THIS SEARCH THIS DOCUMENT THIS CR ISSUE GO TO Next Hit Forward Next Document New CR Search Prev Hit Back Prev Document HomePage Hit List Best Sections Daily Digest Help Doc Contents
CIP transferred to CKS the operations of the Citibank Visa credit card business, including accounting and electronic data processing, on the basis of the terms of a Service Agreement (non-gratuitous contract for services) dated March 24, 1998, supplemented as of June 1, 1989 and November 30, 1989. Details are contained in the ``CKS Service
[Page: S14549] GPO's PDF
3. In the Co-Branding Agreement with the Deutsche Bahn AG dated November 18, 1994, CIP assumed responsibility for the issuance of the DB/Citibank BahnCard as well as for the entire management and operations associated with this business.
4. On the basis of a Service Agreement dated April 1, 1995, CIP transferred the entire operations of the DB/Citibank-BahnCard business, including data processing and accounting, to the Card Service Companies. Details are contained in the ``BahnCard Service Agreement''. Concurrent with the application for issuing a DB/Citibank BahnCard, the BahnCard customers agree to the transfer of their personal dat a to CCO and to those companies entrusted by CCO with such data processing.
5. Due to reasons of efficiency, service and centralization, the Card Service Companies have entrusted CNA with the processing of the Citibank Visa card business and of the DB/Citibank BahnCard business as of July 1, 1995. In light of such considerations, the Card Service Companies--as principals--and CNA--as contractors--concluded the ``CNA Service Agreement'', to which CIP expressly consented.
6. The performance of the CNA Service Agreement requires the Card Service Companies to transfer the personal dat a of the Citibank Visa card customers and the DB/Citibank BahnCard customers--hereinafter collectively referred to as ``Card Customers''--to CNA and further requires CNA to process and use these data.
In order to protect the Card Customers' rights with respect to both the data protection law, as well as the banking secrecy, and in order to comply with the banking supervisory and data protection requirements.
The contractual parties agree and covenant as follows:
§1 BASIC PRINCIPLES
The parties hereto undertake to safeguard the Card Customers' right to protection against unauthorized capture, storage and use of their personal dat a and their right to informational self-determination. The scope of such protection shall be governed by the standards as laid down in the German Federal Data Protection Law (Bundesdatenschutzgesetz, abbreviated to ``BDSG''). The parties hereto additionally agree to comply with the banking secrecy regulations.
§2 INSTRUCTIONS OF THE CARD SERVICE COMPANIES
1. CNA shall process the data provided by the Card Service Companies solely in accordance with the Card Service Companies' instructions and rules, and the provisions contained in this Agreement. CNA undertakes to process and use the data only for the purpose for which the data have been provided by the Card Service Companies to CNA, said purposes including those as described in the CNA Service Agreement. The use of such data for purposes other than described above requires the Card Service Companies' express written consent.
2. At any time, the Card Service Companies may make inquiries to CNA about the personal dat a transferred by the Card Service Companies and stored at CNA, and the Card Service Companies may require CNA to perform corrections, deletions or blockings of such personal dat a transferred by the Card Service Companies to CNA.
§3 INSPECTION RIGHTS OF THE CARD SERVICE COMPANIES
At regular intervals, an (joint) agent appointed by the Card Service Companies shall verify whether CNA complies with the terms and conditions of this Agreement, and in particular with the data protection law as well as the banking secrecy regulations. CNA shall grant the Card Service Companies' agent supervised unimpeded access to the extent necessary to accomplish the inspection and review of all data processing facilities, data files and other documentation needed for processing and utilizing the personal dat a transferred by the Card Service Companies in a fashion which is consistent with the CNA Operational Policies. CNA shall provide the agent with all such information as deemed necessary to perform this inspection function.
§4 USE OF SUBCONTRACTORS, TRANSMISSION OF DATA TO THIRD PARTIES
1. CNA may not appoint non-affiliated third parties, in particular subcontractors, to perform and fulfill CNA's commitments and obligations under this Agreement.
2. For marketing purposes, the transfer of personal dat a to third parties provided by the Card Service Companies is prohibited, except in those cases where such personal dat a is transferred to affiliated companies engaged in the banking business in order to market financial services; the transfer of such data beyond the aforementioned scope to third parties shall require the Card Service Companies' express approval. Such approval is limited to the scope of the Card Customers' consent as obtained on the application form. The personal dat a of customers having obtained a BahnCard ``pure'' may only be used or transferred for BahnCard marketing purposes.
CNA and the Card Service Companies undertake to institute and maintain the following data protection measures:
1. Access control of persons
CNA shall implement suitable measures in order to prevent unauthorized persons from gaining access to the data processing equipment where the data transferred by the Card Service Companies are processed.
