Supplementary agreement to the GTC: order data agreement
This additional agreement specifies the data protection obligations of the contracting parties resulting from the conclusion of the contract for order data processing. They are thus a supplement to the General Terms and Conditions of 4-check AG, and are accepted by the customer together with the General Terms and Conditions.
1 Subject and duration of the contract
1.1 The 4-check quality software stores and processes the operational data collected from the customer within the scope of this contract.
1.2 The duration of the order depends on the duration of the contract concluded with the customer. The contract for permanent access is concluded for an indefinite period, depending on the customer’s wishes before the end of the test phase.
2 Scope, type and purpose of commissioned data processing and circle of data subjects
2.1 4-check AG takes over the technical operation of the software. The collection and use of the data as well as the processing on a professional level is carried out exclusively by the customer. The circle of affected persons is determined by the customer himself, since the collection of data is carried out exclusively by the customer.
3 Technical and organisational measures for data protection
3.1 Our systems are operated in one of the largest and most secure data centers in Europe on German territory. The data center is certified according to the latest security standards and can prove this at any time on request. Our servers are located in a physically locked data center to which only a small circle of people have access.
3.2 The data collected by the customer is stored in a password-protected location. The servers of 4-check AG are protected against external interference by double firewalls. 4-check AG assures that the software on the servers is promptly supplied with security updates and hotfixes in order to prevent the risk of access by third parties to the best of its ability.
3.3 The 4-check quality software makes a full backup of its customers’ data on a daily basis and backs up a copy of it in a separate computer centre, both spatially and organisationally.
4 Correction, blocking, deletion of personal data
4.1 The correction, blocking or deletion of personal data is carried out by the customer himself or on explicit instruction of the customer.
5 Duties of the customer and his controls
5.1 4-check AG undertakes to treat the customer’s data confidentially and to impose this obligation on all employees.
5.2 For questions regarding data protection, the customer can contact 4-check AG directly at the e-mail address [email protected]
6 Authorization to establish sub-contract relationships
6.1 4-check AG is entitled to enter into subcontractual relationships to fulfil the contract, in particular with data centre operators. Subcontractors are carefully selected, taking particular account of the suitability of the technical and organisational measures taken by them.
7 Control rights of the customer, toleration and cooperation obligations of the provider
7.1 4-check AG provides the customer with comprehensive documentation to check the technical and organisational measures. The data centre in charge of data storage is regularly certified to comply with data protection regulations. The certificates can be viewed here.
7.2 If the customer has any questions regarding data protection, he can contact 4-check AG.