2.2 Data Entry Control (check whether and by whom personal data is introduced, modified or deleted into a data processing system): the main service does not store, modify or delete data records as long as the system allows. It is possible to track the user who has made changes to the data. 7.6 The transfer of personal data by the data processor to the subcontractor and the subcontractor`s processing of the data is only completed after all requirements have been met. You`ll find Microsoft`s contractual obligations regarding the RGPD in addendum data protection for online services, which provides Microsoft`s privacy and security obligations, data processing conditions and RGPD conditions for Microsoft-hosted services, which customers subscribe to under a volume licensing agreement. These conditions require Microsoft to impose section 28 of the RGPD and other relevant articles of the RGPD on processors. 5.7 The data manager is required to immediately inform the data manager whether a breach of personal data may pose a high risk to a natural person`s rights and freedoms. (Article 34, paragraph 1) The RGPD requires a contract between each manager and a subcontractor when personal data is transmitted. This means that Microsoft is either required to sign its customer`s processor agreement, or if microsoft offers a product or service to the customer, Microsoft can then write the contract. The RGPD also requires a subcontractor (Microsoft) not to accept the personal data of a processing manager in the absence of a contract and notify the person in charge.
So the question is, where is the processor addendum for the RGPD? It is certainly not on the resource side of the RGPD. SalesForce has one. Oracle has one. AWS has a way out. 5.1 The data processor must comply with the European Parliament`s and 27 April 2016 General Data Protection Regulations (EU) 2016/679 on the protection of individuals with respect to the processing of personal data and the free movement of such data), as well as the legal instruments and national legislation that flow from it. Can someone help me and tell me where I can download or get this deal? 3.2 In all EU data centres, the data processor will take appropriate and necessary technical and organisational security measures against accidental destruction, loss or tampering with personal data and will ensure that such data is not disclosed and diverted to unauthorized persons or treated in violation of the law. What I really need is a DPA for Office 365 or instructions where I find it or if it is already covered in the licensing agreement. 5.8 The data processor is responsible, on the basis of a subcontract, for the subcontractor to meet at least the obligations to which the data processor is subject in accordance with the requirements of the General Data Protection Regulation and this data processing agreement and related annexes. 5.4 To the extent that the person in charge of the processing is subject to control by the supervisory authority, an administrative offence or criminal procedure, a claim of liability by a person or a third party, or another claim related to the processing of orders or contracts by the data processor, the data processor endeavours to assist the data manager.