Translators portal

Processor’s Agreement


Processor’s Agreement Tekom International

Tekom International established and having its place of business in Hoofddorp and registered in the Trade Register of the Chamber of Commerce under number 34073925, legally represented for this purpose by its director, Ingeborg Verduijn.

hereinafter referred to as: Tekom

 , resident at in , .

hereinafter referred to as the “Translator”.:

Tekom and the Translator shall jointly be referred to as: the “Parties” and individually as a “Party”.

Whereas:

(a) Tekom and the Translator have concluded an agreement (hereinafter: the Principal Agreement) for the performance of tasks in the field of translations in the broadest sense of the word;

(b) The Translator shall, in connection therewith, perform services on behalf of Tekom, as described in that Principal Agreement.

(c) Those services involve the processing of personal data, for which Tekom is responsible in accordance with the General Data Protection Regulation (hereinafter referred to as: the GDPR).

(d) The Translator shall solely process the relevant data on the instructions of Tekom and not for the Translator’s own purposes. The Translator is, in that regard, to be designated as a processor within the meaning of the GDPR.

(e) The GDPR imposes upon Tekom the obligation to ensure that the Translator takes suitable technical and organisational security measures to prevent the loss and/or any form of unlawful processing of the personal data concerned.

(f) The GDPR additionally imposes upon Tekom the obligation to supervise that those measures are adhered to.

(g) Including by virtue of the requirements laid down in Article 28(3) of the GDPR, the Parties wish to lay down in writing their mutual rights and obligations in connection with the Processing of Personal Data in the context of the services provided, by means of this Processor’s Agreement.

Article 1: General

1.1 This Processor’s Agreement shall apply in addition to the Principal Agreement and shall be attached to that Principal Agreement in the form of an addendum.

1.2 The stipulations in this Processor’s Agreement shall relate solely to the agreements between the Parties that apply in respect of the processing of personal data and the consequences thereof.

1.3 In the event that any differences are identified between the Principal Agreement and this Processor’s Agreement, the stipulations in this Processor’s Agreement shall prevail, in the event that the matter concerned involves the processing of personal data.

1.2 The terms in this Processor’s Agreement shall have the significance ascribed to them by the General Data Protection Regulation (hereinafter: GDPR) and by the Dutch DPA (hereinafter: DPA).

Article 2: Object of this Processor’s Agreement

2.1 The Translator undertakes to process the Personal Data made available to him/her with care in connection with the tasks arising from the Principal Agreement. The GDPR imposes upon Tekom the obligation to ensure that the Translator provides sufficient safeguards with regard to the technical and organisational security measures in relation to the processing steps to be performed.

2.2 An overview of the categories of Personal Data, the purposes for which these are being processed and the retention periods to the Personal Data being processed on behalf of Tekom, have been included in Appendix 1 to this Processor’s Agreement. 

Article 3: Compliance with the law and regulations

3.1 Tekom shall assign the processing of (Personal) data to the Translator in accordance with the relevant legislation and in connection with the performance of the Principal Agreement.

3.2 The Translator shall process the Personal Data on behalf of Tekom in accordance with Tekom’s instructions. The Translator shall inform Tekom without delay in the event that in the Translator’s judgement, the instructions contravene the applicable legislation governing the processing of Personal Data.

3.3 The Translator shall have no control over the Personal Data made available. The Translator shall not take any decisions regarding the receipt and use of the data concerned, the disclosure of the data to Third Parties or the period of time during which the data are stored. The control over the Personal Data provided under this Processor’s Agreement shall never come to reside with the Translator.

3.4 When processing the Personal Data in connection with the tasks named in the Principal Agreement, the Translator shall act in accordance with the applicable legislation and regulations governing the protection of Personal Data. The Translator shall process Personal Data solely when explicitly instructed to do so by Tekom and shall follow all reasonable instructions issued by the designated contact persons, notwithstanding any statutory obligations that may exist to the contrary. The Translator shall be obliged, in line with its own judgement, to make use of those means he/she deems necessary in order to pursue those objectives, taking into account the stipulations contained in this Processor’s Agreement.

