Document toolboxDocument toolbox

11. Inspection and audit

  1. The Data Processor shall make available to the Data Controller all information necessary to
    demonstrate compliance with Article 28 of the General Data Protection Regulation and this Data
    Processing Agreement, and allow for and contribute to audits, including inspections performed by
    the Data Controller or another auditor mandated by the Data Controller.

  2. The procedures applicable to the Data Controller’s inspection of the Data Processor are specified
    in Appendix C to this Data Processing Agreement.

  3. The Data Controller’s inspection of sub-processors, if applicable, shall as a rule be performed
    through the Data Processor. The procedures for such inspection are specified in Appendix C to this
    Data Processing Agreement.

  4. The Data Processor shall be required to provide the supervisory authorities, which pursuant to
    applicable legislation have access to the Data Controller’s and Data Processor’s facilities, or representatives acting on behalf of such supervisory authorities, with access to the Data Processor’s physical facilities on presentation of appropriate identification.

Need help? Get in touch with us via: https://www.retinalyze.com/contact