives from, or on behalf of, the Customer with Personal Information that it receives from, or on behalf of, another person or persons, or collects from its own interaction with the Consumer, unless expressly permitted by and carried out in accordance with the CCPA.

3.6       Processor certifies that it shall not Sell or Share a Consumer’s Personal Information for any reason. Customer shall not provide ServiceChannel with any Sensitive Data.

4. Confidentiality of processing/ServiceChannel personnel

4.1       ServiceChannel shall ensure that any person it authorises to process the Customer Personal Data (an “Authorised Person“) shall protect the Customer Personal Data in accordance with ServiceChannel’s confidentiality obligations under this Agreement.

4.2       ServiceChannel shall ensure that its personnel engaged in the Processing of Customer Personal Data are informed of the confidential nature of the Customer Personal Data and are subject to obligations of confidentiality.

4.3       ServiceChannel shall ensure that access to Customer Personal Data is limited to those personnel who require such access to perform the Services.

4.4       ServiceChannel will appoint a data protection officer where such appointment is required by Data Protection Laws.

5. Security/Breach management and notification

5.1       ServiceChannel shall implement appropriate technical and organisational measures for protection of the security, confidentiality and integrity of Customer Personal Data as set out in Annex II to protect the Customer Personal Data from a Security Breach.

5.2       If ServiceChannel becomes aware of any Security Breach, ServiceChannel will promptly: (i) notify Customer of the Security Breach; (ii) investigate the Security Breach and provide Customer with information about the Security Breach; and (iii) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach.

5.3       Customer agrees that an unsuccessful Security Breach attempt will not be subject to this Clause 5. An unsuccessful Security Breach attempt is one that results in no unauthorized access to Customer Personal Data or to any of ServiceChannel’s equipment or facilities storing Customer Personal Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, or similar incidents.

5.4       Notification(s) of Security Breaches, if any, will be delivered to one or more of Customer’s business, technical or administrative contacts by any means ServiceChannel selects, including via email. It is Customer’s sole responsibility to ensure it maintains accurate contact information on ServiceChannel’s support systems at all times.

6. Subprocessing

6.1       Customer acknowledges and agrees that (i) ServiceChannel Affiliates may be retained as Sub-processors; and (ii) ServiceChannel may engage third-party Sub-processors in connection with the provision of the Services. Any such Sub-processors will be permitted to obtain Customer Personal Data only to deliver the services ServiceChannel has retained them to provide, and are prohibited from using Customer Personal Data for any other purpose. ServiceChannel will enter into a written agreement with each Sub-processor that imposes upon the Sub-processor obligations that are substantially similar to those imposed on ServiceChannel by this Agreement. ServiceChannel shall remain fully responsible to the Customer for the performance of the Sub-processor’s obligations under its contract with ServiceChannel.

6.2       ServiceChannel may continue to use those Sub-processors already engaged by ServiceChannel or any ServiceChannel Affiliate as at the date of this Agreement.

6.3       ServiceChannel shall give Customer prior written notice of the appointment of any new Sub-processor, including full details of the Processing to be undertaken by the Sub-processor. If, within 10 days of receipt of that notice, Customer notifies ServiceChannel in writing of any objections (on reasonable grounds) to the proposed appointment, ServiceChannel shall not appoint that proposed Sub-processor until reasonable steps have been taken to address the objections raised by the Customer and the Customer has been provided with a reasonable written explanation of the steps taken.

6.4       ServiceChannel shall not participate in (nor permit any Sub-processor to participate in) any other Restricted Transfers of Customer Personal Data (whether as an exporter or an importer of the Customer Personal Data) unless the Restricted Transfer is made in full compliance with Data Protection Laws and pursuant to Standard Contractual Clauses implemented between the exporter and importer of the Customer Personal Data.

7. Restricted transfers

7.1       The parties agree that when the transfer of Customer Personal Data from Customer to ServiceChannel is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:

(a)         in relation to Customer Personal Data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:

(i)      Module Two will apply;

(ii)     in Clause 7, the optional docking clause will apply;

(iii)     in Clause 9, Option 2 will apply, and the time period for prior notice of subprocessor changes shall be as set out in Clause 6.3 of this Agreement;

(iv)    in Clause 11, the optional language will not apply;

(v)     in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;

(vi)    in Clause 18(b), disputes shall be resolved before the courts of Ireland;

(vii)    Annex I of the EU SCCs shall be deemed completed with the information set out in Annex I to this Agreement;

