Customer Data. 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you. 8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001. 8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case: (a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf; (b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws; (c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and (d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority. 8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities 8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing 8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 12 contracts
Samples: Master Subscription Agreement (Msa), Master Subscription Agreement (Msa), Master Subscription Agreement (Msa)
Customer Data. 8.1 You4.1 The Customer shall own all right, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right to use quality of the Customer Data.
4.2 Siemens shall follow its archiving procedures for Customer Data as set out in its Data Management Principles for Stratos document available as a pdf at xxxx://xxx.xxxxxxxxxxxxxx.xxx/Footer/Legalor such other website address as may be notified to the Customer from time to time, as such document may be amended by Siemens in its sole discretion from time to time. bookinglab In the event of any loss or damage to Customer Data, the Customer's sole and JRNI is not responsible exclusive remedy shall be for any Siemens to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by Siemens in accordance with the archiving procedure described in its Data Management Principles for Stratos document.
4.3 Siemens shall, in providing the Services, comply with its Security Principles for Stratos document relating to the security of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards available as a pdf at xxxx://xxx.xxxxxxxxxxxxxx.xxx/Footer/Legal or such other standards website address as are substantially equivalent may be notified to ISO 27001the Customer from time to time, as such document may be amended from time to time by Siemens in its sole discretion.
8.3 4.4 If JRNI and/or bookinglab the Supplier processes any Personal Data personal data on your the Customer's behalf when performing its obligations under this Agreementagreement, the Parties acknowledge parties record their intention that you the Customer shall be the Data Controller data controller and JRNI and/or bookinglab the Supplier shall be a Data Processor data processor and in any such case:
(a) you the Customer shall ensure that you are the Customer is entitled to transfer the relevant Customer Personal Data personal data to JRNI and/or bookinglab the Supplier so that they the Supplier may lawfully use, process and transfer the Customer Personal Data personal data in accordance with this Agreement agreement on your the Customer's behalf;
(b) you the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Lawsdata protection legislation;
(c) the Supplier shall process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; and
(d) each Party party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From 4.5 Siemens shall own the MSA Start Date Siemens Data. During the Parties Subscription Term, the Customer shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that have access to the Siemens Data. At the end of the Subscription Term the Customer Data and Personal Data deemed as a special category of Data under GDPR is not given shall return to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from Siemens all the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection LawsSiemens Data.
Appears in 2 contracts
Samples: Stratos System Agreement, Stratos Subscription Agreement
Customer Data. 8.1 You, not bookinglab Bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab Bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab Bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab Bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab Bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab Bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab Bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 2 contracts
Samples: Master Subscription Agreement, Master Subscription Agreement
Customer Data. 8.1 You6.1 The Customer shall own all right, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right to use quality of the Customer Data.
6.2 iplicit shall follow its archiving procedures for Customer Data as set out in its Backup Policy (xxx.xxxxxxx.xxx/xxxxx) or such other website address as may be notified to the Customer from time to time, as such document may be amended by iplicit in its sole discretion from time to time. bookinglab In the event of any loss or damage to Customer Data, the Customer’s sole and JRNI is exclusive remedy shall be for iplicit to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest backup of such Customer Data maintained by iplicit in accordance with the archiving procedure described in its Backup Policy. iplicit shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party.
6.3 Iplicit shall, in providing the Services, comply with its Privacy and Security Policy relating to the privacy and security of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of available at xxx.xxxxxxx.xxx/xxxxx and the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards Data Protection Addendum attached to these terms or such other standards website address as are substantially equivalent may be notified to ISO 27001the Customer from time to time, as such document may be amended from time to time by Iplicit in its sole discretion.
