Compliance with Privacy and Information Security Requirements. (a) Service Provider shall comply with applicable Requirements;
(b) No applicable Requirement, other laws, or privacy or information security enforcement action, investigation, litigation or claim prohibits Service Provider from (i) fulfilling its obligations under this Addendum or (ii) complying with instructions it receives from Customer concerning Personal Information. In the event a law, or legal requirement, or privacy or information security enforcement action, investigation, litigation or claim, or any other circumstance, is reasonably likely to adversely affect Service Provider’s ability to fulfill its obligations under this Addendum, Service Provider shall promptly notify Customer in writing and Customer may, in its sole discretion and without penalty of any kind to Customer, suspend the (i) transfer or disclosure of Personal Information to Service Provider or (ii) access to Personal Information by Service Provider, terminate any further Processing of Personal Information by Service Provider, and terminate the Agreement, if doing so is necessary to comply with the Requirements.
Compliance with Privacy and Information Security Requirements. (A) Each Party shall comply with all Privacy Laws in connection with Processing Personal Information pursuant to the Agreement. S&SC shall promptly inform Customer if, in S&SC’s opinion, an instruction from Customer infringes applicable Privacy Laws.
(B) S&SC certifies that it understands and will comply with the requirements and restrictions set forth in this addendum.
(C) Upon Customer’s request, S&SC shall provide reasonable assistance needed to fulfil Customer’s obligation under Privacy Laws to carry out a data protection impact assessment and any related regulatory consultation related to Customer’s use of the Products, to the extent Customer does not otherwise have access to the relevant information and such information is available to S&SC. Notwithstanding anything to the contrary in the Agreement, S&SC shall provide such assistance at Customer’s expense.
(D) S&SC shall take reasonable steps to ensure the reliability of any employee, agent or contractor of S&SC who may have access to the Personal Information, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
(E) S&SC shall promptly inform Customer in writing of any Information Security Incident of which S&SC becomes aware. Such notice shall summarize in reasonable detail the nature of the Information Security Incident (including, where possible, the categories and approximate number of affected individuals and the categories and approximate number of Personal Information records concerned), effect on Customer and affected individuals, if known, of the Information Security Incident and the corrective action taken or to be taken by S&SC. S&SC will also provide any other information regarding the Information Security Incident that is reasonably requested in writing by Customer to comply with Customer’s reporting, notification and record keeping obligation pursuant to applicable Privacy Laws. At Customer’s expense, S&SC shall reasonably cooperate with Customer in all reasonable and lawful efforts to prevent, assess, mitigate or rectify such Information Security Incident and, where required by applicable Privacy Laws, to notify the Information Security Incident to the competent supervisory authority or privacy commissioner, as applicable, and affected individuals.
Compliance with Privacy and Information Security Requirements. 3.3.1. 1Password’s Processing of Personal Data will comply with Applicable Data Protection Laws. Each Party will comply with the requirements set forth under the CCPA with regard to processing of De-identified Data.
3.3.2. 1Password will implement an appropriate Information Security Program that is consistent with Applicable Data Protection Laws and industry standards, and that is reasonable in light of the nature of the data being Processed. 1Password will maintain reasonable administrative, physical, and technical safeguards that are necessary to ensure the security, confidentiality, and integrity of Personal Data under the Agreement, these measures are detailed in Schedule B.
3.3.3. Partner without prejudice to 1Password’s obligations under this DPA, and anywhere else in the Agreement, as between 1Password and Partner, Partner is responsible for its and it's Managed Customer’s use of the Services, including the processing of any copies of Personal Data outside of 1Password or its Sub-Processors systems, including securing the account authentication credentials, systems and devices Partner and its Managed Customers use to access the Services.
3.3.4. In the event that 1Password determines that it can no longer meet its obligations under this Addendum or Applicable Data Protection Laws, 1Password agrees to cease processing Personal Data under the Agreement and notify the Partner in writing of such determination without undue delay.
Compliance with Privacy and Information Security Requirements. 4.1 Supplier shall comply with all Privacy Laws.
4.2 Supplier shall enter into such further privacy or information security agreement as the Buyer may reasonably request for purposes of compliance with the Privacy Laws. In case of any conflict between this DPA and the Agreement, this DPA shall prevail with regard to the Processing of Personal Data covered by it.
Compliance with Privacy and Information Security Requirements a. Compliance with Laws. CrowdStrike shall comply with all Privacy and Security Laws, the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data from the European Economic Area, Switzerland, and the United Kingdom, as applicable. & U R Z G 6 W U L N Hhtt¶ps:/V/www.croSwdsUtrikLe.coYm/prDivacFy-no\ xxxx/. TQo the extent necessary to comply with Privacy and Security Laws, including but not limited to when Customer is a controller of Personal Data processed by CrowdStrike originating in the European Union, Switzerland, or the United Kingdom, the Data Protection Addendum set forth R W L here V K D O O D S S O \ W R & U R Z G 6 W U L N b. Safeguards. CrowdStrike shall maintain appropriate technical and organizational safeguards commensurate with the sensitivity of the Customer Data and Personal Data processed by it on & X V W R P H U ¶ V E H K D O I Z K L F K D such Customer Data and Personal Data and protect such Customer Data and Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure R U D F F H V V Z K L F K V X E V W D Q W L D 6 H F X U L W \ & R Q W U R O V I R U & U R Z 5. Customer Obligations. Customer, along with its Affiliates, represents and warrants that: (i) it owns or has a right of use from a third party, and controls, directly or indirectly, all of the V R I W Z D U H K D U G Z P DV U· H DZ QK GH U FH R P CrowdStrike Tools will be installed or that will be the subject of, or investigated during, the Offerings, (ii) to the extent required under any federal, state, or local U.S. or non-US laws (e.g., Computer Fraud and Abuse Act, 18 U.S.C. § 1030 et seq., Title III, 18 U.S.C. 2510 et seq., and the Electronic Communications Privacy Act, 18 U.S.C. § 2701 et seq.) it has authorized CrowdStrike to access the Systems and process and transmit data through the Offerings and CrowdStrike Tools in accordance with this Agreement and as necessary to provide and perform the Offerings, (iii) it has a lawful basis in having CrowdStrike investigate the Systems, process the Customer Data and the Personal Data; (iv) that it is and will at all relevant times remain duly and effectively authorized to instruct CrowdStrike to carry out the Offerings, and (v) it has made all necessary disclosures, obtained all necessary consents and government authorizations required under applicable law to...
Compliance with Privacy and Information Security Requirements a. Compliance with Laws. CrowdStrike shall comply with all Privacy and Security Laws, the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data from the European Economic Area, Switzerland, and the United Kingdom, as applicable. CrowdStrike’s privacy notice may be found at xxxx://xxx.xxxxxxxxxxx.xxx/privacy-notice/. To the extent necessary to comply with Privacy and Security Laws, including but not limited to when Customer is a controller of Personal Data processed by CrowdStrike originating in the European Union, Switzerland, or the United Kingdom, the Data Protection Addendum set forth here xxxxx://xxx.xxxxxxxxxxx.xxx/data-protection-agreement/ shall apply to CrowdStrike’s processing of such Customer Personal Data.
Compliance with Privacy and Information Security Requirements
