Additional Business Terms for Reviews and Audits a. Customer must send any requests for reviews of the SOC 2 report under Section 7.5.1 or audits under Section 7.5.2(a) or 7.5.2(b) to Google’s Cloud Data Protection Team as described in Section 12 (Cloud Data Protection Team; Processing Records).
b. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report under Section 7.5.1; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) or 7.5.2(b).
c. Google may charge a fee (based on Google’s reasonable costs) for any audit under Section 7.5.2(a) or 7.5.2(b). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
d. Google may object in writing to an auditor appointed by Customer to conduct any audit under Section 7.5.2(a) or 7.5.2(b) if the auditor is, in Google’s reasonable opinion, not suitably qualified or independent, a competitor of Google, or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself.
Additional Business Terms for Reviews and Audits. ▪ a. Customer must send any requests for reviews of the SOC 2 report under Section 7.5.1 or audits under Section 7.5.2(a) or 7.5.2(b) to Google’s Cloud Data Protection Team as described in Section 12 (Cloud Data Protection Team; Processing Records). ▪ b. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report under Section 7.5.1; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) or 7.5.2(b).
Additional Business Terms for Reviews and Audits a. If the European Data Protection Legislation applies to the processing of Customer Personal Data, Customer may exercise its right to audit Upwork under Sections 7.4.1(a) or 7.4.1(b): (1) where there has been a Data Incident within the previous six (6) months or there is reasonable suspicion of a Data Incident within the previous six (6) months or (2) where Customer will pay all reasonable costs and expenses incurred by Upwork in making itself available for an audit. Any third party who will be involved with or have access to the audit information must be mutually agreed to by Customer and Upwork and must execute a written confidentiality agreement acceptable to Upwork before conducting the audit.
b. To request an audit under Section 7.4.1(a) or 7.4.1(b), Customer must submit a detailed audit plan to Upwork’s Privacy Contact as described in Section 12 (Privacy Contact; Processing Records) at least thirty (30) days in advance of the proposed audit date, describing the proposed scope, duration, and start time of the audit. The scope may not exceed a review of Upwork’s compliance with the Model Contract Clauses or its compliance with the European Data Protection Legislation, in each case with respect to the Customer Data. The audit must be conducted during regular business hours at the applicable facility, subject to Upwork policies, and may not interfere with Upwork business activities.
c. Following receipt by Upwork of a request for an audit under Section 7.4.1(a) or 7.4.1(b), Upwork and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of documentation; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.4.1(a) or 7.4.1(b).
d. Customer will be responsible for any fees it incurs, including any fees charged by any auditor appointed by Customer to execute any such audit.
e. Customer will provide Upwork any audit reports generated in connection with any audit under this section, unless prohibited by law. Customer may use the audit reports only to meet its regulatory audit requirements and to confirm compliance with the requirements of the Model Contract Clauses or European Data Protection Legislation. The audit reports, and all information and records observed or otherwise collected in the course of the audit, are Confidential Information of Upwork under the terms of the Agreement...
Additional Business Terms for Reviews and Audits. Upon Customer’s written request at reasonable intervals, and subject to the confidentiality obligations set forth in the Agreement, IT Farm shall make available to Customer that is not a competitor of IT Farm(or Customer’s independent, third-party auditor that is not a competitor of IT Farm) a copy of IT Farm’s then most recent third-party audits or certifications, as applicable. IT Farm may charge a fee (based on IT Farm’s reasonable costs) for any review of the third-party audits or certifications. IT Farm will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such review or audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit. IT Farm may object in writing to an auditor appointed by Customer to conduct any audit under Section 6.5.2 if the auditor is, in IT Farm’s reasonable opinion, not suitably qualified or independent, a competitor of IT Farm, or otherwise manifestly unsuitable. Any such objection by IT Farm will require Customer to appoint another auditor or conduct the audit itself. Customer must send any requests for reviews of the audits under Section 6.5.2 to IT Farm’s Cloud Data Protection Team as described in Section 11(Cloud Data Protection Team; Processing Records).
