Data Transfers If Lenovo or its Subcontractors are located outside the EEA, Lenovo and Controller hereby execute the controller to processor standard contractual clauses as set out in MODULE TWO in the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council as amended or superseded from time to time (the "C2P Standard Contractual Clauses") and hereby incorporate them into this Addendum by reference. The parties acknowledge and agree that:
a. Lenovo and Controller shall each comply with their respective obligations in the C2P Standard Contractual Clauses;
b. If there is any conflict or inconsistency between the C2P Standard Contractual Clauses and this Addendum or the Agreement, the C2P Standard Contractual Clauses shall control to the extent of the conflict; and
c. The information in the following tables is hereby incorporated into the C2P Standard Contractual Clauses between the Parties: Clause 9. Use of sub-processors Option 2 GENERAL WRITTEN AUTHORISATION is selected. Data importer shall provide information at least 30 days in advance as per Clause “Subprocessing” Clause 17. Governing law These Clauses shall be construed in accordance with the governing law set forth in the Parties’ base agreement unless that governing law is not that of an EU Member State that allows for third-party beneficiary rights. In such event, the Parties agree that these Clauses shall be governed by the law of IRELAND. Clause 18 (b). Choice of forum and jurisdiction The Parties agree that any dispute arising from these Clauses shall be resolved by the courts of IRELAND. Data Exporter’s Name Controller, and any of its commonly owned or controlled affiliates Data Exporter’s Address The address of the Customer entity that entered into the Agreement. Data Exporter´s contact person´s name, position and contact details As agreed as part of the Agreement. Data Exporter´s activities relevant to the data transferred under these Clauses The Services provided by the Data Importer to the Data Exporter in accordance with the Agreement Data Exporter´s signature and date The parties agree that acceptance of the Agreement by the Data Importer and the Data Exporter has the equivalent legal effect of a signature. The date of signature is the date of such acceptance Data Exporter´s role Controller Data Importer’s name Lenovo and its subcontractors Data Importer´s address The address of the Lenovo entity that is providing the Services Data Importer´s contact details xxxx@xxxxxx.xxx Data Importer´s activities relevant to the data transferred under these Clauses The Services provided by the Data Importer to the Data Exporter in accordance with the Agreement Data Importer´s signature and date The parties agree that acceptance of the Agreement by the Data Importer and the Data Exporter has the equivalent legal effect of a signature. The date of signature is the date of such acceptance Data Importer’s Role Processor Categories of data subjects As set out in Exhibit A Categories of personal data As set out in Exhibit A Sensitive data As set out in Exhibit A Frequency of the Transfer As required for the provision of the Services Nature of the processing As set out in Exhibit A Purpose of the processing As set out in Exhibit A Period for which personal data will be retained As set out in Exhibit A Subject matter, nature and duration of the processing carried out by subprocessors As set out in Exhibit A Competent Supervisory Authority with responsibility for ensuring compliance by the data exporter with Regulation (EU) 2016/679 ty The supervisory authority that will act as competent supervisory authority will be that of the EU member State where Data Exporter is established in the EU. If Data Exporter (i.e., contracting legal entity) is not established in EU, then the Competent Supervisory Authority will be such of the EU Member State in which the Data Exporter´s EU representative within the meaning of Article 27(1) of Regulation (EU) 2016/679 is established. If the Data Exporter is not established in the EU but does not need to appoint an EU representative, then the Competent Supervisory Authority will be that of the EU Member State in which the data subjects whose personal data is transferred under these Clauses in relation to the offering of goods or services to them, or whose behaviour is monitored, are located. Description of the technical and organisational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights andfreedoms of natural persons. Set forth at Section 11 of this Addendum and in its Exhibit A. List of authorised subprocessors As set out in Annex 1 to Exhibit A
Data Transfer 11.1 The Processor may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the prior written consent of the Company. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.
