The processors of personal data (e.g. providers of data systems, other partners using our employee or customer data) and the agreements related to the processing of personal data have been documented. The documentation includes e.g.:
Data processing agreements bind the actions of a personal data processing partner.
It can be important for us to require an important partner to take care of e.g. ensuring the confidentiality requirements for its personnel and restricting the use of other processors of personal data in connection with our data.
The processing agreement binds the actions of the data processor (such as the system vendor).
It can be important for us to ensure an important partner takes responsibility of e.g. access control (logging) and data recovery at the end of the contract according to our preferred policies.