:- module('data_protection_policy',[]). en("the target language is: prolog. % Data Protection Policy % Original Document at https://docs.google.com/document/d/1eN9E5JvgbuHRGs60aAE4WWZ23pjVahLB/edit the templates are: all policy objectives are met. data is private. data is protected. every governance requirement is met. every scope requirement is met. every policy publishing requirement is met. all principles for the processing of personal Data are adhered to. all national laws are adhered to. all users are responsible. every scope requirement is met. employees scope is met. contractors scope is met. employees scope is met if all policy objectives are applied to all employees. contractors scope is met if all policy objectives are applied to all contractors. every policy publishing requirement is met. the Data Protection Policy is available in a format that cannot be changed easily. the Data Protection Policy is stored. the Data Protection Policy is made readily available to all members of Lodge IT Pty Ltd. the Data Protection Policy has been electronically distributed. history of changes of the Data Protection Policy have been retained. every governance requirement is met. the governance requirements are *a list*. Governance requirement *an id* is met. the Information Security Manager establishes and conducts a training program for employees and contractors. the Information Security Manager monitor the Company processes regarding the fulfilment of the existing data protection policies and procedure. the Information Security Manager monitors the quality and efficiency of Lodge IT Pty Ltd policies and procedures. the Information Security Manager collects information from the employees and contractors about the data processing activities in order to identify challenges pertaining to these activities. the Information Security Manager analyses & assesses the information obtained from the employees and contractors in terms of the effectiveness quality and costs regarding the existing Lodge IT Pty Ltd data protection compliance system. the Information Security Manager informs advises and gives recommendations to the management of Lodge IT Pty Ltd regarding for example need for updates changes and additions to the existing data protection compliance system. the Information Security Manager reports directly to the Chief Executive Officer regarding the data breaches or other data protection issues. the Information Security Manager files the annual report to the Chief Executive Officer including the assessment of the data protection compliance system its effectiveness costs potentially needed updates number of compliance violations and investigations performed to comply with the best practices on the legal and technical levels. the Information Security Manager files notifications to the Data Subjects and the competent Supervisory Authorities in case of a data protection incident. the Information Security Manager acts as the contact point for the Data Subjects and assist them in communication with the competent Supervisory Authorities. the Information Security Manager represents Lodge IT Pty Ltd where appropriate with regard to any Personal Data matters. the Information Security Manager provide advice where required in relation to the data protection impact assessment. the Information Security Manager assists in future consulting with the competent Supervisory Authorities on the data protection impacts assessments and other relevant issues and to monitor the performance of such issues. the Information Security Manager keeps him herself knowledgeable and up to date with regard to the developments within the field of the data protection and the related obligations. the Information Security Manager keeps all the Personal Data obtained during his her work confidential and not to disclose it either to employees and contractors or to the external third parties without the proper reasoning. the Information Security Manager establishes and maintains organisational and technical measures in cooperation with the IT staff to fulfil the aforementioned obligations. the Chief Executive Officer facilitates adherence to this Policy In this capacity Chief Executive Officer should seek to promulgate a mindset which fosters the aims of this Policy and best practice for personal data protection. data protection principles applicable in the Australian Data and Privacy Act and other national laws relevant to the data processing operations of Lodge IT Pty Ltd are adhered to. *A person* is a user. *A person* is an employee. *A person* is a contractor. *A person* is responsible. *A user* complies with the provisions of this Policy. as a collector of any Personal Data *a user* ensures accuracy of the process. *A user* only collects information which is required for business process operations. *A user* only processes personal data for business purposes. *A user* protects Personal Data according to this Policy. when uncertain about the appropriate actions with Personal Data then *a user* should contact the Information Security Manager for further instructions. all principles for the processing of personal Data are adhered. the personal Data requirements are *a list*. Processing of personal Data requirement *an id* is adhered to. all processes are lawful. Lodge IT Pty Ltd