This shall be accomplished by:
a. Establishing security areas;
b. Protection and restriction of access paths;
c. Securing the decentralized data processing equipment and personal com puters;
d. Establishing access authorizations for employees and third parties, including the respective documentation;
e. Identification of the persons having access authority;
f. Regulations on key-codes;
g. Restriction on keys;
h. Code card passes;
i. Visitors books;
j. Time recording equipment;
k. Security alarm system or other appropriate security measures.
2. Data media control
CNA undertake to implement suitable measures to prevent the unauthorized reading, copying, alteration or removal of the data media used by CNA and containing personal dat a of the Card Customers.
This shall be accomplished by:
a. Designating the areas in which data media may/must be located;
b. Designating the persons in such areas who are authorized to remove data media;
c. Controlling the removal of data media;
d. Securing the areas in which data media are located;
e. Release of data media to only authorized persons;
f. Control of files, controlled and documented destruction of data media;
g. Policies controlling the production of back-up copies.
3. Data memory control
CNA undertakes to implement suitable measures to prevent unauthorized input into the data memory and the unauthorized reading, alteration or deletion of the stored data on Card Customers.
This shall be accomplished by:
a. An authorization policy for the input of data into memory, as well as for the reading, alteration and deletion of stored data;
b. Authentication of the authorized personnel;
c. Protective measures for the data input into memory, as well as for the reading, alteration and deletion of stored data,
d. Utilization of user codes (passwords);
e. Use of encryption for critical security files.
f. Specific access rules for procedures, control cards, process control methods, program cataloging authorization;
g. Guidelines for data file organization;
h. Keeping records of data file use;
i. Separation of production and test environment for libraries and data files
j. Providing that entries to data processing facilities (the rooms housing the computer hardware and related equipment) are capable of being locked,
k. Automatic log-off of user ID's that have not been used for a substantial period of time.
4. User control
CNA shall implement suitable measures to prevent its data processing systems from being used by unauthorized persons by means of data transmission equipment.
This shall be accomplished by:
a. Identification of the terminal and/or the terminal user to the DP system;
b. Automatic turn-off of the user ID when several erroneous passwords are entered, log file of events, (monitoring of break-in-attempts);
c. Issuing and safeguarding of identification codes;
d. Dedication of individual terminals and/or terminal users, identification characteristics exclusive to specific functions;
e. Evaluation of records.
5 Personnel control
Upon request, CNA shall provide the Card Service Companies with a list of the CNA employees entrusted with processing the personal dat a transferred by the Card Service Companies, together with a description of their access rights.
6. Access control to data
CNA commits that the persons entitled to use CNA's data processing system are only able to access the data within the scope and to the extent covered by the irrespective access permission (authorization).
This shall be accomplished by:
a. Allocation of individual terminals and/or terminal user, and identification characteristics exclusive to specific functions;
b. Functional and/or time-restricted use of terminals and/or terminal users, and identification characteristics;
c. Persons with function authorization codes (direct access, batch processing) access to work areas;
d. Electronic verification of authorization;
e. Evaluation of records.
7. Transmission control
CNA shall be obligated to enable the verification and tracing of the locations/destinations to which the Card Customers' data are transferred by utilization of CNA's data communication equipment/devices.
This shall be accomplished by:
a. Documentation of the retrieval and transmission programs;
[Page: S14550] GPO's PDF
b. Documentation of the remote locations/destinations to which a transmission paths (logical paths).
8. Input control
CNA shall provide for the retrospective ability to review and determine the time and the point of the Card Customers' data entry into CNA's data processing system.
This shall be accomplished by:
a. Proof established within CNA's organization of the input authorization;
b. Electronic recording of entries.
9. Instructional control
The Card Customers' data transferred by the Card Service Companies to CNA may only be processed in accordance with instructions of the Card Service Companies.
This shall be accomplished by:
a. Binding policies and procedures for CNA employees, subject to the Card Service Companies' prior approval of such procedures and policies,
b. Upon request, access will be granted to those Card Service Companies' employees and agents who are responsible for monitoring CNA's compliance with this Agreement (c.f. §3 hereof.)
10. Transport control
CNA and the Card Service Companies shall implement suitable measures to prevent the Card Customers' personal dat a from being read, copied, altered or deleted by unauthorized parties during the transmission thereof or during the transport of the data media.
This shall be accomplished by:
a. Encryption of the data for on-line transmission, or transport by means of data carriers, (tapes and cartridges);
b. Monitoring of the completeness and correctness of the transfer of data (end-to-end check).
II. Organization control
CNA shall maintain its internal organization in a matter that meets the requirements of this Agreement.