3.5 In no cases shall the Translator process Personal data for its own purposes.

3.6 At all times and when first requested to do so by Tekom, the Translator shall immediately provide Tekom with all Personal Data originating from Tekom and all Personal Data to which it is justifiably entitled in relation to this Processor’s Agreement.

3.7 At such time that this Processor’s Agreement is terminated or discontinued or at any point in time when Tekom expressly requests it to do so in writing, the Translator shall, in a manner yet to be determined, destroy all Personal Data originating from Tekom in connection with this Processor’s Agreement.

3.8 The Translator shall lend Tekom his/her full and timely assistance in order to (i) following approval by and on the instruction of Tekom, allow data subjects to access the Personal Data that relates to them, (ii) delete or correct Personal Data, (iii) demonstrate that the Personal Data have been deleted or corrected if they are incorrect (or, in the event that Tekom does not agree that the Personal Data are incorrect, document the fact that the data subject regards his/her personal data to be incorrect) and (iv) enable Tekom to fulfil its obligations in accordance with the GDPR or any other applicable legislation of relevance to the processing of Personal Data.

3.9 The Translator shall enable Tekom at all times to fulfil its obligations in accordance with the GDPR within the statutory deadlines, more specifically the rights of the Data Subject, such as, but not restricted to, a request to inspect, rectify, supplement or protect Personal Data and the implementation of an objection that has been designated as approved.

3.10 The Translator shall ensure that the Personal Data are stored within the European Economic Area.

3.11 The Translator shall store and process the Personal Data originating from Tekom in such a way that it remains strictly separate from personal data that the Translator is processing on its own behalf or on behalf of third parties.

Article 4: Confidentiality obligation

4.1 Persons employed by or working on behalf of the Translator, and the Translator themselves, shall be obliged to uphold the confidentiality of the Personal Data of which they may become aware, except in so far as they are obliged by virtue of a statutory regulation or their task requires them to disclose the data concerned.

4.2 The Translator shall ensure that any person acting on his/her authority or who performs tasks relating to the Personal Data under the Translator’s responsibility is obliged to uphold the confidentiality of the Personal Data of which that person may become aware.

4.3 In the event that the Translator is obliged to disclose data in accordance with a statutory obligation, the Translator shall verify the basis of the request and the identity of the requestor and shall inform Tekom immediately, before disclosing any data, unless the Translator is prohibited from doing so by law.

Article 5: Security measures and audits

5.1 The sharing of Personal Data between the Parties shall be carried out by means of data encryption.

5.2 The Translator shall take all suitable technical and organisational measures to secure the Personal Data being processed on behalf of Tekom and to ensure that it remains secure against loss or against any form of negligent, inexpert or unauthorised use. Those measures shall, in all cases, include:

(a) measures to guarantee that only authorised personnel have access to the Personal Data for the purposes set out in Appendix 1

(b) measures, in accordance with which the Translator only grants his/her employees, subcontractors or third parties engaged by the Translator access to the Personal Data by means of accounts registered in their name, whereby the use of the accounts is adequately logged and the relevant accounts solely afford access to the Personal Data that the person concerned has a need to access

(c) measures to protect the Personal Data against unintentional or unlawful destruction, unintentional loss or alteration, unauthorised or unlawful storage, processing, access or disclosure

(d) measures to identify weaknesses in relation to the processing of the Personal Data within the systems being used to provide services to Tekom

(e) measures to guarantee the timely availability of the data, in accordance with the provisions set out in Appendix 2.

5.3 The Translator shall periodically subject his/her activities in connection with data security and its privacy policy to an (external) audit.
Tekom shall at all times be entitled to verify the processing of Personal Data. The Translator shall be obliged to grant admission to Tekom or the auditing body acting on behalf of Tekom and to lend assistance so that the audit can actually be carried out. The costs of an audit of this type shall be borne by Tekom, unless it can be demonstrated that the audit was performed due to the fact that the Translator is fundamentally failing to fulfil its obligations under the terms of this Processor’s Agreement.

