NEXTBIG shall not process the Accessed Data for a purpose other than the provision of the Service requested by the User and shall not transfer such data, not even for their storage, to unauthorized parties.
NEXTBIG shall notify the User promptly if it becomes aware of any data breach and shall provide full details of the relevant breach.
NEXTBIG shall ensure that persons authorized to process the Accessed Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
Taking into account the nature of the processing, assist the User by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the Users’ obligation to respond to requests for exercising the data subject’s rights.
NEXTBIG shall take all measures required pursuant to Article 32 of the GDPR (Security of Processing).
NEXTBIG assist the User in complying with its obligations pursuant to Articles 32 to 36 of GDPR with: (a) at the choice of the User, delete or return all the Accessed Data to the User after the end of the provision of Service, unless the storing of the data is required by applicable law; and (b) make available to the User all the information necessary to demonstrate compliance with the obligations laid down in Article 28 of GDPR and allow for and contribute to audits, including inspections, conducted by the User or another auditor mandated by the User.
thethings.iO has been independently audited in a dedicated DPIA, and now we are working hard to fully align our service with GDPR provisions. More information available by sending an email to email@example.com.