Personal data in offered cloud services that is processed under a contract can not be processed for any other purpose or differently from customers instructions.
Customer instructions for the data processor can be contained in the contract between the cloud service provider and customer including, e.g. the objective and probable time frame of the service.
The terms and conditions related to the digital services provided by the organization have been mapped and documented. The terms of the contract shall include at least the following: