12 - PERSONAL DATA PROVIDED BY THE CLIENT
In the context of the Services, Dedimax.com provides hosting services of Data of the Client.
Therefore, Dedimax.com is the sub-contractor of the Client, acting as controller, regarding all Data published by the Client.
Dedimax.com shall only process the Data for the sole purpose(s) that is the reason of the Service.
Dedimax.com ensures the privacy of the Data.
Data shall be stored for the duration of the Service.
Dedimax.com shall make sure that the persons authorised to process the Personal Data:
Undertake to respect privacy or are under an appropriate legal obligation of privacy.
Receive the necessary training regarding the protection of Personal Data.
Dedimax.com takes into account, in terms of its tools, products, applications or services, the principles protecting the data from the creation and protecting the data by default.
Insofar as possible, Dedimax.com shall help the Client to fulfil his/her obligation to answer the requests to exercise the rights of the concerned persons: right of access, right to rectification, right to erasure and to object, right to limit the processing, right to data portability, right not to be subject to an automated individual decision (including profiling).
When the concerned persons request to Dedimax.com to exercise their rights, Dedimax.com shall address these requests upon receipt by email using the email address provided by the Client.
Dedimax.com shall inform the Client of any breach of the personal data within a maximum of forty (48) hours after hearing about the breach and by electronic (phone, email, etc.) or postal means. This notification shall be paired with any useful documentation in order to allow the Client, when necessary, to inform the competent control authority about this infringement.
The notification shall contain at least:
The description of the nature of the personal data breach including where possible, the categories and the approximate number of persons concerned by the breach and the categories and the approximate number of personal data records concerned;
The name and contact details of the Data Protection Officer or any other contact point where additional information can be obtained;
The description of the likely consequences of the personal data breach;
The description of the measures taken or proposed to be taken to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
Where, and in so far as it is not possible to provide the information at the same time, the information may be provided in phases without undue delay.
The Client will have to inform the control authority and the concerned persons.
Dedimax.com undertakes to implement the relevant safety measures, especially (where applicable):
Pseudonymisation and coding of these personal data;
Means to ensure the continual privacy, integrity, availability and resilience of the processing systems and services;
Means allowing to restore availability of the personal data and access to this data within the appropriate period of time in case of physical or technical incident;
A procedure aiming to regularly test, analyse and assess the efficiency of the technical and organisational measures implemented to ensure the safety of processing.
Dedimax.com provides the Client with the documentation necessary to demonstrate compliance with all of its obligations.
The Client also undertakes to comply with the applicable regulation on Personal Data.
The Client assures he/she received all of the necessary consents for the publication of any Data including a personal data, and limits the use to the purposes he/she received an authorisation for. The Client will pay for all damages Dedimax.com may be sentenced to for this reason, as well as for all of its expenses of any kind.
Dedimax.com shall be free to suspend or terminate the Services of the Client in the event he/she did not comply with the regulation when using the Services, without any compensation or refund, on the basis the Client's breach of contract.