Common use of Contracting with Sub-Processors Clause in Contracts

Contracting with Sub-Processors. 8.1 The Data Controller authorizes the Data Processor to engage the sub-processors in the country locations for the Service-related activities specified as described in Section 1.4. Data Processor shall inform the Data Controller of any addition or replacement of such sub-processors giving the Data Controller an opportunity to object to such changes. 8.2 Notwithstanding any authorization by the Data Controller with the meaning of the preceding paragraph, the Data Processor shall remain fully liable vis-à-vis the Data Controller for the performance of any such sub- processor that fails to fulfill its data protection obligations. 8.3 The consent of the Data Controller pursuant to Article 8.1 shall not alter the fact that consent is required under Article 6 for the engagement of sub-processors in a country outside the European Economic Area without a suitable level of protection. 8.4 The Data Processor shall ensure that the sub-processor is bound by the same data protection obligations of the Data Processor under this Data Processing Agreement, shall supervise compliance thereof, and must in particular impose on its sub-processors the obligation to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of EU Data Protection Law. 8.5 The Data Controller may request that the Data Processor audit a sub-processor or provide confirmation that such an audit has occurred (or, where available, obtain or assist customer in obtaining a third-party audit report concerning the sub-processor’s operations) to ensure compliance with its obligations imposed by the Data Processor in conforming with this Data Processing Agreement.

Contracting with Sub-Processors. 8.1 The Data Controller authorizes authorises the Data Processor to engage the sub-sub- processors in the country locations for the Service-related activities specified as described in Section 1.4Annex 2, if any. Data Processor shall inform the Data Controller of any addition or replacement of such sub-sub- processors giving the Data Controller an opportunity to object to such changes. 8.2 . Notwithstanding any authorization authorisation by the Data Controller with within the meaning of the preceding paragraph, the Data Processor shall remain fully liable vis-à-vis the Data Controller for the performance of any such sub- processor subprocessor that fails to fulfill fulfil its data protection obligations. 8.3 . The consent of the Data Controller pursuant to Article section 8.1 shall not alter the fact that consent is required under Article section 6 for the engagement of sub-processors in a country outside the European Economic Area without a suitable level of protection. 8.4 protection for applicable data transfers. The Data Processor shall ensure that the sub-processor is bound by the same data protection obligations of the Data Processor under this Data Processing Agreement, shall supervise compliance thereof, and must in particular impose on its sub-processors the obligation to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of EU Applicable Data Protection Law. 8.5 . The Data Controller may request that the Data Processor audit a sub-processor Third Party Subprocessor or provide confirmation that such an audit has occurred (or, where available, obtain or assist customer Data Controller in obtaining a third-party audit report concerning the sub-processorThird Party Subprocessor’s operations) to ensure compliance with its obligations imposed by the Data Processor in conforming conformity with this Data Processing Agreement.

Contracting with Sub-Processors. 8.1 10.1 The Data Controller authorizes the Data Processor to engage the sub-processors in the country locations for the Service-related activities specified as described in Section 1.4Paragraph 3.1. Data Processor shall inform the Data Controller of any addition or replacement of such sub-processors giving the Data Controller an opportunity to object to such changes. 8.2 10.2 Notwithstanding any authorization by the Data Controller with the meaning of the preceding paragraph, the Data Processor shall remain fully liable vis-à-vis the Data Controller for the performance of any such sub- sub-processor that fails to fulfill its data protection obligations. 8.3 10.3 The consent of the Data Controller pursuant to Article 8.1 Paragraph 10.1 shall not alter the fact that consent is required under Article 6 for the engagement of sub-processors in a country outside the European Economic Area without a suitable level of protection. 8.4 10.4 The Data Processor shall ensure that the sub-processor is bound by the same data protection obligations of the Data Processor under this Data Processing AgreementAddendum, shall supervise compliance thereof, and must in particular impose on its sub-processors the obligation to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of EU Data Protection Law. 8.5 10.5 The Data Controller may request that the Data Processor audit a sub-processor or provide confirmation that such an audit has occurred (or, where available, obtain or assist customer in obtaining a third-party audit report concerning the sub-processor’s operations) to ensure compliance with its obligations imposed by the Data Processor in conforming with this Data Processing AgreementAddendum.