Web hosting, web design, programming as order data processing
With every customer who has had websites programmed or provided on the Internet via TBA-Hamburg/-Berlin since 2018, often including. of its email accounts belonging to the domain, we conclude a commissioned data processing contract in accordance with the GDPR.
Since questions often arise in this context, we try to explain here what this contract is, why and what you need it for.
This article is not legal advice and is not a substitute for legal advice.
What is at issue?
Since the new data protection law (GDPR), there are new rights and obligations for website operators. On the one hand, the website must be operated in a technically and contentwise data protection-compliant manner. And if you have commissioned an external service provider to make the website available on the Internet (web hosting), a commissioned data processing contract must be concluded with this provider.
FAQ commissioned data processing
As soon as you produce your homepage via an external service provider (e.g. the TBA-Berlin) and/or put it online, or have your e-mails managed by the service provider, you need a contract for commissioned data processing (ADV contract) with this service provider. There are drastic fines if you fail to do so.
The TBA-Berlin has of course prepared order data processing contracts for all customers. Please contact us if you do not have a contract yet.
- Delimitation of commissioned data processing: when yes, when no:
lda.bayern.de – FAQ_Abgrenzung_Auftragsverarbeitung.pdf
- Contracting authority in the obligation:
- In the case of web hosting, website operators must have an order processing contract with the web host:
Contribution of the data protection provider ActiveMind.de – Order processing – Fines