processes Personal Data in a fair and transparent manner. Lodge IT Pty Ltd processes Personal Data only with the knowledge and in respect to the given rights of the respective Data Subject. Lodge IT Pty Ltd ensures that Personal Data of the respective Data Subject only processed within the purposes as outlined in the Privacy Policy and only by the employees and or contractors who have to be involved in the processing operations to fulfil these purposes. Lodge IT Pty Ltd limits subsequent changes to the processing of personal data and require substantiation and to the extent that the new purposes are incompatible with the initial purposes they require the consent of the Data Subject. Lodge IT Pty Ltd collects and processes only Personal Data that is actually needed in order to achieve its processing purposes. Lodge IT Pty Ltd processes Personal Data in an adequate relevant and limited manner. Lodge IT Pty Ltd processes data that is necessary in relation to the purposes for which the data is collected. Lodge IT Pty Ltd does not retain Personal Data longer then is required to achieve the relevant purposes. Lodge IT Pty Ltd Keeps data up to date. Lodge IT Pty Ltd takes reasonable steps to ensure that inaccurate or incomplete data either erased or corrected. Lodge IT Pty Ltd limits the storage scope and time to a level appropriate and necessary to fulfil the purposes of the data processing in line with the consent given by the Data Subject. Lodge IT Pty Ltd acknowledges Personal Data to be subjected to data secrecy. Lodge IT Pty Ltd secures the confidentiality and integrity of the processed Personal Data. Lodge IT Pty Ltd secures Personal Data with suitable organisational and technical measures to prevent unauthorised access illegal processing or distribution as well as accidental loss modification or destruction. Lodge IT Pty Ltd can demonstrate compliance with the aforementioned data protection principles. Lodge IT Pty Ltd processes data for recruitment employment provision of services & communication. Lodge IT Pty Ltd processes Personal Data for a client or other counterparty based on the formal agreement between Lodge IT Pty Ltd and such counterparty or other legal bases. technical obligations are adhered to. additional obligations are upheld. data collection is appropriate. the applicable rights of the Data Subjects on their requests are obliged. Data Subjects are provided with the information in concise transparent intelligible and easily accessible form. Data Subjects are notified in case of breach in the required manner. competent Supervisory Authority are notified in case of breach in the required manner. assessment of risk impact of a breach is provided. employees or contractors collect personal data directly from the respective Data Subjectall processes are lawful. the lawful personal Data requirements are *a list*. Processing of personal Data requirement *an id* is lawful. Lodge IT Pty Ltd processes Personal Data only when it has appropriate legal grounds. processing is necessary for the performance of a contract with a Data Subject. the processing is necessary to comply with a legal obligation to which Lodge IT Pty Ltd is subject. the processing is within the legitimate business interests of Lodge IT Pty Ltd. rights and freedoms of the Data Subjects are considered. Personal Data is only processed for a specific purpose unless otherwise expressly specified by the law. Lodge IT Pty Ltd has developed clear procedures regarding the processing of Personal Data according to appropriate legal bases. the technical obligations are *a list*. technical obligation *an id* is adhered to. LodgeiT is compliant with the principles of data processing. LodgeiT ensures where applicable pseudonymisation and encryption of Personal Data. LodgeiT provides provide the ability to ensure the ongoing confidentiality integrity and availability of the processing systems and services. LodgeiT provides access to Personal Data in a timely manner. LodgeiT implement regular testing assessment and evaluation of the effectiveness of security measures in relation to the data processing. the additional obligations are *a list*. additional obligation *an id* is upheld. Data Subjects are provided with the information in concise transparent intelligible and easily accessible form. employees or contractors collect personal data directly from the respective Data Subject. employees scope is met. all policy objectives are applied to all employees. contractors scope is met. all policy objectives are applied to all contractors. the knowledge base data_protection_policy includes: %Policy objective is met if data is private. %Policy objective is met if data is protected. all policy objectives are met if data is private and data is protected. %Data is protected if governance requirement is met. %Data is protected if scope requirement is met. %Data is protected if policy publishing requirement is met. %Data is protected if principles for the processing of personal Data are adhered to. %Data is protected if national laws are adhered to %Data is protected if users are responsible. data is protected if every governance requirement is met and every scope requirement is met and every policy publishing requirement is met and all principles for the processing of personal Data are