Agreement on general and special confidentiality obligations
Agreement on general and special confidentiality obligations
Both contracting parties together are hereinafter also referred to as the "Parties", or individually as a "Party".
Preamble
The parties have agreed that the self-employed agent will work for the principal as a freelancer. In order to enable or facilitate the work of the self-employed agent as a freelancer, it is possible that the principal, himself or through third parties, discloses to the self-employed agent various information of the principal or third parties (such as contractual partners and clients of the principal) or gives the self-employed agent access to it or the self-employed agent otherwise obtains knowledge of confidential information.
Against this background, the Parties agree on the following general and specific obligations of confidentiality:
1. Duty of confidentiality
1.1 The independent agent is obliged to maintain secrecy about business secrets and operational matters of a confidential nature in accordance with the following paragraphs.
1.2 A trade secret is information which is not generally known or readily available, either as a whole or in the precise arrangement and composition of its components, to persons in the circles which normally handle this type of information and which is therefore of economic value and which is the subject of secrecy measures by its lawful owner which are reasonable under the circumstances and for which there is a legitimate interest in secrecy (Section 2 No. 1 Trade Secrets Act (GeschGehG)).
1.3 The Client's business secrets to be kept secret include in particular:
- Business strategies
- Economic plans
- Price calculations and pricing
- Competitive market analyses
- Turnover and sales figures
- Personal data
- Product specifications
- Inventions, technical processes and procedures that are not publicly known and represent an economic value for the client
- Customer data
- Supplier data
- Passwords, access codes
1.4 As a matter of principle, business secrets are to be kept secret from anyone to whom they are not justifiably accessible. This also applies to other self-employed agents and employees of the principal who are not entitled to knowledge of the secret due to their position and function. The self-employed agent acknowledges that unauthorised disclosure of business secrets to third parties may be punishable by law.
1.5 The self-employed agent is also obliged to keep confidential operational matters of a confidential nature, which are designated as such by the management or can be recognised as such from the point of view of an objective third party, and to protect them from access and knowledge by unauthorised third parties without the express consent of the management. The duty of confidentiality covers all facts which are to be treated as secret/confidential according to the express instructions or the discernible will of the client and for which the client has a legitimate interest in maintaining secrecy.
1.6 The duty of confidentiality also extends to matters of other companies with which the client is economically or organisationally affiliated within the meaning of §§ 15 et seq. of the German Stock Corporation Act (AktG). German Stock Corporation Act (AktG) as well as to matters of clients and business partners of the client.
1.7 The obtaining, use or disclosure of a trade secret does not fall under the above confidentiality obligations and the statutory prohibition of § 4 GeschGehG if this is done to protect a legitimate interest of the independent agent, in particular to exercise the right of freedom of expression and freedom of information, including respect for freedom and plurality of the media, to uncover an unlawful act or professional or other misconduct, if the obtaining, use or disclosure is suitable to protect the general public interest. Disclosed facts are not subject to any protection of secrecy and do not give rise to any duty of confidentiality on the part of the independent agent.
1.8 In case of doubt, if it is unclear whether it is a matter of a fact requiring secrecy or a fact to be treated confidentially, the independent agent undertakes to contact the principal without delay in order to clarify this question and to check any duty of confidentiality in order to bring about a clarification in a timely manner.
1.9 The confidentiality obligations of the self-employed agent shall continue to exist after the termination of the contractual relationship with the principal. Insofar as the self-employed agent is unreasonably hindered in his professional advancement by the post-contractual duties of confidentiality, he may demand that the principal release him from these duties.
1.10 Furthermore, the independent agent is advised that betrayal of secrets is also punishable under the GeschGehG.
2. Declaration of commitment under data protection law
2.1 The independent agent is a person subordinate to the principal within the meaning of Art. 29 of the General Data Protection Regulation (GDPR) who may process personal data exclusively on the principal's instructions, unless he is obliged to do so under Union law or the law of the Member States.
2.2 Personal data is all information that relates to an identified or identifiable person. This can be, for example, customers or other employees. Personal data is, for example, the name or contact details (address, telephone number, e-mail address).
