Article 2.1.
The Processor undertakes to process personal data on behalf of the Controller under the conditions of this Processor Agreement. Processing will only take place in the context of executing the Agreement and for purposes to be determined with further consent.
Article 2.2.
The Controller himself determines which (types of) personal data he will have processed by the Processor and to which (categories of) data subjects these personal data relate. The Processor does not influence this.
Article 2.3.
The Processor will not process the personal data for any purpose other than as determined by the Controller. The Controller will inform the Processor of the processing purposes insofar as they have not already been mentioned in the Processor Agreement.
Article 2.4.
The personal data to be processed on behalf of the Controller remain the property of the Controller or the relevant person(s).
Article 2.5.
The Controller guarantees that the content, use, and instructions to process personal data as referred to in the Processor Agreement are not unlawful and does not infringe any rights of third parties. In addition, the
Responsible for: the processing of personal data falls under one of the exemptions under the GDPR, or if this is not the case, a notification will be sent to the Dutch Data Protection Authority; and that from 25 May 2018 it will keep a register of the processing operations regulated under this Processor Agreement.
Article 2.6.
The Controller indemnifies the Processor against all claims and claims related to non-compliance or incorrect compliance with the obligations from Article 2.5.