8.3 6.4 If JRNI and/or bookinglab iplicit processes any Personal Data personal data on your the Customer’s behalf when performing its obligations under this Agreementagreement, the Parties acknowledge parties record their intention that you the Customer shall be the Data Controller data controller and JRNI and/or bookinglab iplicit shall be a Data Processor data processor and in any such case:
(a) you : Unless agreed otherwise in writing by the Company, the Customer acknowledges and agrees that the personal data may not be transferred or stored outside the EEA in order to carry out the Services and iplicit’s other obligations under this agreement; the Customer shall ensure that you are the Customer is entitled to transfer the relevant Customer Personal Data personal data to JRNI and/or bookinglab iplicit so that they iplicit may lawfully use, process and transfer the Customer Personal Data personal data in accordance with this Agreement agreement on your the Customer’s behalf;
(b) you ; the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) data protection legislation; iplicit shall process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; and each Party party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 2 contracts
Samples: Software Services Subscription Agreement, Software Services Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNITAAP, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI bookinglab, or TAAP is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking TAAP Visitor Book Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and TAAP shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI TAAP and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI TAAP and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI TAAP and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI TAAP or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI TAAP or bookinglab at your request) from the Booking TAAP Visitor Book Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 2 contracts
Samples: Master Subscription Agreement, Master Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNIJRNI or You.Smart.Thing, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and bookinglab, JRNI or You.Smart.Thing is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking taptravel Service by you.
8.2 As of the MSA Start Date, JRNI and You.Smart.Thing is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or You.Smart.Thing and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or You.Smart.Thing and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or You.Smart.Thing and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI JRNI, You.Smart.Thing or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI JRNI, You.Smart.Thing or bookinglab at your request) from the Booking taptravel Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 2 contracts
Samples: Master Subscription Agreement, Master Subscription Agreement
Customer Data. 8.1 YouFor the purposes of this clause, not bookinglab or JRNI“data controller”, have sole responsibility “data processor”, “data subject”, “personal data”, “process”, “processing” and “appropriate technical and organisational measures” shall be interpreted in accordance with applicable Data Protection Legislation. Qrew Up and the Partner each acknowledge that, for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any purposes of the foregoing Data Protection Legislation: ● in respect of Partner Customers’ personal data, the Partner is the data controller and Qrew Up is the data processor; and ● in respect of Qrew Up Customers’ personal data, the Partner and Qrew Up each act as independent data controllers Where Qrew Up and the Partner are independent controllers, each acknowledge and agree that: ● the Partner must promptly (and in any event within 24 hours of the Partner or for its employees becoming aware of the matter) notify Qrew Up of any accidental or intentional damage, alteration, destruction, damageunauthorised disclosure, loss, misuse or failure theft of or to store the personal data of any Customer Data beyond which the Partner has access to (“Security Incident”). Partner shall provide full cooperation and prompt assistance to Qrew Up in respect of its reasonable control or resulting from any failure in data transmission or operation efforts to (i) investigate, remediate, and mitigate the effects of the Booking Service by you.
8.2 As Security Incident, and (ii) comply with notification obligations to individuals, clients or regulatory authorities; ● Partner must not do, or omit to do, and must ensure that its personnel and other representatives do not do or omit to do, anything that would cause (or may be reasonably expected to cause) Qrew Up or its Affiliates to be in breach of any provision of any Data Protection Legislation and take all reasonable steps to ensure the reliability of its employees and agents who may have access to the personal data and ensure that such staff and agents are informed of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for confidential nature of the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, personal data and have given their consent to, such use, processing, undertaken training in the laws relating to handling personal data; ● Partner agrees to implement and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take maintain appropriate technical and organisational measures in respect of its processing of the personal data sufficient to comply with the Data Protection Legislation and to protect the personal data against unauthorised or unlawful processing and against accidental loss, destruction, damages, theft, alteration or disclosure; ● Partner agrees to only process personal data of Customers for the purpose of providing the Partner Services to such Customers and, in the case of Customers who have expressly agreed by way of opt-in consent to receiving email marketing from the Partner, for the purposes of email marketing and in all cases only whilst receiving the Partner Services; and The Partner acknowledges that ownership of all Intellectual Property Rights in Customer’s personal data in the Qrew Up Business Software shall vest in Qrew Up or its Affiliates, and Partner irrevocably and unconditionally assigns with full title guarantee all such rights to Qrew Up. Qrew Up grants the Partner a non-exclusive license to use such personal data to operate its business subject to Partner's ongoing compliance with the provisions of this Agreement. Where the Partner elects to use the Qrew Up Business Software’s marketing automation features, the Partner may send marketing or promotional communications to Customers whose details are stored in the Qrew Up Business Software and who have given their consent via an ‘opt-in’ box on signing up to receive the Qrew Up Services or when booking Partner Services via the Widget, to receive marketing or promotional communications from any Partner from whom they book Partner Services and/or specifically from the Partner with which they are booking. The Partner undertakes and warrants that it will only process the personal data of Partner Customers in compliance with Data Protection Legislation and in particular that it, its employees, its partners and its suppliers will only send marketing or promotional communications to Partner Customers who have given their consent to receive the same. The Partner’s use of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or Partner Customers is undertaken at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply Partner’s sole risk with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely Partner being responsible and liable for ensuring it, its employees’, its partners’ and its suppliers’ use fully complies with all applicable Data Protection Legislation. In the event that a Customer notifies the Partner or one of its employees that it does not wish to receive further marketing materials from Qrew Up and/or its Affiliates, the Partner shall promptly (and in any transfer event no later than 48 (forty-eight) hours from being so informed) notify Qrew Up with full details of Customer the same in writing so that Qrew Up can honour such request. In the event that a data subject makes a request to either party to exercise one or more of the rights afforded to data subjects under Data made by you (Protection Legislation then to the extent that either party reasonably requires input or made by JRNI or bookinglab at your request) assistance from the Booking Service other party in order to give effect to any of the rights afforded, that other party shall provide all such input or assistance within a third reasonable timeframe with each party meeting their own costs in doing so; In the event that either party receives a request from a data protection authority for information relating to this Agreement or the relationship between the parties, that party shall promptly notify the other unless prohibited by law. Any breach of this Section 12 by the Partner will be a Material Breach of this Agreement. The Partner will indemnify and for ensuring that such transfer is hold Qrew Up and its Affiliates harmless against all losses, claims, costs, damages or proceedings suffered or incurred by Qrew Up and/or its Affiliates arising out of or in compliance connection with the Parties' obligations under Partner's breach of this Section 12 This Clause in its entirety shall survive the Data Protection Lawstermination or expiry of this Agreement.
Appears in 1 contract
Samples: Partner Terms of Business
Customer Data. 8.1 YouThe Customer hereby grants to Tech Data a non-exclusive, not bookinglab or JRNIfully paid-up, have sole responsibility royalty free licence for the entryTerm to use, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, copy and right to use modify the Customer Data provided or made available by the Customer to Tech Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with purposes of providing the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when Service and Deliverables and performing its other obligations under this Agreement. The Customer must indemnify Tech Data against all Loss sustained, incurred or suffered by any Tech Data as a result of any claim, action or proceeding by a third party alleging that the use, copying, modification, possession or receipt by Tech Data of any materials or information provided or made available by the Customer to Tech Data infringes the Intellectual Property Rights or other rights of any third party. Title and risk Tech Data retains legal and beneficial title in the Deliverables, or any physical medium on which Deliverables or Third Party Products (including software) are stored (which for the purposes of this clause 11 is collectively referred to as “Collateral”) until full payment by the Customer for such Deliverables or Third Party Product (as applicable) at which time that title passes to the Customer. Risk in the Collateral passes to the Customer upon delivery of the Deliverables or Third Party Product to the delivery address specified in the Order, or at another site agreed by the Parties in writing. The Customer acknowledges that Tech Data may register