5.4 Tekom shall only carry out the audit (or arrange for another party to do so) after the Translator has been notified in advance and in writing and shall not carry out an audit more than once a year.

5.5 The Translator undertakes to provide Tekom, or the third party engaged by Tekom, with the required information within the deadline specified by Tekom. This will enable Tekom, or the third party engaged by Tekom, to form an opinion as to whether the Translator is fulfilling its obligations under the terms of this Processor’s Agreement. Tekom, or the third party engaged by Tekom, shall be obliged to ensure that all information regarding these audits is kept confidential.

5.6 The Translator shall be responsible for ensuring that the recommendations for improvement indicated by Tekom or by the third party engaged by Tekom are enacted within the deadline to be determined by Tekom.

5.7 Once every two years, the Translator shall provide a report regarding the set-up, existence and operation of the system of measures and procedures focusing on fulfilment of the terms of this Processor’s Agreement.

Article 6: Engaging third parties

6.1 The Translator shall only be entitled to outsource the tasks involving the processing of Personal Data to third parties in full or in part after obtaining prior written permission from Tekom. When providing such permission in writing, Tekom shall be entitled to impose conditions with regard to confidentiality and the fulfilment of the obligations that exist by virtue of this Processor’s Agreement. In such cases, the Translator shall at all times remain the point of contact and shall retain responsibility for the fulfilment of the stipulations of this Processor’s Agreement.

6.2 The Translator shall impose, upon a third party engaged by him/her, the same obligations as, or more stringent obligations than, the ones imposed upon the Translator under the terms of this Processor’s Agreement. The relevant arrangements with the third party shall be laid down in writing. The Translator shall provide Tekom with a copy of the relevant Subprocessor’s Agreement(s) if requested.

Article 7: Duty of notification

7.1 The Translator shall carry out active monitoring to detect breaches of the security measures and shall inform Tekom of the results of those monitoring activities on a regular basis.

7.2 In the event that a Data Leak occurs that poses a considerable likelihood of serious, negative consequences or of serious, negative consequences with regard to the protection of Personal Data, the Translator shall inform Tekom of that Data Leak without delay, and in all cases within 24 hours.

7.3 The Translator shall make every effort to limit any negative consequences arising from the Data Leak as much as possible.

7.4 A notification must always be made to the Data Protection Officer or the Privacy Officer of Tekom and, in his/her absence, to Tekom’s Board of Directors.

7.5 The duty of notification shall in all cases encompass a notification stating that a leak has taken place and stating the (presumed) cause of the leak, the consequence (already known and/or to be expected), the (proposed) solution and all items, which the Translator ought reasonably to report so that the Data Leak can be followed up effectively by Tekom, both in liaison with the Dutch DPA and also with the Data Subjects.

7.6 In the event that the Translator receives a complaint or a request (for information) from a natural person in connection with the processing of Personal Data by the Translator, the Translator shall inform Tekom of this in writing within 1 week of receipt and shall adhere to the instructions from Tekom regarding the processing of that request.

7.7 In the event of an investigation into the Personal Data or in the event that the Personal Data are seized by government officials or if it is presumed that such an event is going to take place, the Translator shall inform Tekom of this immediately, within 24 hours.

7.8 The Translator shall lend assistance to Tekom at all times and shall adhere to the instructions from Tekom so as to enable Tekom to perform a proper investigation into an incident, to formulate a correct response and to take suitable follow-up steps in relation to the incident.

7.5 The Translator shall at all times have written procedures to hand that will enable him/her to provide Tekom with an immediate response in connection with an incident and that will enable the Translator to collaborate effectively with Tekom in order to deal with the incident. The Translator shall provide Tekom with a copy of such procedures if Tekom so requests.

