”data exporter,” the person in charge of processing the personal data; Product access: a subset of our employees has access to customer products and data via controlled interfaces. Access to a subset of staff means providing effective customer support, solving potential problems, detecting and responding to security incidents, and implementing data security. Access is made possible by ”just-in-time” access requirements. all of these requirements are recorded. Role-specific access is granted to staff and audits of high-risk privileges are initiated on a daily basis. Staff roles are checked at least once every six months. The details of the transmission and, if applicable, the specific categories of personal data are included in Appendix 1, which is an integral part of the clauses. Authorization: Customer data is stored in storage systems that are only accessible to customers through application user interfaces and application programming interfaces. Customers do not have direct access to the underlying application infrastructure. The licensing model for each of our products is designed to ensure that only assigned people can access relevant features, views and customization options. The registrations are authorized by checking the user`s permissions based on the attributes assigned to each record.
Appendix 1 to standard contractual clauses This annex is an integral part of the clauses and must be completed and signed by the parties. Member States may complete or specify, in accordance with their national procedures, any additional information required in this appendix. Data Exporter The data exporter is (please briefly indicate your activities relevant to the transfer): 3. The data importer must immediately inform the data importer of legislation that applies to the data importer or a subprocessing that prevents the data importer or subprocessor from testing in accordance with paragraph 2. In this case, the data investigator has the authority to take the measures in point 5 (b). Rest mode: We register user labels according to policies that correspond to the industry`s usual security methods. (A) HubSpot must not transfer European data to a country or recipient that is not recognised as sufficiently protected for personal data (in accordance with current EU data protection legislation), unless all necessary measures are taken to ensure that the transfer complies with existing EU data protection legislation.