Gemäß Art. 28 DSGVO / According to Art. 28 GDPR
The contractor (Benetos) processes personal data on behalf of the client as described in each project agreement. The type and scope of data processing are determined by the respective contract.
The personal data processed includes in particular: name, contact data, usage data, and any additional data defined in the respective project scope.
The processor processes personal data only in accordance with the client's instructions. The processor commits to confidentiality, implements appropriate technical and organizational measures, manages sub-processors properly, supports the client in fulfilling data subject rights, and deletes all data upon contract termination.
The processor ensures the protection of personal data through the following measures: HTTPS encryption of all data transmissions, access control to systems and data, regular backups, and incident notification within 72 hours.
A current list of sub-processors can be found at benetos.dev/subdienstleister.
This data processing agreement is valid for the duration of the underlying service agreement. It terminates automatically upon termination of the main contract.