International Data Transfers The Company and the Stock Plan Administrator are based in the United States. The Participant should note that the Participant’s country of residence may have enacted data privacy laws that are different from the United States. The Company’s legal basis for the transfer of the Participant's Personal Information to the United States is the Participant’s consent.
Security and Data Transfers Party shall comply with all applicable State and Agency of Human Services' policies and standards, especially those related to privacy and security. The State will advise the Party of any new policies, procedures, or protocols developed during the term of this agreement as they are issued and will work with the Party to implement any required. Party will ensure the physical and data security associated with computer equipment, including desktops, notebooks, and other portable devices, used in connection with this Agreement. Party will also assure that any media or mechanism used to store or transfer data to or from the State includes industry standard security mechanisms such as continually up-to-date malware protection and encryption. Party will make every reasonable effort to ensure media or data files transferred to the State are virus and spyware free. At the conclusion of this agreement and after successful delivery of the data to the State, Party shall securely delete data (including archival backups) from Party’s equipment that contains individually identifiable records, in accordance with standards adopted by the Agency of Human Services. Party, in the event of a data breach, shall comply with the terms of Section 7 above.
Onward transfers The data importer shall only disclose the personal data to a third party on documented instructions from the data exporter. In addition, the data may only be disclosed to a third party located outside the European Union (in the same country as the data importer or in another third country, hereinafter ‘onward transfer’) if the third party is or agrees to be bound by these Clauses, under the appropriate Module, or if:
(i) the onward transfer is to a country benefitting from an adequacy decision pursuant to Article 45 of Regulation (EU) 2016/679 that covers the onward transfer;
(ii) the third party otherwise ensures appropriate safeguards pursuant to Articles 46 or 47 Regulation of (EU) 2016/679 with respect to the processing in question;
(iii) the onward transfer is necessary for the establishment, exercise or defence of legal claims in the context of specific administrative, regulatory or judicial proceedings; or
(iv) the onward transfer is necessary in order to protect the vital interests of the data subject or of another natural person. Any onward transfer is subject to compliance by the data importer with all the other safeguards under these Clauses, in particular purpose limitation.
Void Transfers To the greatest extent permitted by the Act and other Law, any Transfer by any Member of any Membership Interests or other interest in the Company in contravention of this Agreement shall be void and ineffective and shall not bind or be recognized by the Company or any other Person. In the event of any Transfer in contravention of this Agreement, to the greatest extent permitted by the Act and other Law, the purported Transferee shall have no right to any profits, losses or Distributions of the Company or any other rights of a Member.
Non-Transfers Notwithstanding anything to the contrary contained in this Article 14, (i) an assignment or subletting of all or a portion of the Premises to an affiliate of Tenant (an entity which is controlled by, controls, or is under common control with, Tenant), (ii) an assignment of the Premises to an entity which acquires all or substantially all of the assets or interests (partnership, stock or other) of Tenant, (iii) an assignment of the Premises to an entity which is the resulting entity of a merger or consolidation of Tenant with another entity, or (iv) a sale of corporate shares of capital stock in Tenant in connection with an initial public offering of Tenant’s stock on a nationally-recognized stock exchange (collectively, a “Permitted Transferee”), shall not be deemed a Transfer under this Article 14, provided that (A) Tenant notifies Landlord of any such assignment or sublease and promptly supplies Landlord with any documents or information requested by Landlord regarding such assignment or sublease or such affiliate, (B) such assignment or sublease is not a subterfuge by Tenant to avoid its obligations under this Lease, (C) such Permitted Transferee shall be of a character and reputation consistent with the quality of the Building, and (D) such Permitted Transferee described in subpart (ii) or (iii) above shall have a tangible net worth (not including goodwill as an asset) computed in accordance with generally accepted accounting principles (“Net Worth”) at least equal to the Net Worth of Tenant on the day immediately preceding the effective date of such assignment or sublease. An assignee of Tenant’s entire interest that is also a Permitted Transferee may also be known as a “Permitted Assignee”. “Control,” as used in this Section 14.8, shall mean the ownership, directly or indirectly, of at least fifty-one percent (51%) of the voting securities of, or possession of the right to vote, in the ordinary direction of its affairs, of at least fifty-one percent (51%) of the voting interest in, any person or entity. No such permitted assignment or subletting shall serve to release Tenant from any of its obligations under this Lease.
