SimCorp further provides Privacy Policies to all EU based employees, detailing the information gathered and used by SimCorp during the course of the employee’s employment with SimCorp.
SimCorp Dimension as a Service
When providing SimCorp Dimension as a Service, SimCorp acts as data processor and the client acts as data controller with regards to any personal data hosted in SimCorp Dimension. SimCorp only processes personal data on behalf of the client and in accordance with the instructions from the client. The client has the full control of which personal data is submitted to SimCorp Dimension.
Consequently, for EU clients SimCorp offers a data processing agreement (DPA) as part of the contractual framework for SimCorp Dimension as a Service. As part of this DPA, SimCorp group companies have entered Standard Contractual Clauses in the form set out by the EU Commission to protect any personal data being transferred to SimCorp entities outside of the EU as part of the global support.
SimCorp further enters DPA’s with sub-processors. Any change in sub-processors will be notified to the client via email.
SimCorp commits to informing clients of any suspected or actual breaches involving their data within 48 hours. SimCorp has monitoring processes and tools to help identify such breaches in a timely manner. SimCorp will cooperate with clients to investigate and resolve any actual security breaches. SimCorp will not disclose security breach information to any third parties unless required to by law.