ARTICLE 1 – APPLICABILITY
1. ITAF provides cloud computing services with its own cloud platform under the commercial name Dynamic Cloud Platform.
2. This cloud computing policy only applies to the Dynamic Cloud Platform.
3. Any cloud services in the broadest sense from third parties (in particular, but not limited to Microsoft Azure) that are resold to the customer are not covered by this cloud computing policy. It is the customer’s responsibility to ascertain whether the cloud services offered are provided by the own platform or that of a third party.
ARTICLE 2 – RESPONSIBILITY
1. ITAF is responsible for providing the cloud computing services, even if some services are provided by subcontractors.
2. ITAF has contractual commitments with its subcontractors to guarantee services. For this purpose, the necessary checks are carried out periodically.
ARTICLE 3 – INTEGRITY, CONTINUITY & QUALITY
1. ITAF shall take the necessary measures to ensure the integrity of information processed during the term of the agreement. ITAF has a backup solution for this purpose, in which backup data is transferred to a second data centre.
2. More information on this can be found in the section ‘Description of services’ or in the specific service level guarantees drawn up as part of an agreement.
3. However, ITAF cannot be held responsible if the customer breaches the agreement or any part of it, even if only minimally.
ARTICLE 4 – CONFIDENTIALITY OF INFORMATION
1. ITAF undertakes not to use or distribute any of the customer’s information for its own account or that of a third party.
2. ITAF may in certain cases investigate who has been given what access to certain information.
3. The customer will be informed if there is a request for an investigation from a Belgian or foreign administrative or judicial authority.
4. At the end/termination of the agreed service(s) or upon early termination/dissolution, ITAF has the right to immediately destroy the customer’s data. Only upon the customer’s express written request and upon payment of the associated costs by the customer, ITAF may agree to retain such data for a certain period of time after termination. However, ITAF is not obliged to do so and may refuse such request or simply leave it unanswered, in which case the customer shall have no claim/further claims against ITAF in this regard.
5. If necessary, ITAF will support the migration of the cloud environment to another solution. This service will be carried out on a time and costs basis at the consultancy rates prevailing at the time.
6. ITAF undertakes not to keep the customer’s information longer than necessary after the end of the agreement.
ARTICLE 5 – AUDIT RULES
1. ITAF will always cooperate with audits requested by the customer, whether carried out by the customer or a third party. This audit must not compromise the security of other clients’ infrastructure or ITAF’s overall infrastructure. This service will be carried out on a time and costs basis at the consultancy rates prevailing at the time.
2. Identified deficiencies will be handled by ITAF as soon as possible.
ARTICLE 6 – INFORMATION SECURITY
1. ITAF adheres to the good practices applicable in the IT sector. ITAF follows ITIL as its reference framework in this respect.
2. The organisations ITAF engages to rent data centre spaces follow ISO 27000 standards.