adhered to and all national laws are adhered to and all users are responsible. %Data is private if principles for the processing of personal Data are adhered to %Data is private if users are responsible. data is private if all principles for the processing of personal Data are adhered to and all users are responsible. every scope requirement is met if employees scope is met and contractors scope is met. %Scope is met if it is found that the policy objectives are applied to all employees. %Scope is met if it is found that the policy objectives are applied to all contractors. employees scope is met if all policy objectives are applied to all employees. contractors scope is met if all policy objectives are applied to all contractors. % Policy publishing requirement is met if it is found that the Data Protection Policy is available in a format that cannot be changed easily % and % Policy publishing requirement is met if the Data Protection Policy is stored % and % Policy publishing requirement is met if Data Protection Policy is made readily available to all members of Lodge IT Pty Ltd % and % Policy publishing requirement is met if Data Protection Policy has been electronically distributed % and % Policy publishing requirement is met if Data Protection Policy has been updated with a new version number % and % Policy publishing requirement is met if history of changes have been retained. every policy publishing requirement is met if the Data Protection Policy is available in a format that cannot be changed easily and the Data Protection Policy is stored and the Data Protection Policy is made readily available to all members of Lodge IT Pty Ltd and the Data Protection Policy has been electronically distributed and history of changes of the Data Protection Policy have been retained. every governance requirement is met if the governance requirements are a list and for all cases in which an id is in the list it is the case that Governance requirement id is met. the governance requirements are [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16]. % Governance requirement is met if the Information Security Manager establishes and conducts a training program for employees and contractors % and % Governance requirement is met if the Information Security Manager monitor the Company processes regarding the fulfilment of the existing data protection policies and procedure % and % Governance requirement is met if the Information Security Manager monitors the quality and efficiency of Lodge IT Pty Ltd policies and procedures % and % Governance requirement is met if the Information Security Manager collects information from the employees and contractors (e.g., pursuant to interviews, questionnaires, etc.) about the data processing activities in order to identify challenges pertaining to these activities % and % Governance requirement is met if the Information Security Manager analyses & assesses the information, obtained from the employees and contractors, in terms of the effectiveness, quality, and costs regarding the existing Lodge IT Pty Ltd data protection compliance system % and % Governance is met if the Information Security Manager informs, advises and gives recommendations to the management of Lodge IT Pty Ltd regarding, for example, need for updates, changes, and additions to the existing data protection compliance system. % and % Governance is met if the Information Security Manager reports directly to the Chief Executive Officer regarding the data breaches or other data protection issues. % and % Governance requirement is met if the Information Security Manager files the annual report to the Chief Executive Officer, including the assessment of the data protection compliance system, its effectiveness, costs, potentially needed updates, number of compliance violations, and investigations performed to comply with the best practices on the legal and technical levels % and % Governance is met if the Information Security Manager files notifications to the Data Subjects and the competent Supervisory Authorities in case of a data protection incident % and % Governance is met if the Information Security Manager acts as the contact point for the Data Subjects and assist them in communication with the competent Supervisory Authorities % and % Governance requirement is met if the Information Security Manager represents Lodge IT Pty Ltd, where appropriate, with regard to any Personal Data matters % and % Governance is met if the Information Security Manager provide advice, where required, in relation to the data protection impact assessment % and % Governance requirement is met if the Information Security Manager assists in future consulting with the competent Supervisory Authorities on the data protection impacts, assessments and other relevant issues, and to monitor the performance of such issues % and % Governance requirement is met if the Information Security Manager keeps him/herself knowledgeable and up-to-date with regard to the developments within the field of the data protection (and the related obligations % and % Governance requirement is met if the Information Security Manager keeps all the Personal Data, obtained during his/her work, confidential and not to disclose it either to employees and contractors or to the external third parties