7 Duration and termination 7.1 The duration of the contract is equal to the duration of the accounting, accounting and accounting agreement. At the end of the accounting, accounting and salary accounting contract, the contract is terminated. 7.2 Each contracting party may terminate the agreement on the same terms as those applicable to the accounting, accounting and payroll settlement agreement. 7.3 Regardless of the formal duration of the contract, the contract remains in effect as long as the supplier processes personal data on behalf of the customer, for which the customer is responsible for processing, but only for the processing of that personal data by the supplier. 7.4 In the event of termination and at the request of the contract, the supplier must contribute fairly to the transfer of data to another supplier or to the customer. 4.3 The customer has the right to provide a copy of all parts of the agreements between the supplier and the subprocessors to regulate the mandatory data protection obligations covered in point 4.2. The supplier is responsible for the subcontractor`s performance of the data protection obligations. The fact that the customer has agreed to enter into a contract with a subcontractor by the supplier does not affect the supplier`s obligation to enforce the contract. 3.2 The supplier must ensure that persons authorized to process personal data have committed to keeping it secret or are bound by a legal duty of professional secrecy. The RGPD has become fully effective and many colleagues and consultants are still arguing over an accountant`s data processing qualifications. Many accounting firms provide their clients with data processing agreements and ask their clients to enter into such an agreement. It is recommended to read the following articles before deciding on the qualification of the processing/conclusion role of a data processing agreement.

(i) a request from a public authority to disclose personal data covered by the agreement, unless the supplier is prohibited from informing the customer in accordance with EU or supplier legislation; (ii) any suspicion or sighting of (a) security violations that result in destruction, a loss or modification, unauthorized disclosure or unauthorized access by the supplier to personal data transmitted, retained or otherwise processed in accordance with this agreement, or (b) any other violation of the supplier`s obligations under paragraphs 3.3 and 3.4 or (iii) a request for access to personal data received directly by a person or a third party. The processing manager has the right to review the contract data processing obligations once a year. If the data processor is required to do so under existing legislation, audits can be repeated once a year. At least four weeks prior to the proposed launch date, a detailed test plan indicating scope, duration and launch date must be submitted. The contracting parties jointly decide whether a third party should conduct the review.