a financing statement in relation to its security interest in the Collateral. The Customer waives its right under section 157 of the Personal Property Securities Xxx 0000 (Cth) to receive notice of any verification statement relating to the registration of any such financing statement or any related financing change statement. The Customer acknowledges and agrees that, in the event of non-payment by the Customer or other relevant dispute, Tech Data may retake possession of, and otherwise enforce its security interest in the, Collateral where title has not passed to the Customer in accordance with clause 11.1 and to that extent, enter any premises of the Customer to repossess such Collateral. To the extent that Chapter 4 of the PPS Act would otherwise apply to an enforcement by the Tech Data of its security interest in the Collateral, the Parties acknowledge agree that you shall the following provisions of the PPS Act do not apply, to the extent the PPS Act allows them to be the excluded: (enforcement methods) ss 118 (Enforcing security interests in accordance with land law decisions), 125 (Obligation to dispose of or retain collateral), 129(2) and (3) (Disposal by purchase), 134(2) (Proposal of secured party to retain collateral), 137 (Persons entitled to notice may object to proposal) and 138B(4) (Seizure and disposal or retention of crops); (notices) ss 95 (Secured party must give notice of removal of accession), 121(4) (Enforcement of security interests in liquid assets – notice to higher priority parties and grantor), 127 (Seizure by higher priority parties – notice), 130 (Notice of disposal of collateral), 132 (Secured party to give statement of account), and 135 (Notice of retention of collateral) and 136(5) (Retaining collateral free of interests); and (rights to remedy) ss 142 (Entitled persons may redeem collateral) and 143 (Entitled persons may reinstate security agreement). The Customer must promptly do anything Tech Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall requires to ensure that you are entitled its security interest is a perfected security interest and has priority over all other security interests. Nothing in this clause is limited by any other provision of any other agreement between Tech Data and the Customer. Nothing in this clause limits Tech Data’s rights or the Customer's obligations apart from under this clause. Suspension and security If in the reasonable opinion of Tech Data that the Customer has breached this Agreement, Tech Data may upon seven (7) Business Days’ notice suspend access to transfer or provision of the relevant Service, Deliverables or Third Party Product until such time as the Customer has remedied the breach to Tech Data’s reasonable satisfaction. The Customer will comply with all applicable the Privacy Legislation and all applicable Laws with respect to the collection, use, disclosure and storage of Personal Information. The Customer represents and warrants it has obtained all necessary consents to enable Tech Data to JRNI and/or bookinglab so that they may lawfully useaccess and use Personal Information necessary to provide the Service, process and transfer the Customer Personal Data Deliverables or Third Party Product in accordance with this Agreement and from any location. Fees and Payment Terms The Customer agrees to pay all applicable Fees for any Service, Deliverables and Third Party Product specified in an Order . Tech Data will issue invoices on your behalf;
a monthly basis in advance unless otherwise specified in an Order. If the parties have agreed on a Payment Plan or if a Payment Plan is specified in an Order, then Tech Data will issue invoices in accordance with such Payment Plan. Tech Data will send the invoice to the address specified in an Order or as otherwise agreed by the Parties in writing. The Customer must pay each invoice issued by Tech Data within thirty (b30) you shall ensure days of the date of the relevant invoice by the Customer in the manner specified by Tech Data in the relevant invoice or other notified to the Customer by Tech Data in writing. If the Customer acting reasonably and in good faith, disputes the correctness of any invoice, then it may, without prejudice to its other rights and remedies, after notifying Tech Data, withhold payment of the disputed sum but must pay any undisputed amount of such invoice. If Tech Data disputes that the relevant third parties have been informed ofCustomer is entitled to withhold the disputed sum, then: the matter must be resolved by the procedure specified in clause 17; and have given their consent to, such use, processing, and transfer as required by the Customer remains liable to pay all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of future invoices in accordance with the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision terms of this Agreement, but subject always . Tech Data may charge the Customer interest on any invoices paid late at a rate equal to Appendix B(1three per cent (3%) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide above the Services rate set by the Commonwealth Bank of Australia on overdrafts in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request excess of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR $100,000 per annum compounded daily. Interest is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) calculated on outstanding amounts from the Booking Service due date of the invoice up to a third party and for ensuring that such transfer is in compliance with including the Parties' obligations under the Data Protection Lawsday of payment.