without the proper reasoning % and % Governance requirement is met if the Information Security Manager establishes and maintains organisational and technical measures in cooperation with the IT staff to fulfil the aforementioned obligations % and % Governance requirement is met if the Chief Executive Officer facilitates adherence to this Policy. In this capacity, Chief Executive Officer should seek to promulgate a 'mindset', which fosters the aims of this Policy and best practice for personal data protection % and % Governance requirement is met if data protection principles applicable in the Australian Data and Privacy Act and other national laws relevant to the data processing operations of Lodge IT Pty Ltd are adhered to. Governance requirement 1 is met if the Information Security Manager establishes and conducts a training program for employees and contractors. Governance requirement 2 is met if the Information Security Manager monitor the Company processes regarding the fulfilment of the existing data protection policies and procedure. Governance requirement 3 is met if the Information Security Manager monitors the quality and efficiency of Lodge IT Pty Ltd policies and procedures. Governance requirement 4 is met if the Information Security Manager collects information from the employees and contractors about the data processing activities in order to identify challenges pertaining to these activities. Governance requirement 5 is met if the Information Security Manager analyses & assesses the information obtained from the employees and contractors in terms of the effectiveness quality and costs regarding the existing Lodge IT Pty Ltd data protection compliance system. Governance requirement 6 is met if the Information Security Manager informs advises and gives recommendations to the management of Lodge IT Pty Ltd regarding for example need for updates changes and additions to the existing data protection compliance system. Governance requirement 7 is met if the Information Security Manager reports directly to the Chief Executive Officer regarding the data breaches or other data protection issues. Governance requirement 8 is met if the Information Security Manager files the annual report to the Chief Executive Officer including the assessment of the data protection compliance system its effectiveness costs potentially needed updates number of compliance violations and investigations performed to comply with the best practices on the legal and technical levels. Governance requirement 9 is met if the Information Security Manager files notifications to the Data Subjects and the competent Supervisory Authorities in case of a data protection incident. Governance requirement 10 is met if the Information Security Manager acts as the contact point for the Data Subjects and assist them in communication with the competent Supervisory Authorities. Governance requirement 11 is met if the Information Security Manager represents Lodge IT Pty Ltd where appropriate with regard to any Personal Data matters. Governance requirement 12 is met if the Information Security Manager provide advice where required in relation to the data protection impact assessment. Governance requirement 13 is met if the Information Security Manager assists in future consulting with the competent Supervisory Authorities on the data protection impacts assessments and other relevant issues and to monitor the performance of such issues. Governance requirement 14 is met if the Information Security Manager keeps him herself knowledgeable and up to date with regard to the developments within the field of the data protection and the related obligations. Governance requirement 15 is met if the Information Security Manager keeps all the Personal Data obtained during his her work confidential and not to disclose it either to employees and contractors or to the external third parties without the proper reasoning. Governance requirement 16 is met if the Information Security Manager establishes and maintains organisational and technical measures in cooperation with the IT staff to fulfil the aforementioned obligations. Governance requirement 17 is met if the Chief Executive Officer facilitates adherence to this Policy In this capacity Chief Executive Officer should seek to promulgate a mindset which fosters the aims of this Policy and best practice for personal data protection. Governance requirement 18 is met if data protection principles applicable in the Australian Data and Privacy Act and other national laws relevant to the data processing operations of Lodge IT Pty Ltd are adhered to. %An employee is a user %A contractor is a user A person is a user if the person is an employee or the person is a contractor. all users are responsible if for all cases in which a person is a user it is the case that the person is responsible. % Users are responsible if they comply with the provisions of this Policy % and % Users are responsible if as a collector of any Personal Data, he / she ensures accuracy of the process % and % Users are responsible if they only collect information which is required for business process operations % and % Users are responsible if they only process personal data for business purposes % and % Users are responsible if they protect Personal Data according to