1. Purpose
This agreement sets out the obligations of the undersigned individual to protect personal data handled in the course of their work, in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").
2. Definitions
• Personal Data: Any information relating to an identified or identifiable natural person.
• Processing: Any operation performed on personal data, such as collection, storage, use, transmission, or deletion.
• Data Controller: The organization that determines the purpose and means of processing personal data.
• Data Processor: Any party processing personal data on behalf of the Data Controller.
3. Confidentiality Obligations
By signing this document, I agree to:1. Treat all personal data accessed in the course of my work as strictly confidential.2. Only process personal data on documented instructions from the Data Controller.3. Not disclose personal data to unauthorized persons, whether inside or outside the organization.4. Implement reasonable technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or destruction.5. Immediately report any actual or suspected data breach to the Data Controller.
4. Use and Retention of Data
• Personal data shall only be used for legitimate business purposes related to my role.• Personal data shall not be retained longer than necessary and must be securely deleted or returned upon request.
5. Duration of Obligation
These confidentiality obligations apply during and after the termination of my employment, contract, or engagement.
6. Consequences of Breach
I understand that any breach of this agreement may lead to disciplinary action, termination of contract, and potential legal consequences under GDPR.