This shall be accomplished by:
a. Internal CNA policies and procedures, guidelines, work instructions, process descriptions, and regulations for programming, testing, and release, insofar as they relate to data transferred by Card Service Companies;
b. Formulation of a data security concept whose content has been reconciled with the Card Service Companies;
c. Industry standard system and program examination;
d. Formulation of an emergency plan (back-up contingency plan).
§6 DATA PROTECTION SUPERVISOR
1. CNA undertakes to appoint a Data Protection Supervisor and to notify the Card Service Companies of the appointee(s). CNA shall only select an employee with adequate expertise and reliability necessary to perform such a duty, and provide the Card Service Companies with appropriate evidence thereof.
2. The Data Protection Supervisor shall be directly subordinate/accountable to CNA's General Management. He shall not be bound by instructions which obstruct or hinder the performance of his duty in the field of data protection. He shall cooperate with the Card Service Companies' agent--as indicated in §3 hereof--in monitoring the performance of this Agreement and adhering to the data protection requirements in conjunction with the data in question. In the event that CNA chooses to change the person who serves as a Data Protection Supervisor, CNA shall give timely notice to the Card Service Companies of such change. The Data Protection Supervisor shall be bound by confidentiality obligations.
3. The Data Protection Supervisor shall be available as the on-site contact for the Card Service Companies.
§7 CONFIDENTIALITY OBLIGATION
CNA shall impose a confidentiality obligation on those employees entrusted with processing the personal dat a transferred by the Card Service Companies. CNA shall furthermore obligate its employees to adhere to the banking and data secrecy regulations and document such employees' obligation in writing. Upon request, CNA shall provide the Card Service Companies with satisfactory evidence of compliance with this provision.
§8 RIGHTS OF CONCERNED PERSONS
1. At any time, Card Customers whose data are transferred by CIP to the Card Service Companies, and thereafter further transferred by the Card Service Companies to CNA, shall be entitled to make inquiries to CNA (who are required to respond) as to: the stored personal dat a, including the origin and the recipient of the data; the purpose of storage; and the persons and locations/destinations to which such data are transferred on a regular basis.
The requested information sha ll generally be provided in writing.
2. The Card Service Companies shall honour the concerned person's request to correct his personal dat a at any time, provided that the stored data are incorrect. The same shall apply to data stored at CNA.
3. The concerned person may claim from the responsible Card Service Companies the deletion or blocking of any data stored at the Card Service Companies or CNA, in the event that: such storage is prohibited by law; the data in question relate to information abo ut health criminal actions, violations of the public order, or religious or political opinions, and its truth/correctness cannot be proved by the Card Service Companies; and such data are processed to serve Card Service Companies' own purposes, and such data are no longer necessary to serve the purpose of the data storage under the agreement with the respective Card Customers.
Notwithstanding the foregoing, the parties hereto submit to the provisions of §35 of the German Federal Data Protection Law (BDSG), and agree to be familiar with such provisions.
4. The concerned person may demand that the responsible Card Service Companies block his or her personal dat a, if he or she contests the correct nature thereof and if it is not possible to determine whether such data is correct or incorrect. This shall also apply to such data stored by CNA.
5. If CIP. the Card Service Companies or CNA should violate the data protection or banking secrecy regulations, the person concerned shall be entitled to claim damages caused and incurred thereby as provided in the German Federal Data Protection Law (BDSG). CIP's and the Card Service Companies' liability shall moreover extend to those claims arising from breach of this Agreement and asserted against CNA and/or its employees in performance of this Agreement.
6. CNA acknowledges the obligation assumed by CIP and the Card Service Companies towards the concerned person, and undertakes to comply with all Card Service Companies' instructions concerning such person. The concerned person may also directly assert claims against CNA and file an action at CNA's applicable place of jurisdiction.
§9 NOTIFICATION TO THE CONCERNED PERSON
The Card Service Companies undertake to appropriately notify the concerned Card Customers of the transfer of their data to CNA.
§10 DATA PROTECTION SUPERVISION
1. According to the German Federal Data Protection Law (BDSG), the Card Service Companies and CIP are subject to public control exercised by the respective responsible supervisory authorities.
2. Upon request of CIP or either of the Card Service Companies, CNA shall provide the respective supervisory authorities with the desired information and grant them the opportunity of auditing to the same extent as they would be entitled to conduct audits at the Card Service Companies and CIP; this includes the entitlement to inspections at CNA's premises by the supervisory authorities or their nominated agents, unless barred by binding instructions of the appropriate U.S. authorities.
THIS SEARCH THIS DOCUMENT THIS CR ISSUE GO TO Next Hit Forward Next Document New CR Search Prev Hit Back Prev Document HomePage Hit List Best Sections Daily Digest Help Doc Contents