this Policy % and % Users are responsible if when uncertain about the appropriate actions with Personal Data, employee and contractor should contact the Information Security Manager for further instructions. A user is responsible if the user complies with the provisions of this Policy and as a collector of any Personal Data the user ensures accuracy of the process and the user only collects information which is required for business process operations and the user only processes personal data for business purposes and the user protects Personal Data according to this Policy and when uncertain about the appropriate actions with Personal Data then the user should contact the Information Security Manager for further instructions. all principles for the processing of personal Data are adhered to if the personal Data requirements are a list and for all cases in which an id is in the list it is the case that Processing of personal Data requirement id is adhered to. the personal Data requirements are [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21]. % Processing of personal Data requirements are adhered to if all processes are lawful % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes Personal Data in a fair and transparent manner % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes Personal Data only with the knowledge and in respect to the given rights of the respective Data Subject % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd ensures that Personal Data of the respective Data Subject is only processed within the purposes as outlined in the Privacy Policy, and only by the employees and/or contractors, who have to be involved in the processing operations to fulfil these purposes % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd limits subsequent changes to the processing of personal data and require substantiation and, to the extent that the new purposes are incompatible with the initial purposes, they require the consent of the Data Subject % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd collects and processes only Personal Data that is actually needed in order to achieve its processing purposes % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes Personal Data in an adequate, relevant, and limited manner % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes data that is necessary in relation to the purposes for which the data is collected. % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd does not retain Personal Data longer then is required to achieve the relevant purposes % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd Keeps data up to date % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd takes reasonable steps to ensure that inaccurate or incomplete data is either erased or corrected. % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd limits the storage scope and time to a level appropriate and necessary to fulfil the purposes of the data processing in line with the consent given by the Data Subject % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd acknowledges Personal Data to be subjected to data secrecy % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd secures the confidentiality and integrity of the processed Personal Data % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd secures Personal Data with suitable organisational and technical measures to prevent unauthorised access, illegal processing or distribution, as well as accidental loss, modification or destruction % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd can demonstrate compliance with, the aforementioned data protection principles % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes data for recruitment, employment provision of services & communication % and % Processing of personal Data requirements are adhered to if Lodge IT Pty Ltd processes Personal Data for a client or other counterparty, based on the formal agreement between Lodge IT Pty Ltd and such counterparty or other legal bases % and % Processing of personal Data requirements are adhered to if technical obligations are adhered to % and % Processing of personal Data requirements are adhered to if additional obligations are upheld % and % Processing of personal Data requirements are adhered to if data collection is appropriate % Processing of personal Data requirements are lawful if Lodge IT Pty Ltd processes Personal Data only when it has appropriate legal grounds % and % Processing of personal Data requirements are lawful if processing is necessary for the performance of a contract with a Data Subject % and % Processing of personal Data requirements are lawful if the processing is necessary to comply with a legal obligation to which Lodge IT Pty Ltd is subject % and % Processing of personal Data requirements are lawful to if the processing is within the legitimate business interests of Lodge IT Pty Ltd % and % Processing of personal Data requirements are lawful if rights and freedoms of the Data Subjects are considered % and % Processing of personal Data requirements are lawful if Personal Data is only processed for a specific purpose, unless otherwise expressly specified by the law % and % Processing of personal Data requirements are lawful if Lodge IT Pty Ltd has developed clear procedures regarding the