Contract for order processing for IT services

Would you like to use our IT services? Please remember to conclude an agreement on order processing in accordance with Art. 28 GDPR (data processing agreement) in advance.

 

Update from 26.09.2022 - our new GTC apply
We make it easier for you to conclude the DPA contract!

For customers who conclude a service agreement with an ITM group company from 26.09.2022, our new GTC apply. We have already included our AV contracts here. They therefore apply automatically upon conclusion of the contract, i.e. upon acceptance of our GTC. However, please download the AV contracts we have already signed for your records.

With customers who conclude a maintenance contract or cloud contract with us, for example, the data processing agreement (DPA contract) is still in writing. In this case, the agreement is attached to the corresponding contract.

HERE you can download the template for services of ITM systems GmbH & Co.

HERE you can download the template for the provision of a whistleblower protection system by ITM systems GmbH & Co.

HERE you can download the template for services provided by ITM solutions GmbH.

HERE you can download the template for services provided by ITM design GmbH.

HERE you can download the template for services provided by ITM Networks GmbH.

HERE you can download the template for the provision of a whistleblower protection system by ITM Networks GmbH.

Please note When creating a (test) account for ITM time recording or ITM DOCUMENTS CLOUD via our online registration form, the AV contract is part of the GTC. You therefore conclude the contract with us electronically by accepting the GTC. You can of course download the contract for your records.

If you have any questions, please send an e-mail to datenschutz(at)itm-gruppe.com.

 

For further understanding regarding order processing

As an IT service provider, we are a classic example of a "processor". For example, we create users for you on the basis of your instructions or assign authorizations. As the controller, you must therefore officially oblige us to comply with certain measures to protect your data. You do this by concluding an agreement on order processing.

As a company, you may only pass on personal data (e.g. employee names, e-mail addresses, user data) to external bodies (third parties) if there is a legal basis for this. If we act as a processor for you, we are no longer considered a "third party" under the GDPR and the transfer of data to us is legitimate. However, this requires the conclusion of a data processing agreement. Otherwise, this privilege does not apply.

Note: This additional data protection agreement is bound to our service agreement. If you no longer receive services from us, the data processing agreement expires automatically.