ORGANIC LAW ON PERSONAL DATA PROTECTION
SERVICE PROVISION CONTRACT WITH A WEB SITE COMPUTER MAINTENANCE COMPANY
The data controller has entrusted the data processor with the provision of the services detailed below:
III. In compliance with Article 12 of Law 15/1999, of 13 December, the Personal Data Protection Act, both parties freely agree to regulate the access and processing of the personal data mentioned herein, in accordance with the following:
The files containing personal data placed at the disposal of the data processor are duly legalised and legitimised. Access by the former to the data of the data controller will not be considered as data communication, since it is indispensable for the provision of the services ordered.
Two.- PURPOSE OF THE PROCESSING
Access by the data processor to the personal data contained in the files of the data controller shall be solely and exclusively for the purposes listed in section I.
Three.- GUARANTEE AND DATA PROTECTION
In the processing of these personal data, the data controller and the data processor undertake to guarantee and protect the public liberties and fundamental rights of the natural persons concerned and, in particular, their honour and their family and personal privacy.
Four.- DELEGATION OF FUNCTIONS
The data controller facilitates and delegates its functions to the data processor so that it can carry out the contracted services.
Five.- OBLIGATIONS OF THE DATA CONTROLLER
Six.- OBLIGATIONS OF THE DATA PROCESSOR
In the event that the data processor uses the data for purposes other than those stipulated, communicates them or uses them in breach of the conditions of this contract, it shall also be considered to be the data controller and shall be personally liable for the infringements committed.
Eight.- RESCISSION, RESOLUTION AND TERMINATION
The rescission, termination or termination of the contractual relationship for the provision of services between the data controller and data processor will oblige the latter to maintain blocked the personal data provided by the former.
Once the time-limit established to cover legal responsibilities has elapsed, the personal data must be destroyed or returned to the data controller, along with any support or document containing any personal data.