2.3 The independent agent undertakes not to process personal data without authorisation. Personal data may therefore only be processed if consent has been given or a statutory regulation permits or prescribes the processing. The principles of the GDPR for the processing of personal data must be observed; they are laid down in Article 5 (1) of the GDPR and essentially include the following obligations:
Personal data must be
a) processed in a lawful and fair manner, and in a way that is comprehensible to the data subject ("lawfulness, fairness, transparency");
b) collected for specified, explicit and legitimate purposes and may not be further processed in a manner incompatible with those purposes ("purpose limitation");
c) adequate and relevant to the purpose and limited to what is necessary for the purposes of processing (“data minimization”);
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data which are inaccurate having regard to the purposes of their processing are erased or rectified without delay ("accuracy");
e) stored in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed ("storage limitation");
f) processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by appropriate technical and organisational measures ("integrity and confidentiality").
2.4 Personal data may only be processed in accordance with the instructions of the data controller. The processing of personal data is only permitted to the extent and in the manner necessary for the performance of the assigned tasks. Unauthorised processing of personal data is always prohibited.
2.5 Violations of this obligation may be punished by a fine and/or imprisonment. A violation may also constitute a breach of contractual obligations or special confidentiality obligations. Claims for damages (under civil law) may also arise from culpable breaches of this obligation. Confidentiality obligations arising from separate agreements are not affected by this declaration.
2.6 The obligation shall continue to apply after termination of the activity.
2.7 Further claims for damages remain unaffected.
2.8 The independent agent is referred to the provisions of Art. 29, Art. 83 DSGVO as well as to § 42, § 43 BDSG.
3. Requirements for the workplace and technical equipment
3.1 The self-employed agent undertakes to create and maintain the following requirements for his workplace and his technical equipment:
3.2 The following requirements apply to the workplace:
- The working space can be separated from the rest of the living space with a door;
- There are no other persons in the workroom;
- The monitor is not visible from the outside through a window.
3.3 The following requirements apply to the technical equipment:
- Virus protection and firewall are installed and set up;
- The router/modem has an integrated firewall;
- The connection to the Internet is made via a network cable or by means of WLAN with WPA2 encryption;
- The operating system is always updated and checked for up-to-dateness, but at least once a week;
- The screen saver can only be cancelled after a password and becomes active after 15 minutes at the latest;
- The headset to be used is wired (not a wireless headset);
- The operating system is not older than Windows 7 or MacOS 10.10.
- A webcam is used.
4. Declaration of commitment under telecommunications law
4.1 The independent agent is obliged to maintain telecommunications secrecy according to § 206 StGB and, if applicable, § 3 TTDSG.
4.2 The content of telecommunications and the circumstances surrounding them, in particular the fact whether someone is or was involved in a telecommunication process, are subject to the secrecy of telecommunications. The secrecy of telecommunications also extends to the details of unsuccessful connection attempts.
4.3 The secrecy of telecommunications protects not only telephone calls and faxes, but also communication via e-mail or similar communication channels.
4.4 Violations of the secrecy of telecommunications can be punished with a fine, fine or imprisonment under section 206 of the Criminal Code, and possibly also under other laws. A breach of telecommunications secrecy may also constitute a breach of employment duties and lead, for example, to a warning, termination without or without notice and/or liability for damages. The obligation of confidentiality under data protection law and other confidentiality obligations exist in addition to the secrecy of telecommunications.
4.5 The secrecy of telecommunications applies for an indefinite period of time and continues to apply even after termination of the activity. It applies to all persons who are not responsible for the respective matter on official business.
4.6 Information that is subject to the secrecy of telecommunications must be treated with absolute confidentiality unless legal permission exists. Permission exists only to the extent that knowledge, storage or use is absolutely necessary for the respective purpose.
4.7 Violations of telecommunications secrecy are punishable by up to five years in prison. § Section 206 of the Criminal Code makes it a punishable offence to pass on information that is subject to telecommunications secrecy. It is also a criminal offence to suppress entrusted transmissions (especially e-mails) without authorisation, for example, to delete them or to withhold them for a longer period of time.
4.8 Certain violations of the TKG may also result in a fine, e.g.
e.g. if data is unlawfully collected or not deleted (§ 149 TKG). Under certain circumstances, further fines and criminal offences may be considered, such as violations of data protection law (Art. 83 DSGVO, §§ 42, 43 BDSG), betrayal of business and trade secrets (§ 17 UWG), spying on data (§ 202 a StGB), computer fraud (§ 263 a StGB).
4.9 The independent agent is referred to the provisions of § 88 TKG and § 206 StGB.