Appears in 1 contract
Samples: Master Agreement
Customer Data. 8.1 You3.1 The Customer shall own all right, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right to use quality of the Customer Data.
3.2 CybSafe shall follow its archiving procedures for Customer Data and the Analytical Data as set out in its Back-Up Policy available at xxxxx://xxxxxxx.xxx or such other website address as may be notified to the Customer from time to time, as such document may be amended by CybSafe in its sole discretion from time to time. bookinglab In the event of any loss or damage to Customer Data or Analytical Data, the Customer's sole and JRNI is exclusive remedy shall be for CybSafe to use reasonable commercial endeavours to restore the lost or damaged Customer Data or Analytical Data from the latest back-up of such Customer Data or Analytical Data maintained by CybSafe in accordance with the archiving procedure described in its Back-Up Policy. CybSafe shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by CybSafe to perform services related to Customer Data maintenance and back-up).
3.3 The Parties shall comply at all times with and assist each other in complying with their respective responsibilities for compliance with the obligations of Privacy and Data Protection Requirements in connection with the processing of Personal Data only as set out in Schedule 2 as updated in writing between the Parties from time to time, unless required to process the Personal Data for any other purpose by applicable Law in which case, where legally permitted, Customer or Cybsafe must inform the other of this legal requirement before processing.
3.3.1 CybSafe shall, in providing the Services, comply with its Privacy Policy relating to the privacy of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards available at xxxxx://xxxxxxx.xxx or such other standards website address as are substantially equivalent may be notified to ISO 27001the Customer from time to time, as such document may be amended from time to time by CybSafe in its sole discretion.
8.3 If JRNI and/or bookinglab 3.4 Where CybSafe processes any Personal Data on your behalf Data, for which the customer determines the purpose and the means of processing when performing its obligations under this AgreementXXXX, the Parties acknowledge parties record their intention that you the Customer shall be the Data Controller data controller and JRNI and/or bookinglab CybSafe shall be a data processor.
3.4.1 Where Cybsafe determines the purpose and the means of processing, they shall be considered independent controllers.
3.4.2 Where Cybsafe jointly with others, determines the purpose and the means of processing, they shall be considered joint controllers.
3.5 Each Party agrees to their respective responsibilities and duties regarding processing as set out in Schedule 2 including to:
3.5.1 comply with data protection by design and data protection by default obligations under Privacy and Data Processor Protection Requirements, including, where required, legitimate interest assessments and data protection impact assessments and associated consultation with data subjects, other Parties involved with the processing and any applicable supervisory authority, to ensure appropriate technical and organisational measures, including appropriate data protection governance and audit compliance, are implemented to safeguard the rights and freedoms of data subjects;
3.5.2 observe the principles of Privacy and Data Protection Requirements, including not retaining any of Personal Data for longer than is necessary to perform its obligations under this Agreement and upon the other Party’s reasonable request, securely destroy (unless applicable Laws require continued storage of Personal Data) or return such Personal Data;
3.5.3 only transfer any Personal Data outside of the European Economic Area (the “EEA”) relying on Adequacy Decisions by the EU Commission or on appropriate standard contractual clauses (“Model Clauses”) between the Parties. In the event that the Adequacy Decision granted in respect of the Model Clauses is invalidated or suspended, or any supervisory authority requires transfers of personal information pursuant to such Model Clauses to be suspended, then the Parties may require to:
3.5.3.1 cease data transfers forthwith, and implement an alternative adequacy mechanism (as agreed in writing by the Parties); or
3.5.3.1 return all Personal Data previously transferred and ensure that a senior officer or director of Customer or Cybsafe certifies to the other that this has been done.