processing of Personal Data according to appropriate legal bases Processing of personal Data requirement 1 is adhered to if all processes are lawful. Processing of personal Data requirement 2 is adhered to if Lodge IT Pty Ltd processes Personal Data in a fair and transparent manner. Processing of personal Data requirement 3 is adhered to if Lodge IT Pty Ltd processes Personal Data only with the knowledge and in respect to the given rights of the respective Data Subject. Processing of personal Data requirement 4 is adhered to if Lodge IT Pty Ltd ensures that Personal Data of the respective Data Subject only processed within the purposes as outlined in the Privacy Policy and only by the employees and or contractors who have to be involved in the processing operations to fulfil these purposes. Processing of personal Data requirement 5 is adhered to if Lodge IT Pty Ltd limits subsequent changes to the processing of personal data and require substantiation and to the extent that the new purposes are incompatible with the initial purposes they require the consent of the Data Subject. Processing of personal Data requirement 6 is adhered to if Lodge IT Pty Ltd collects and processes only Personal Data that is actually needed in order to achieve its processing purposes. Processing of personal Data requirement 7 is adhered to if Lodge IT Pty Ltd processes Personal Data in an adequate relevant and limited manner. Processing of personal Data requirement 8 is adhered to if Lodge IT Pty Ltd processes data that is necessary in relation to the purposes for which the data is collected. Processing of personal Data requirement 9 is adhered to if Lodge IT Pty Ltd does not retain Personal Data longer then is required to achieve the relevant purposes. Processing of personal Data requirement 10 is adhered to if Lodge IT Pty Ltd Keeps data up to date. Processing of personal Data requirement 11 is adhered to if Lodge IT Pty Ltd takes reasonable steps to ensure that inaccurate or incomplete data either erased or corrected. Processing of personal Data requirement 12 is adhered to if Lodge IT Pty Ltd limits the storage scope and time to a level appropriate and necessary to fulfil the purposes of the data processing in line with the consent given by the Data Subject. Processing of personal Data requirement 13 is adhered to if Lodge IT Pty Ltd acknowledges Personal Data to be subjected to data secrecy. Processing of personal Data requirement 14 is adhered to if Lodge IT Pty Ltd secures the confidentiality and integrity of the processed Personal Data. Processing of personal Data requirement 15 is adhered to if Lodge IT Pty Ltd secures Personal Data with suitable organisational and technical measures to prevent unauthorised access illegal processing or distribution as well as accidental loss modification or destruction. Processing of personal Data requirement 16 is adhered to if Lodge IT Pty Ltd can demonstrate compliance with the aforementioned data protection principles. Processing of personal Data requirement 17 is adhered to if Lodge IT Pty Ltd processes data for recruitment employment provision of services & communication. Processing of personal Data requirement 18 is adhered to if Lodge IT Pty Ltd processes Personal Data for a client or other counterparty based on the formal agreement between Lodge IT Pty Ltd and such counterparty or other legal bases. Processing of personal Data requirement 19 is adhered to if technical obligations are adhered to. Processing of personal Data requirement 20 is adhered to if additional obligations are upheld. Processing of personal Data requirement 21 is adhered to if data collection is appropriate. all processes are lawful if the lawful personal Data requirements are a list and for all cases in which an id is in the list it is the case that Processing of personal Data requirement id is lawful. the lawful personal Data requirements are [1,2,3,4,5,6,7]. Processing of personal Data requirement 1 is lawful if Lodge IT Pty Ltd processes Personal Data only when it has appropriate legal grounds. Processing of personal Data requirement 2 is lawful if processing is necessary for the performance of a contract with a Data Subject. Processing of personal Data requirement 3 is lawful if the processing is necessary to comply with a legal obligation to which Lodge IT Pty Ltd is subject. Processing of personal Data requirement 4 is lawful if the processing is within the legitimate business interests of Lodge IT Pty Ltd. Processing of personal Data requirement 5 is lawful if rights and freedoms of the Data Subjects are considered. Processing of personal Data requirement 6 is lawful if Personal Data is only processed for a specific purpose unless otherwise expressly specified by the law. Processing of personal Data requirement 7 is lawful if Lodge IT Pty Ltd has developed clear procedures regarding the processing of Personal Data according to appropriate legal bases. technical obligations are adhered to if the technical obligations are a list and for all cases in which an id is in the list it is the case that technical obligation id is adhered to. the technical obligations are [1,2,3,4,5]. % technical obligations are adhered to if LodgeiT is compliant with the principles of data processing % and % technical obligations are adhered to if