(viii)   Annex II of the EU SCCs shall be deemed completed with the information set out in Annex II to this Agreement; and

(b)         in relation to Customer Personal Data that is protected by the UK GDPR, the UK Addendum will apply completed as follows:

(i)           The EU SCCs, completed as set out above in clause 7.1(a) of this Agreement shall also apply to transfers of such Customer Personal Data, subject to sub-clause (ii) below;

(ii)     Tables 1 to 3 of the UK Addendum shall be deemed completed with relevant information from the EU SCCs, completed as set out above, and the options “neither party” shall be deemed checked in Table 4. The start date of the UK Addendum (as set out in Table 1) shall be the date of this Agreement; and

(c)         in the event that any provision of this Agreement contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.

7.2       In the event that the current UK Addendum or EU SCCs are superseded or replaced by new standard contractual clauses, the parties agree that such new standard contractual clauses shall automatically apply to the transfer of Customer Personal Data from the Customer to ServiceChannel and shall be deemed completed on a mutatis mutandis basis as described in Clause 7.1 above.

8. Cooperation and Data Subjects’ rights

8.1       To the extent Customer, in its use or receipt of the Services, does not have the ability to correct, amend, restrict, block or delete Customer Personal Data, as required by Data Protection Laws, ServiceChannel will use commercially reasonable efforts to comply with reasonable requests by Customer to facilitate such actions to the extent ServiceChannel is legally permitted to do so.

8.2       ServiceChannel shall, to the extent legally permitted, promptly notify Customer if it receives a request from a Data Subject to exercise their rights under GDPR, or of any consumer request to exercise his or her rights under the California Consumer Protection Act. ServiceChannel shall not respond to any such Data Subject request without Customer’s prior written consent except to confirm that the request relates to Customer. ServiceChannel shall provide Customer with commercially reasonable cooperation and assistance in relation to the handling of a Data Subject’s request, to the extent legally permitted and to the extent Customer does not have access to such Customer Personal Data through its use or receipt of the Services.

9. Termination; deletion or return of Data

9.1       This Agreement shall terminate automatically on termination or expiration of the MSA.

9.2       Upon termination or expiry of the MSA, ServiceChannel shall (at Customer’s election) destroy or return to Customer, to the extent possible, all Personal Data in its possession or control in accordance with ServiceChannel’s data retention policies which adhere to requirements of Data Protection Laws, and in a manner consistent with the terms of the Agreement. This requirement shall also not apply to the extent that ServiceChannel is required by applicable law to retain some or all of the Personal Data, or to Personal Data it has archived on back-up systems, in which event ServiceChannel shall securely isolate and protect from any further processing except to the extent required by such law until deletion is possible.

10. Audit

10.1      Customer acknowledges that ServiceChannel is regularly audited against SSAE 18 SOC 1 and SOC 2 standard by independent third-party auditors.  Upon request, ServiceChannel shall supply a summary copy of its audit report(s) to Customer, which shall be subject to the confidentiality provisions of the MSA.

10.2      Any request for ServiceChannel to provide assistance with an audit is considered a separate service if such audit assistance requires the use of resources different from or in addition to those required by law.  Customer shall reimburse ServiceChannel for any time spent for any such audit at the rates agreed to by the parties. Before the commencement of any such audit, Customer and ServiceChannel shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which Customer shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by ServiceChannel. Customer shall promptly notify ServiceChannel with information regarding any non-compliance discovered during the course of an audit.

10.3      ServiceChannel shall provide reasonable cooperation to Customer (at Customer’s expense) in connection with any data protection impact assessment that may be required under Applicable Data Protection Law.

11. Limitation of Liability

This Agreement is subject to the limitations of liability and disclaimers in the MSA.

12. Parties to this Agreement

Nothing in this Agreement shall confer any benefits or rights on any person or entity other than the parties to this Agreement.

13. Legal effect

This Agreement shall only become legally binding between Customer and ServiceChannel when signed by both parties. If this document has been electronically signed by either party such signature will have the same legal affect as a handwritten signature.

14. General

14.1      This Agreement shall be governed by and construed in all respects in accordance with the governing law and jurisdiction provisions in the MSA, provided that, in the event of a conflict between the Agreement and this Agreement with regards to the processing of Personal Data, this Agreement shall control.

14.2      This Agreement may be executed in any number of counterparts, each of which is an original and all of which evidence the same agreement between the parties.