3.6 monitor for, investigate and manage any actual or suspected personal data breach regarding processing activities undertaken by them, to inform the other Party of such personal data breaches without undue delay, and the other Party’s sole and exclusive remedy shall be for the first Party to use reasonable commercial endeavours to resolve the personal data breach;
3.7 comply with and provide information notices to data subjects regarding processing activities undertaken by them, including personal data breaches – such notices being available at [xxxxxxxxxx.xxx] such other website address as may be notified to the other Party from time to time, as such document may be amended from time to time by the first Party in its sole discretion;
3.8 notify any applicable law enforcement authority (including any applicable supervisory authority) regarding personal data breaches where required relating to processing activities undertaken by them;
3.9 fulfil any data subject rights request pertaining to their Personal Data or assist the other Party in doing so
3.10 notify the other Party without undue delay in writing if it receives from any applicable law enforcement authorities (including any applicable regulators) where permitted to do so:
3.11 any communication seeking to exercise rights conferred on the data subject by Privacy and Data Protection Requirements;
3.12 any complaint or any claim for compensation arising from or relating to the processing of Personal Data as set out in Schedule 2;
3.13 any communication from any applicable law enforcement authorities (including any applicable regulators);
3.14 provide such information and such assistance to the other Party as they may reasonably require, and within the timescales reasonably specified by the Parties, to allow the other Party to comply with their data protection by design and data protection by default obligations under Privacy and Data Protection Requirements, including, where required, consultation regarding legitimate interest assessments and data protection impact assessments, to ensure appropriate technical and organisational measures, including appropriate data protection governance and audit compliance, are implemented to safeguard the rights and freedoms of data subjects, including such full and prompt information and assistance to the other Party and any applicable law enforcement authorities (including any applicable regulators) in relation to a personal data breach.
3.15 Each Party shall designate a contact point for data subjects.
3.16 The Parties agree that they shall at no additional cost, keep or cause to be kept such information as is necessary to demonstrate compliance with their respective obligations under this clause (Data Protection) regarding the processing of Personal Data as set out in Schedule 2 carried out by the Parties in writing and in electronic form, and shall, upon reasonable notice, make available to the other Party or grant to the other Party and its auditors and agents, and any such caseapplicable law enforcement authority (including any applicable supervisory authority), a right of access to, and to take copies of, any information or records kept by the other Party pursuant to this clause (Data Protection) – this information to contain no less than:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use3.17 their name and contact details, process including those of its Companies, and, where applicable, of their representative, and transfer the Customer Personal Data in accordance with this Agreement on your behalftheir data protection officer;
(b) you shall ensure that 3.18 the relevant third parties have been informed of, and have given details regarding their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;respective processing set out in schedule 2
(c) each Party shall take 3.19 a general description of the appropriate technical and organisational measures to protect Personal Data against unauthorised accidental or unlawful processing of the personal data or its accidental processing, loss, destruction destruction, damage, alteration, or damage; and
(d) notwithstanding any other provision of this Agreementunauthorised disclosure or access, but subject always including so as to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide allow the Services in accordance with clause 3, and otherwise in order Parties to comply with Applicable Law their obligations under Privacy and Data Protection Requirements – in particular to safeguard against the specific offences:
3.20 for a person knowingly or at recklessly to re-identify Personal Data that is de-identified Personal Data without the consent of the controller responsible for de-identifying the personal data.
3.21 to alter, deface, block, erase, destroy or conceal Personal Data with the intention of preventing disclosure of all or part of the Personal Data that the person making the request of a governmental, regulatory or supervisory authoritywould have been entitled to receive.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and 3.22 where transferring Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring country or an international organisation, the identification of that third country or international organisation and, in the case of ex-EEA transfers without adequacy, binding corporate rules, code of conduct, data protection seals, or standard contractual clauses, the documentation of appropriate safeguards such as:
3.23 explicit consent from affected data subjects, or
3.24 evidence that the transfer is required for the performance or conclusion of the performance of a contract with said data subjects.
