Schedule 2: Controller-to-Controller Information for International Data Transfers
1. Retention Periods
Bamboozle retains Personal Data it collects as a Controller for as long as Bamboozle has a business purpose for it or for the longest time allowable by applicable law.
2. Information for International Transfers
For the purposes of the Standard Contractual Clauses:
Clause 11(a), Module 1: The parties do not select the independent dispute resolution option.
Clause 17, Module 1: The parties select Option 1. The Member State is: Netherlands.
Clause 18(b), Module 1: The Parties agree that those shall be the courts of Netherlands.
Annex I(A): The data exporter is Customer. The data importer is Bamboozle. Contact details for Customer is the email address(s) designated by Customer in Customer’s Bamboozle account. Contact detail for Bamboozle is: privacy@bamboozle.me.
Annex I(B): The parties agree that Schedule 1 describes the transfer.
Annex I©: The competent supervisory authority is the supervisory authority of: The Dutch Data protection Authority (Autoriteit Persoonsgegevens)
Annex II: The parties agree that Schedule 2.3 describes the technical and organizational measures applicable to the transfer.
For definitions of these terms please review our Privacy Policy (Section 1)
3. Technical and Organizational Measures
Measures of pseudonymisation and encryption of personal data
Bamboozle’s databases that store Customer Personal Data are encrypted using the Advanced Encryption Standard (AES). Customer data is encrypted in transit between the Customer’s software application and Bamboozle using TLS v1.2.
Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
Bamboozle uses a variety of tools and mechanisms to achieve high availability and resiliency. Bamboozle’s infrastructure spans multiple fault-independent availability zones in geographic regions physically separated from one another. Bamboozle’s infrastructure is able to detect and route around issues experienced by hosts or even whole data centers in real time and employ orchestration tooling that has the ability to regenerate hosts, building them from the latest backup. DigitalOcean also leverages specialized tools that monitor server performance, data, and traffic load capacity within each availability zone and colocation data center. If suboptimal server performance or overloaded capacity is detected on a server within an availability zone or colocation data center, these tools increase the capacity or shift traffic to relieve any suboptimal server performance or capacity overload. DigitalOcean is also immediately notified in the event of any suboptimal server performance or overloaded capacity.
Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing
Measures for user identification and authorization
Access control policies require that access to DigitalOcean assets be granted based on business justification, with the asset owner’s authorization and limits based on “need to-know” and “least-privilege” principles. In addition, the policy also addresses requirements for access management lifecycle including access provisioning, authentication, access authorization, removal of access rights and periodic access reviews.Documentation of these requirements is recorded and provided to external auditors for security certification testing.
Measures for the protection of data during transmission Measures for the protection of data during storage
Bamboozle’s databases that store Customer Personal Data are encrypted using the Advanced Encryption Standard (AES). Customer data stored by Bamboozle is encrypted in transit between the Customer’s software application and Bamboozle using TLS v1.2.
Measures for ensuring physical security of locations at which personal data are processed
Bamboozle data centers are located in nondescript buildings that are physically constructed, managed, and monitored 24 hours a day to protect data and services from unauthorized access as well as environmental threats. All data centers are surrounded by a fence with access restricted through badge controlled gates. CCTV is used to monitor physical access to data centers and the information systems. Cameras are positioned to monitor perimeter doors, facility entrances and exits, interior aisles, caged areas, high-security areas, shipping and receiving, facility external areas such as parking lots and other areas of the facilities.
Measures for ensuring events logging
Logging of service, user and security events (web server logs, FTP server logs, etc.) is enabled and retained centrally. Bamboozle restricts access to audit logs to authorized personnel based on job responsibilities. Audit logging procedures are reviewed as part of external audits for security standards.
Measures for internal IT and IT security governance and management Measures for certification/assurance of processes and products
Measures for ensuring data minimisation Measures for ensuring data quality Measures for ensuring limited data retention Measures for ensuring accountability Measures for allowing data portability and ensuring erasure
Technical and organizational measures to be taken by the [sub]-processor to provide assistance to the controller and, for transfers from a processor to a [sub]-processor, to the Customer.
When Bamboozle engages a Subprocessor, DigitalOcean and the Subprocessor enter into an agreement with data protection obligations substantially similar to those contained in this Schedule. Each Subprocessor agreement must ensure that DigitalOcean is able to meet its obligations to Customer. In addition to implementing technical and organizational measures to protect personal data, sub-processors must (a) notify DigitalOcean in the event of a Security Incident so Bamboozle may notify Customer; (b) delete personal data when instructed by DigitalOcean in accordance with Customer’s instructions to DigitalOcean; © not engage additional sub-processors without DigitalOcean’s authorization; (d) not change the location where personal data is processed; or (e) process personal data in a manner which conflicts with Customer’s instructions to DigitalOcean.
Last updated