14.3      Other than as set out in this Agreement, the MSA shall remain in full force and effect.

ANNEX I
A.   LIST OF PARTIES
Data exporter(s): [Identity and contact details of the data exporter(s) and, where applicable, of its/their data protection officer and/or representative in the European Union]

Name:	As per the MSA
Address:	As per the MSA
Contact person’s name, position and contact details:	As per the MSA
Activities relevant to the data transferred under these Clauses:	Sending personal data to ServiceChannel in accordance with the MSA
Signature and date:	As per the execution of the MSA
Role (controller/processor):	Controller

Data importer(s): [Identity and contact details of the data importer(s), including any contact person with responsibility for data protection]

Name:	ServiceChannel.com, Inc.
Address:	6200 Stoneridge Mall Road, Suite 450, Pleasanton, CA 94588
Contact person’s name, position and contact details:	Brian Chase, General Counsel, bchase@servicechannel.com
Activities relevant to the data transferred under these Clauses:	Receiving and further processing personal data from the Customer in accordance with the MSA
Signature and date:	As per the execution of the MSA
Role (controller/processor):	Processor

B.   DESCRIPTION OF TRANSFER

Categories of data subjects whose personal data is transferred	Personnel of the Customer Persons contracted by the Customer through ServiceChannel’s platform
Categories of personal data transferred	Personnel of the Customer: name; address; email address; phone number; log data (e.g. IP address, device ID, device location, cookies); details of the facilities management services being provided (date, time, location, services, comments, reviews, fees) Persons contracted by the Customer through ServiceChannel’s platform: name; address; email address; phone number; log data (e.g. IP address, device ID, device location, cookies); details of the facilities management services being provided (date, time, location, services, comments, reviews, fees)
Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.	None
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis).	Continuous based on Customer’s use of the ServiceChannel platform.
Nature of the processing	ServiceChannel operates a cloud-based, independent facilities management solution to allow its customers to more efficiently source, procure, manage and pay for third party contractor-delivered and internal technician repair and maintenance services, enabling their organizations to enhance their corporate brand image, drive significant savings, improve compliance and mitigate operational risk. The ServiceChannel platform combines web and mobile work order management applications with an industry-leading analytics engine for a complete source-to-settle facilities management solution. ServiceChannel helps customers keep external contractors, suppliers, and other third-party partners accountable for services they have performed or have agreed to perform. The platform provides unbiased, independent data on third-party contractor performance.
Purpose(s) of the data transfer and further processing	The provision of services under the MSA.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period	The duration of the processing will be the same as the duration of the provision of services under the MSA.
For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing	Where ServiceChannel engages sub-processors it will do so in compliance with the terms of the EU SCCs. The subject matter, nature and duration of the processing activities carried out by the sub-processor will not exceed the subject matter, nature and duration of the processing activities as described in this Annex.

C.   COMPETENT SUPERVISORY AUTHORITY

Identify the competent supervisory authority/ies in accordance with Clause 13:

The supervisory authority in the country in which the main establishment or the single establishment of the controller is located.

 

 

ANNEX II
Security Measures
ServiceChannel will at all times remain responsible and liable for the following commercially reasonable transfer security measures:

TRANSFER SECURITY MEASURES	IMPLEMENTED MEASURES
Measures of pseudonymisation and encryption of personal data	Pseudonymization character masking swapping k-anonymity Encryption HTTPS encryption for data in transit (using TLS 1.2 or greater) on every login interface, using industry standard algorithms and certificates. Encryption of data at rest using the industry standard AES-256 algorithm
Measures for ensuring ongoing confidentiality, integrity, availabilty and resilience of processing systems and services	Confidentiality Virtual Private Network (VPN) Multi-Factor Authentication (MFA) Differentiated rights system based on security groups and access control lists. Secure transmission of credentials using TLS 1.2 (or greater) Passwords require a defined minimum complexity. Initial passwords must be changed after the first login. Automatic account locking Guidelines for handling of passwords Access controls to infrastructure that is hosted by cloud service provider Access right management including authorization concept, implementation of access restrictions, implementation of the “need-to-know” principle, managing of individual access rights. Training and confidentiality agreements for internal staff and external staff Network separation Segregation of responsibilities and duties Restrict access to personal data to the parties involved in the processing in accordance with the “need to know” principle and according to the function behind the creation of differentiated access profiles. Integrity Secure network interconnections ensured by firewalls etc. Logging of transmissions of data from IT system that stores or processes personal data Logging authentication and monitored logical system access Logging of data access including, but not limited to access, modification, entry and deletion of data Documentation of data entry rights and logging security related entries Web Application Firewall (WAF) Availability and Resilience Customer data is backed up to multiple durable data stores and replicated across multiple availability zones. Protection of stored backup media
Measures for ensuring the ability to restore the availability and access to personal Data in a timely manner in the event of a physical or technical incident	Continuity Planning and Disaster Recovery Plan Disaster recovery processes to restore data and processes Recovery Time Objective (RTO) Recovery Point Objective (RPO) Maximum Tolerable Downtime (MTD) Capacity management measures to monitor resource consumption of systems as well as planning of future resource requirements. Procedures for handling and reporting incidents (incident management) including the detection and reaction to possible security incidents. Productive data is backed up hourly in incremental form and daily as a full backup. All backups are kept redundant and in encrypted form (AES-256).
Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures in order to ensure the security of the processing	Testing of emergency equipment Documentation of interfaces and personal data fields Internal and external audits Security checks (e.g. penetration tests) conducted by external parties SOC 1 and 2 audits Regular benchmarking and testing with industry standards, e.g. SANS Top 20 Controls for Internet Security, NIST guidelines, etc.
Measures for user identification and authorisation	Secure network interconnections ensured by VPN, MFA, firewalls etc. Logging of transmissions of data from IT system that stores or processes personal data Logging authentication and monitored system access Access to data necessary for the performance of the particular task is ensured within the systems and applications by a corresponding role and authorization concept in accordance to the “need-to-know” principle. Web Application Firewall (WAF)
Measures for the protection of Data during transmission	Remote access to the network via VPN tunnel and end-to-end encryption HTTPS encryption for data in transit (using TLS 1.2 or greater)
Measures for the protection of Data during storage	System inputs recorded via log files Access Control Lists (ACL) Multi-factor Authentication (MFA)
Measures for ensuring physical security of locations at which personal Data are processed	Subdivision of the facility into individual zones with different access authorizations; Physical access protection (e.g. steel doors, windowless rooms or secured windows); Electronic access control system to protect security areas; Monitoring of the facility by security services and access logging to the facility; Video surveillance of all security-relevant security areas, such as entrances, emergency exits and server rooms; Central assignment and revocation of access authorisations; Identification of all visitors by verification of their identity card and registration (a log of visitors is kept); Mandatory identification within the security areas for all employees and visitors; Visitors must be accompanied by employees at all times.
Measures for ensuring events logging	Remote logging Hash chaining Replication Central Security Event and Information Management (SIEM) system
Measures for ensuring system configuration, including default configuration	Access Control Policy and Procedures Baseline configuration identification Configuration Planning and Management Configuration Change Management Configuration Status Accounting Configuration Verification and Audits Mobile device management
Measures for internal IT and IT security governance and management	Dedicated and identified person to oversee the company’s information security and compliance program SOC 1 and 2 audit
Measures for certification/assurance of Processes and products	Information security or quality management certifications such as SSAE 18 Type 2 SOC 1 and SSAE18 Type 2 SOC2
Measures for ensuring Data minimisation	Technological barriers to the unauthorised linking of independent sources of data. Limitation to the level of detail used in personal data processing: for example, through techniques such as k-anonymity and obfuscation. Deletion of metadata generated during certain processes that are not necessary for the pursued goal.
Measures for ensuring Data quality	Process for the exercise of data protection rights (right to amend and update information) Clear documentation of requirements for all data conditions and scenarios Restrict access to personal data to the parties involved in the processing in accordance with the “need to know” principle and according to the function behind the creation of differentiated access profiles. Rigorous data profiling and control of incoming data Data pipeline design to avoid duplicate data Quality Assurance team Enforcement of data integrity
Measures for ensuring limited data retention	The existence of clear retention schedules and policies Testing of effectiveness
Measures for ensuring accountability	Assign responsibility to ensure end-user privacy throughout the product lifecycle and through applicable business processes. Data protection impact assessments as an integral part of any new processing initiative. Document all decisions that are adopted within the organisation from a “privacy design thinking” perspective.
Measures for allowing Data portability and ensuring erasure	Documented processes in relation to the exercise by users of their privacy rights (e.g. right of erasure or right to data portability) Use of open formats such as CSV, XML or JSON.
Applied restrictions or safeguards for sensitive data (if applicable)	Encrypting or hashing special category data, although not an explicit legal requirement, should be the norm

English             Deutsch                       Español                        Français (France)                      中文(简体)