3.25 ensure that any staff or personnel (including contractors) authorised to process Personal Data shall be subject to a binding duty of confidentiality in compliance with respect of such data.
3.26 The Parties agree to notify each other immediately if, in the Parties' opinion of the other Party, the written arrangement for the processing of Personal Data given by the Customer or Cybsafe violates any provision of Privacy and Data Protection Requirements.
3.27 Neither Party must not perform their obligations under this Agreement in such a way as to cause the other Party to violate any of their obligations under Privacy and Data Protection LawsRequirements.
Appears in 1 contract
Samples: End User License Agreement (Eula)
Customer Data. 8.1 You13.1 If Customer or its Users provide Pearson with information, materials, other content, logos or data (“Customer Data”) whether directly or indirectly (such as by placement of Customer Data (including but not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenesslimited to assignments allocated to Users, and right to use the Customer Data. bookinglab and JRNI is not responsible for any results of the foregoing or for any destructionthose assignments) within Xxxxxxx’x systems by Users), damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such casethen:
(a) you Customer grants Pearson a non-exclusive licence to access, use, copy, transmit and prepare derivative works from the Customer Data in order to supply the Products and Services and to supply analysis and feedback to Customer on the Users’ usage of the Products and Services; and (b) Customer represents and warrants that it owns the Customer Data or has obtained the necessary rights or consents to the Customer Data so that Xxxxxxx’x use of it in order to supply the Products and Services to Customer and Users (i) will not violate the intellectual property or other rights of a third party, and (ii) will not infringe any data protection laws or regulations.
(c) For the avoidance of doubt, Pearson may use anonymous data related to student performance, individual and aggregated demography, and the activity of Users within Xxxxxxx’x systems for product improvement, general research and analytical purposes (which Pearson may share with third parties with or without identifying the Customer).
13.2 The parties agree that Pearson, including any related entities in the Pearson Group, may use any Personal Data submitted by Customer or Users within Xxxxxxx’x efficacy and performance reviews and studies into the Products and Services, but any public disclosure of such results will be anonymised and subject to the provisions of Clause 14 (Confidential Information) at all times, provided that Pearson shall ensure that you are be entitled to identify Customer in relation to such reviews and/or studies. For the avoidance of doubt, the rights granted in this clause 13.2 shall include the right to transfer and process the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully useoutside the Republic of South Africa.
13.3 Customer warrants that:
(a) where it is processing Personal Data on Xxxxxxx'x behalf and thus act as an Operator for the purposes of the Protection of Personal Information Xxx 0000 (the "Act"), it will process and transfer the Customer such Personal Data in accordance compliance with this Agreement on your behalfthe Act and other applicable local laws relating to Data Protection;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party it shall take appropriate technical and organisational measures against the unauthorised or unlawful access to or processing of Personal Data and against the personal data accidental loss or its accidental lossunauthorised destruction of, destruction or damagedamage to, Personal Data in compliance with Section 19 of the Act to ensure Xxxxxxx'x compliance with the Seventh Condition for the Lawful Processing of Personal Information as set out in Chapter 3 of the Act;
(c) it shall notify Pearson immediately where there are reasonable grounds to believe that the Personal Data has been accessed or acquired by any unauthorised person; and
(d) notwithstanding it has obtained all relevant consents from Users to allow Pearson, including any other provision related entities in the Pearson Group, to process, in accordance with and for the purposes of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer any Personal Data submitted by Customer or Users. Customer Data to their Group Companiesfully indemnifies Pearson against any loss, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law damage or at the request of harm suffered through a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer failure of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that obtain such transfer is in compliance with the Parties' obligations under the Data Protection Lawsproper consents.
Appears in 1 contract
Samples: Institutional Supply Agreement
Customer Data. 8.1 You, not bookinglab BookingLab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab BookingLab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab BookingLab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab BookingLab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab BookingLab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab BookingLab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab BookingLab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You5.1 The Customer shall own all right, title and interest in and to all of the Customer Data that is not bookinglab or JRNI, personal data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and quality of all such Customer Data.