LodgeiT ensures where applicable, pseudonymisation and encryption of Personal Data % and % technical obligations are adhered to if LodgeiT provides provide the ability to ensure the ongoing confidentiality, integrity, and availability of the processing systems and services % and % technical obligations are adhered to if LodgeiT provides access to Personal Data in a timely manner % and % technical obligations are adhered to if LodgeiT implement regular testing assessment and evaluation of the effectiveness of security measures in relation to the data processing technical obligation 1 is adhered to if LodgeiT is compliant with the principles of data processing. technical obligation 2 is adhered to if LodgeiT ensures where applicable pseudonymisation and encryption of Personal Data. technical obligation 3 is adhered to if LodgeiT provides provide the ability to ensure the ongoing confidentiality integrity and availability of the processing systems and services. technical obligation 4 is adhered to if LodgeiT provides access to Personal Data in a timely manner. technical obligation 5 is adhered to if LodgeiT implement regular testing assessment and evaluation of the effectiveness of security measures in relation to the data processing. additional obligations are upheld if the additional obligations are a list and for all cases in which an id is in the list it is the case that additional obligation id is upheld. the additional obligations are [1,2,3,4,5]. % additional obligations are upheld if the applicable rights of the Data Subjects on their requests are obliged % and % additional obligations are upheld if Data Subjects are provided with the information in concise, transparent, intelligible and easily accessible form % and % additional obligations are upheld if Data Subjects are notified in case of breach in the required manner % and % additional obligations are upheld if competent Supervisory Authority are notified in case of breach in the required manner % and % additional obligations are upheld if assessment of risk impact of a breach is provided additional obligation 1 is upheld if the applicable rights of the Data Subjects on their requests are obliged. additional obligation 2 is upheld if Data Subjects are provided with the information in concise transparent intelligible and easily accessible form. additional obligation 3 is upheld if Data Subjects are notified in case of breach in the required manner. additional obligation 4 is upheld if competent Supervisory Authority are notified in case of breach in the required manner. additional obligation 5 is upheld if assessment of risk impact of a breach is provided. data collection is appropriate if employees or contractors collect personal data directly from the respective Data Subject. scenario one is: assessment of risk impact of a breach is provided. competent Supervisory Authority are notified in case of breach in the required manner. Data Subjects are notified in case of breach in the required manner. Data Subjects are provided with the information in concise transparent intelligible and easily accessible form. the applicable rights of the Data Subjects on their requests are obliged. LodgeiT is compliant with the principles of data processing. LodgeiT ensures where applicable pseudonymisation and encryption of Personal Data. LodgeiT provides provide the ability to ensure the ongoing confidentiality integrity and availability of the processing systems and services. LodgeiT provides access to Personal Data in a timely manner. LodgeiT implement regular testing assessment and evaluation of the effectiveness of security measures in relation to the data processing. Lodge IT Pty Ltd processes Personal Data only when it has appropriate legal grounds. processing is necessary for the performance of a contract with a Data Subject. the processing is necessary to comply with a legal obligation to which Lodge IT Pty Ltd is subject. the processing is within the legitimate business interests of Lodge IT Pty Ltd. rights and freedoms of the Data Subjects are considered. Personal Data is only processed for a specific purpose unless otherwise expressly specified by the law. Lodge IT Pty Ltd has developed clear procedures regarding the processing of Personal Data according to appropriate legal bases. Processing of personal Data requirement 1 is adhered to if all processes are lawful. Lodge IT Pty Ltd processes Personal Data in a fair and transparent manner. Lodge IT Pty Ltd processes Personal Data only with the knowledge and in respect to the given rights of the respective Data Subject. Lodge IT Pty Ltd ensures that Personal Data of the respective Data Subject only processed within the purposes as outlined in the Privacy Policy and only by the employees and or contractors who have to be involved in the processing operations to fulfil these purposes. Lodge IT Pty Ltd limits subsequent changes to the processing of personal data and require substantiation and to the extent that the new purposes are incompatible with the initial purposes they require the consent of the Data Subject. Lodge IT Pty Ltd collects and processes only Personal Data that is actually needed in order to achieve its processing purposes. Lodge IT Pty Ltd processes Personal Data in an adequate relevant and limited manner. Lodge IT Pty