Article 8: Liability, damage or penalties imposed by the DPA

8.1 In the event that the Translator fails to fulfil an obligation arising from this Processor’s Agreement, Tekom shall be entitled to issue a notice of default to the Translator. The Translator shall, however, be deemed to be in default with immediate effect if fulfilment of the obligation concerned is already permanently impossible other than as a result of force majeure within the agreed period. The notice of default shall be given in writing and shall grant the Translator a reasonable period in which to fulfil its obligations. That period shall constitute a final deadline. In the event that those obligations are not fulfilled within the specified period, the Translator shall be in default.

8.2 The Translator shall bear liability for all direct damage, losses or penalties imposed by the DPA as a result of a failure to fulfil or of contravening the regulations imposed by the GDPR and/or as a result of a failure to fulfil or contravening the stipulations of this Processor’s Agreement, up to the extent laid down in the Processor’s Agreement concluded with the Translator. The Translator shall indemnify Tekom against all claims from the DPA, the data subject(s) and/or third parties requiring the payment of the penalties or compensation for the loss or damage concerned.

8.3 The Translator shall be liable in respect of the aforementioned damage, losses or penalties from the DPA, in so far as these arose as a result of the Translator’s actions, or failure to act, while performing the tasks.

8.4 The Translator shall also be liable for any damage or losses arising from breaches of the privacy of data subjects (such as a data leak) that occur as a result of the Translator’s actions, or his/her failure to act, while performing the tasks.

Article 9: Commencement date, term, amendment and termination

9.1 This Processor’s Agreement shall commence once signed by both parties.

9.2 The term of this Processor’s Agreement shall correspond to the term of the Principal Agreement, unless otherwise agreed by the parties.

9.3 Obligations which, by virtue of their nature, are intended to remain in force after this Processor’s Agreement has been terminated, shall continue to apply without restriction after this Processor’s Agreement has been terminated. Amongst other things, this clause shall include those obligations that arise from the stipulations governing confidentiality, liability and the applicable law.

9.4 Amendments to the Processor’s Agreement can solely be effected in writing by means of a proposal agreed by both parties.

9.5 Once the collaboration has come to an end, the Translator shall destroy the Personal Data that he/she has received from or on behalf of Tekom, whatever the form of that data may be, and shall provide evidence of such destruction, unless the parties have agreed otherwise. Destruction must be carried out within a deadline to be specified and a report thereof must be drawn up.

9.6 Each of the parties shall be entitled to terminate the Processor’s Agreement with immediate effect in the event of force majeure, which shall include a situation in which the statutory rules are amended to such a degree that a continuation of the Processor’s Agreement cannot be demanded.

9.7 Notwithstanding the relevant stipulations in the Principal Agreement, either of the parties shall be entitled to suspend the performance of this Processor’s Agreement and the associated Principal Agreement or to dissolve the Processor’s Agreement with immediate effect without the involvement of a court, in the event that:
(a) the other party is dissolved or ceases to exist for any other reason
(b) the other party demonstrably fails to fulfil the obligations arising from this Processor’s Agreement and that serious, culpable failure has not been rectified within 30 days following the sending of a written notice of default to that effect
(c) one of the parties is declared insolvent or requests suspension of payments.

9.8 Termination van the Processor’s Agreement can only take place in accordance with the law and on the grounds laid down in this Processor’s Agreement.

Article 10: Applicable law

10.1 This Processor’s Agreement and all disputes that may arise from or be associated with it, shall be governed by the laws of the Netherlands.

10.2 Tekom and the Translator shall endeavour to resolve disputes that arise from or are associated with this Processor’s Agreement by means of consultation.

10.3 Disputes that cannot be solved on an amicable basis shall be brought before the competent court in the district in which Tekom is located.

Duly agreed and signed in duplicate

 

Translator                                                  Tekom       

 

 

Leave this empty:

Signature arrow sign here

Signed by Ingeborg Verduijn
Signed On: July 5, 2022


Signature Certificate
Document name: Processor’s Agreement
lock iconUnique Document ID: fd11bd2a6624bb8bc8e5f0486cb87b72e8471e9c
Timestamp Audit
September 7, 2021 11:31 am CETProcessor’s Agreement Uploaded by Ingeborg Verduijn - info@tekom.nl IP 217.67.228.180