TRANSFERS, SPLIT-UPS, AND COMBINATIONS OF RECEIPTS The transfer of this Receipt is registrable on the books of the Depositary at its Corporate Trust Office by the Owner hereof in person or by a duly authorized attorney, upon surrender of this Receipt properly endorsed for transfer or accompanied by proper instruments of transfer and funds sufficient to pay any applicable transfer taxes and the expenses of the Depositary and upon compliance with such regulations, if any, as the Depositary may establish for such purpose. This Receipt may be split into other such Receipts, or may be combined with other such Receipts into one Receipt, evidencing the same aggregate number of American Depositary Shares as the Receipt or Receipts surrendered. As a condition precedent to the execution and delivery, registration of transfer, split-up, combination, or surrender of any Receipt or withdrawal of any Deposited Securities, the Depositary, the Custodian, or Registrar may require payment from the depositor of Shares or the presenter of the Receipt of a sum sufficient to reimburse it for any tax or other governmental charge and any stock transfer or registration fee with respect thereto (including any such tax or charge and fee with respect to Shares being deposited or withdrawn) and payment of any applicable fees as provided in this Receipt, may require the production of proof satisfactory to it as to the identity and genuineness of any signature and may also require compliance with any regulations the Depositary may establish consistent with the provisions of the Deposit Agreement or this Receipt. The delivery of Receipts against deposits of Shares generally or against deposits of particular Shares may be suspended, or the transfer of Receipts in particular instances may be refused, or the registration of transfer of outstanding Receipts generally may be suspended, during any period when the transfer books of the Depositary are closed, or if any such action is deemed necessary or advisable by the Depositary or the Company at any time or from time to time because of any requirement of law or of any government or governmental body or commission, or under any provision of the Deposit Agreement or this Receipt, or for any other reason, subject to Article (22) hereof. Without limitation of the foregoing, the Depositary shall not knowingly accept for deposit under the Deposit Agreement any Shares required to be registered under the provisions of the Securities Act, unless a registration statement is in effect as to such Shares.
Returned Transfers In using the Account to Account Transfer Service, you understand transfers may be returned for various reasons such as, but not limited to, the External Account number is not valid. We will use reasonable efforts to research and correct the transfer to the intended Account or void the transfer and credit your Account from which you attempted to transfer funds. You may receive notification from us.
Transfers of Personal Data Oracle may store or transfer Your Content on a global basis as necessary for the Purpose(s). Oracle and its affiliates may perform certain aspects of the Services (e.g., administration, maintenance, support, disaster recovery, data processing, etc.) from locations and through subcontractors, worldwide. Data transfers are made subject to the terms of the EU Standard Contractual Clauses for Controllers (“Clauses”) if: (a) You (or Your data partner) share, use, or process Personal Data under this Agreement; and (b) such data transfer is: (i) subject to any restrictions or requirements under Directive 95/46/EC or Regulation (EU) 2016/679 repealing Directive 95/46/EC (General Data Protection Regulation); and (ii) made to countries, jurisdictions or recipients outside the EEA or Switzerland not recognized by the European Commission as ensuring an adequate level of protection pursuant to Directive 95/46/EC or General Data Protection Regulation. You and Oracle agree that incorporation of the Clauses into this Agreement acts as a legally-binding execution of the Clauses as entered into between Oracle (acting in its own name and in the name and on behalf of the Oracle affiliates) and You (acting in Your own name and in the name and on behalf of Your affiliates).
