Customer Audit. Customer or its independent third party auditor reasonably acceptable to SAP (which shall not include any third party auditors who are either a competitor of SAP or not suitably qualified or independent) may audit SAP’s control environment and security practices relevant to Personal Data processed by SAP only if: (a) SAP has not provided sufficient evidence of its compliance with the technical and organizational measures that protect the production systems of the Cloud Service through (b) A Personal Data Breach has occurred; (c) An audit is formally requested by Customer’s data protection authority; or (d) Mandatory Data Protection Law provides Customer with a direct audit right and provided that Customer shall only audit once in any twelve month period unless mandatory Data Protection Law requires more frequent audits.
Appears in 10 contracts
Samples: Personal Data Processing Agreement, Personal Data Processing Agreement, Personal Data Processing Agreement
