Controller Obligations. 5.1 The Controller represents and warrants that it shall comply with this DPA and its obligations under Data Protection Law.
Controller Obligations. The Controller represents and warrants that it shall comply with the terms of the Customer Terms, this DPA and all applicable data protection laws. The Controller represents and warrants that it has obtained any and all necessary permissions and authorizations necessary to permit the Processor, its Subsidiaries and Sub-Processors, to execute their rights or perform their obligations under this DPA. The Controller is responsible for compliance with all applicable data protection legislation, including requirements with regards to the transfer of Personal Data under this DPA and the Customer Terms. All Subsidiaries of the Controller who use the Services shall comply with the obligations of the Controller set out in this DPA. The Controller has their own obligations to implement their own appropriate technical and organizational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The Controller shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including as appropriate:
Controller Obligations. 8.1 The Institution shall comply with its obligations under the Data Protection Legislation.
Controller Obligations. 4.1 The Controller warrants and represents that all instructions provided to the Processor in relation to the processing of personal data are lawful and shall as a minimum include:
Controller Obligations. The Client as the Controller carries the primary obligation to comply with the Data Protection Laws and to protect Client’s Personal Data. Client agrees to identify applicable legal bases for the Processing Personal Data submitted to Xxxxx, including when in connection to the disclosure of Client’s Personal Data, Cross-Border Processing, Transfers of Personal Data to Third Countries or International Organisations, Processing of Special Categories of Personal Data as applicable.
Controller Obligations. Controller instructs Processor to process Personal Data in accordance with this DPA, and is responsible for providing all notices and obtaining all consents, licences and legal bases required to allow Processor to process Personal Data.
Controller Obligations. 2.1. Whenever a party is acting in a capacity as a "controller" in relation to European Personal Data, it shall comply in all respects with European Privacy Law, including by processing such European Personal Data fairly and lawfully and by taking appropriate technical and organisational measures to protect the European Personal Data against unauthorized or unlawful processing and against accidental loss or destruction of, or damage to, the European Personal Data.
Controller Obligations. The Controller represents and warrants that it shall comply with the Terms and Conditions, this DPA and all applicable data protection laws. The Controller represents and warrants that it has obtained any and all necessary permissions and authorisations necessary to permit the Processor, its Subsidiaries and Sub-Processors, to execute their rights or perform their obligations under this DPA. The Controller is responsible for compliance with all applicable data protection legislation, including requirements with regards to the transfer of Personal Data under this DPA and the Terms and Conditions. All Subsidiaries of the Controller who use the Services shall comply with the obligations of the Controller set out in this DPA. The Controller has their own obligations to implement their own appropriate technical and organisational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The Controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymisation and encryption of Personal Data; (ii) the ability to ensure the on-going confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In accessing the appropriate level of security account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. The Controller shall take steps to ensure that any natural person acting under the authority of the Controller who has access to Personal Data does not process the Personal Data except on instructions from the Controller. The Controller may require correction, deletion, blocking and/or making available the Personal Data during or after termination of the Terms and Conditions. The Processor will process the request t...
Controller Obligations a. The parties envisage that under this Schedule: each party is a separate controller of the Agreement Personal Data processed for the provision of the services applicable to the Agreement listed in Appendix 1 ("Controller Services").
Controller Obligations. Each Controller shall at all times ensure Personal Data is Processed fairly, lawfully and transparently in accordance with Data Protection Legislation. Each Controller warrants that any instructions it issues to a Processor in respect of the Personal Data are lawful. ADDITIONAL ALL PARTY AND PROCESSOR SPECIFIC OBLIGATIONS The following obligations within this clause 6 shall apply where at least one Processor has been identified in Part 1 of this Agreement. Where the Processor is not a Party to this Agreement, the Controllers who instruct them must ensure that any contracts with such Processors provide equivalent protection to the clauses set out in clause 6 of this Agreement. Where indicated, the obligations shall apply to any Party to this Agreement not just Processors. The Parties acknowledge that for the purposes of the Data Protection Legislation in relation to the Data Processing Activities, the Controller(s) and the Processor(s) are as set out in Part 1 of this Agreement. A Processor must Process the Processor Data only to the extent necessary to perform the Data Processing Activities and only in accordance with the written instructions set out in Part 1 of this Agreement. A Processor must use the Personal Data shared solely for the purposes as instructed and shall not Process the Personal Data for any other purposes. Each Party agrees to treat the data (including Personal Data) received by them under the terms of this Agreement as confidential and shall safeguard it accordingly. All Parties must provide all reasonable assistance to one another and in particular to any Controller in the preparation of any Data Protection Impact Assessment prior to commencing any Processing under this Agreement. Such assistance may include: a systematic description of the envisaged Processing operations and the purpose of the Processing; an assessment of the necessity and proportionality of the Processing operations in relation to the Data Processing Activities; an assessment of the risks to the rights and freedoms of Data Subjects; and the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of Personal Data. Any Party requested, but in particular any Processor who is a Party to this Agreement, shall provide all reasonable assistance to a Controller if the outcome of the Data Protection Impact Assessment leads the Controller to consult the Information Commissioner concerning any proposed arrangements...