Ltd processes data that is necessary in relation to the purposes for which the data is collected. Lodge IT Pty Ltd does not retain Personal Data longer then is required to achieve the relevant purposes. Lodge IT Pty Ltd Keeps data up to date. Lodge IT Pty Ltd takes reasonable steps to ensure that inaccurate or incomplete data either erased or corrected. Lodge IT Pty Ltd limits the storage scope and time to a level appropriate and necessary to fulfil the purposes of the data processing in line with the consent given by the Data Subject. Lodge IT Pty Ltd acknowledges Personal Data to be subjected to data secrecy. Lodge IT Pty Ltd secures the confidentiality and integrity of the processed Personal Data. Lodge IT Pty Ltd secures Personal Data with suitable organisational and technical measures to prevent unauthorised access illegal processing or distribution as well as accidental loss modification or destruction. Lodge IT Pty Ltd can demonstrate compliance with the aforementioned data protection principles. Lodge IT Pty Ltd processes data for recruitment employment provision of services & communication. Lodge IT Pty Ltd processes Personal Data for a client or other counterparty based on the formal agreement between Lodge IT Pty Ltd and such counterparty or other legal bases. the user complies with the provisions of this Policy. as a collector of any Personal Data the user ensures accuracy of the process. the user only collects information which is required for business process operations. the user only processes personal data for business purposes. the user protects Personal Data according to this Policy. when uncertain about the appropriate actions with Personal Data then the user should contact the Information Security Manager for further instructions. employees or contractors collect personal data directly from the respective Data Subject. the Information Security Manager establishes and conducts a training program for employees and contractors. the Information Security Manager monitor the Company processes regarding the fulfilment of the existing data protection policies and procedure. the Information Security Manager monitors the quality and efficiency of Lodge IT Pty Ltd policies and procedures. the Information Security Manager collects information from the employees and contractors about the data processing activities in order to identify challenges pertaining to these activities. the Information Security Manager analyses & assesses the information obtained from the employees and contractors in terms of the effectiveness quality and costs regarding the existing Lodge IT Pty Ltd data protection compliance system. the Information Security Manager informs advises and gives recommendations to the management of Lodge IT Pty Ltd regarding for example need for updates changes and additions to the existing data protection compliance system. the Information Security Manager reports directly to the Chief Executive Officer regarding the data breaches or other data protection issues. the Information Security Manager files the annual report to the Chief Executive Officer including the assessment of the data protection compliance system its effectiveness costs potentially needed updates number of compliance violations and investigations performed to comply with the best practices on the legal and technical levels. the Information Security Manager files notifications to the Data Subjects and the competent Supervisory Authorities in case of a data protection incident. the Information Security Manager acts as the contact point for the Data Subjects and assist them in communication with the competent Supervisory Authorities. the Information Security Manager represents Lodge IT Pty Ltd where appropriate with regard to any Personal Data matters. the Information Security Manager provide advice where required in relation to the data protection impact assessment. the Information Security Manager assists in future consulting with the competent Supervisory Authorities on the data protection impacts assessments and other relevant issues and to monitor the performance of such issues. the Information Security Manager keeps him herself knowledgeable and up to date with regard to the developments within the field of the data protection and the related obligations. the Information Security Manager establishes and maintains organisational and technical measures in cooperation with the IT staff to fulfil the aforementioned obligations. the Information Security Manager keeps all the Personal Data obtained during his her work confidential and not to disclose it either to employees and contractors or to the external third parties without the proper reasoning. all policy objectives are applied to all employees. all policy objectives are applied to all contractors. the Data Protection Policy is available in a format that cannot be changed easily. the Data Protection Policy is stored. the Data Protection Policy is made readily available to all members of Lodge IT Pty Ltd. the Data Protection Policy has been electronically distributed. history of changes of the Data Protection Policy have been retained. all national laws are adhered to. query one is: all policy objectives are met. "). /** ?- answer("query one with scenario one"). ?- answer(one, with(one), le(E), R). **/