Additional Business Terms for Reviews and Audits a. Customer must send any requests for reviews of the SOC 2 report under Section 7.5.1 or audits under Section 7.5.2(a) or 7.5.2(b) to Google’s Cloud Data Protection Team as described in Section 12 (Cloud Data Protection Team; Processing Records).
b. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report under Section 7.5.1; and
Additional Business Terms for Reviews and Audits a. Customer must send any requests for reviews of the SOC 2 report under Section 5.1.2(c)(i) or 7.5.1, or audits under Section 7.5.2(a) or 7.5.2(b), to Google’s Cloud Data Protection Team as described in Section 12 (Cloud Data Protection Team; Processing Records).
b. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report under Section 5.1.2(c)(i) or 7.5.1; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) or 7.5.2(b).
c. Google may charge a fee (based on Google’s reasonable costs) for any audit under Section 7.5.2(a) or 7.5.2(b). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
d. Google may object in writing to an auditor appointed by Customer to conduct any audit under Section 7.5.2(a) or 7.5.2(b) if the auditor is, in Google’s reasonable opinion, not suitably qualified or independent, a competitor of Google, or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself.
Additional Business Terms for Reviews and Audits. The Customer must send any requests for reviews of the Security Measures and Controls document or audits to IRIS Connect’s Data Protection Team via the Support Desk.
13.7.1 Following receipt by IRIS Connect of a request IRIS Connect and the Customer will discuss and agree in advance on:
13.7.2.1 the reasonable date(s) of and security and confidentiality controls applicable to any review of the Security Measures and Controls Document.
13.7.2.2 the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit.
Additional Business Terms for Reviews and Audits a. Customer must send any requests for reviews of the SOC 2 report under Section 5.1.2(c)(i) or 7.5.1, or audits under Section 7.5.2(a) or 7.5.2(b), to Google’s Cloud Data Protection Team as described in Section 12 (Cloud Data Protection Team; Processing Records).
b. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report under Section 5.1.2(c)(i) or 7.5.1; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) or 7.5.2(b).
c. Google may charge a fee (based on Google’s reasonable costs) for any audit under Section 7.5.2(a) or 7.5.2(b). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
d. Google may object in writing to an auditor appointed by Customer to conduct any audit under Section 7.5.2(a) or 7.5.2(b) if the auditor is, in Google’s reasonable opinion, not suitably qualified or independent, a competitor of Google, or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself.
Additional Business Terms for Reviews and Audits a. Customer must contact Google’s Cloud Data Protection Team to request:
i. access to the SOC Reports for a relevant controller under Section 7.5.1 (Reviews of Security Documentation); or
ii. an audit under Section 7.5.2(a) (Customer Audit).
b. Following a Customer request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on:
i. security and confidentiality controls applicable to any access to the SOC Reports by a relevant controller under Section 7.5.1 (Reviews of Security Documentation); and
ii. the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) (Customer Audit).
c. Google may charge a fee (based on Google’s reasonable costs) for any audit under Section 7.5.2(a) (Customer Audit). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
d. Google may object in writing to an auditor appointed by Customer to conduct any audit under Section 7.5.2(a) (Customer Audit) if the auditor is, in Google’s reasonable opinion, not suitably qualified or independent, a competitor of Google, or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself.
e. Any Customer requests under Appendix 3 (Specific Privacy Laws) or Appendix 4 (Specific Products) for access to any SOC reports for a relevant controller or for audits will also be subject to this Section
Additional Business Terms for Reviews and Audits x. XXX must send any requests for reviews of the SOC 2 report, or audits, to Provider’s Cloud Data Protection Team at xxxxx://xxxxxxx.xxxxxx.xxx/cloud/contact/dpo (and/or via such other means as Provider may provide from time to time).
b. Following receipt by Provider of a request, Provider and XXX will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 report; and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit.
c. Provider may charge a fee (based on Provider’s reasonable costs) for any audit under this Section 2.A. Provider will provide LEA with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. XXX will be responsible for any fees charged by any auditor appointed by XXX to execute any such audit.
d. Provider may object in writing to an auditor appointed by XXX to conduct any audit under Section 2.A if the auditor is, in Provider’s reasonable opinion, not suitably qualified or independent, a competitor of Provider, or otherwise manifestly unsuitable. Any such objection by Provider will require LEA to appoint another auditor or conduct the audit itself.
