We guarantee that texts are translated in accordance with good translation practice. A translation necessarily involves a degree of interpretation, and we accept that other versions are possible and it may be possible to propose changes. We therefore suggest to clients that they read through the final content, to ensure that the type of vocabulary is consistent with that which they normally use. Liability for payment of the translation service will accepted in full by To The Letter’s client, within the agreed terms. The client is deemed to be whoever requests the translation, irrespective of a third party being indicated for billing purposes.
If the text to be translated contains the personal data of natural persons, as defined by Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 (“General Data Protection Regulation”), the translation services will entail processing of personal data on behalf of the Client. For this purpose, To The Letter will act as “data processor” and the Client will be the “data controller”, as defined in the General Data Protection Regulation. In that case, the processing of personal data by To The Letter will be subject to the provisions of the Annex below, in order to comply with Article 28.3 of the General Data Protection Regulation.
PROCESSING OF PERSONAL DATA AS PROCESSOR
1. Processing
1.1. To The Letter will process the personal data only for the purpose of providing the translation services, in accordance with this Annex and on the Client’s documented instructions, unless it is obliged to do so by law, in which case it shall notify the Client of that obligation, unless the law prohibits such notification on important public interest grounds.
1.2. Processing shall consist of operations necessary for providing the translation services.
1.3. The processing shall come to an end upon completion of the provision of the translation services and performance of the contract with the Client.
1.4. The type of data to be processed and the categories of data subjects will depend on the texts to be translated.
2. Subcontracting
2.1. To The Letter may have recourse to independent service providers to assist it in providing the translation services. If those translation services entail specific personal data processing operations on behalf of the Client, the Client grants general authorisation to To The Letter to contract such persons.
2.2. If To The Letter contracts another subcontractor to carry out specific data processing operations on behalf of the Client, it must comply with the requirements of Article 28, paras. 2 and 4, of the General Data Protection Regulation with regard to that contractual relationship.
3. Confidentiality and security
3.1. The persons authorised by To The Letter to process personal data have made an undertaking of confidentiality or are subject to a legal obligation of confidentiality.
3.2. To The Letter will adopt appropriate technical and organisational measures to ensure a level of security appropriate to the risk of accidental or unlawful destruction, loss and alteration, unauthorised disclosure of or access to the data being processed, taking into account the state of the art, the costs of application and the nature, scope, context and purposes of processing, as well as the risks, of variable probability and seriousness, to the rights and freedoms of the natural persons.
4. Assistance
4.1. Taking into account the nature of the processing, and to the extent possible, To The Letter shall assist the Client by means of the appropriate technical and organisational measures to enable it to comply with its obligation to respond to requests from data subjects with a view to exercise of the rights as established in chapter III of the General Data Protection Regulation.
4.2. To The Letter shall assist the Client in ensuring that it complies with its legal obligations relating to the security of processing, reporting of personal data breaches, assessment of the impact on data protection and prior consultation, taking into account the nature of the processing and the information that may be available to To The Letter.
5. Audit
5.1. To The Letter undertakes to provide the information which may be necessary to demonstrate compliance with the obligations established in Article 28 of the General Data Protection Regulation, and also to facilitate and contribute to audits, including inspections, conducted by the Client or by another auditor appointed by the same, for the same purpose, subject to an upper limit of one audit per year.
5.2. Audits and inspections are conducted at the Client’s expense.
6. Erasure or return of personal data
As chosen by the Client, To The Letter shall erase or return all personal data to the Client after concluding the provision of services related to processing, and shall erase existing copies, unless it is obliged by law to conserve them.
7. Miscellaneous
7.1. These clauses have effect as from acceptance by the Client until conclusion of the services and performance of the contract with the Client.
7.2. These clauses are governed by Portuguese law.