5.2 Both parties will comply with all applicable requirements of the Data Protection Legislation. This clause 5 is in addition to, and right to use does not relieve, remove or replace, a party's obligations under the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by youProtection Legislation.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services 5.3 The parties acknowledge that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab if Homeless Link processes any Personal Data personal data on your the Customer's behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be Customer is the Controller and Homeless Link is the Processor for the purposes of the Data Controller Protection Legislation. Schedule 6 sets out the scope, nature and JRNI and/or bookinglab shall be a purpose of processing by Homeless Link, the duration of the processing, the types of personal data and the categories of Data Processor and in any such case:Subject.
(a) you shall 5.4 Without prejudice to the generality of clause 5.2, the Customer will ensure that you are entitled it has all necessary appropriate consents and notices in place to enable lawful transfer of the relevant Customer Personal Data personal data to JRNI and/or bookinglab Homeless Link for the duration and purposes of this Agreement so that they Homeless Link may lawfully use, process and transfer the Customer Personal Data personal data in accordance with this Agreement on your the Customer's behalf.
5.5 Without prejudice to the generality of clause 5.2, Homeless Link shall, in relation to any personal data processed in connection with the performance by Homeless Link of its obligations under this Agreement:
5.5.1 process that personal data only on the written instructions of the Customer unless Homeless Link is required by the laws of the United Kingdom applicable to Homeless Link to process personal data (Applicable Laws). Where Homeless Link is relying on Applicable Laws as the basis for processing personal data, Homeless Link shall promptly notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit Homeless Link from so notifying the Customer;
5.5.2 immediately inform the Customer if, in the opinion of Homeless Link, an instruction infringes the Data Protection Legislation and shall not pass on any such instruction to SFDC;
5.5.3 ensure that all personnel who have access to and/or process personal data are obliged to keep the personal data confidential;
5.5.4 the Customer acknowledges and agrees that Homeless Link may be required to transfer personal data outside the UK in exceptional cases (including, but not limited to, the temporary failure of a Salesforce data centre) or in cases of emergency where a transfer is necessary to meet Homeless Link’s compelling legitimate interests. Homeless Link will only make such exceptional or emergency transfers of personal data outside of the UK where the following conditions are fulfilled:
(a) the transfer is to a country covered by UK adequacy regulations, or the Customer or Homeless Link has provided appropriate safeguards pursuant to Article 46 of the UK GDPR, or an exception in Article 49 of the UK GDPR applies;
(b) you shall ensure that the relevant third parties have been informed of, Data Subject has enforceable rights and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;effective legal remedies; and
(c) each Party Homeless Link complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any personal data that is transferred.
5.5.5 assist the Customer, at the Customer's cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
5.5.6 notify the Customer without undue delay and within 24 hours of becoming aware of a personal data breach;
5.5.7 at the written direction of the Customer on the terms set out in clause 13.3.3, delete or return personal data and copies thereof to the Customer on termination of the agreement unless required by Applicable Law to store the personal data; and
5.5.8 maintain complete and accurate records and information to demonstrate its compliance with this clause 5 and allow for audits (including inspections) by the Customer or the Customer’s designated auditor.
5.6 Each party shall take ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the personal data and against accidental loss or its destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage; anddamage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it).
(d) notwithstanding any other provision 5.7 The Customer consents to Homeless Link appointing SFDC as a third-party processor of personal data under this Agreement, but subject always to Appendix B(1. Homeless Link confirms that it has entered or (as the case may be) Data Protection and B(2) will enter with SFDC into a written agreement incorporating the Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authorityAddendum.
8.4 From 5.8 Without prejudice to clause 5.7, Homeless Link shall not appoint another third-party processor of personal data under this Agreement without the MSA Start Date Customer’s prior written consent. If the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category consents in writing to the appointment of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring processor, Homeless Link confirms that such transfer is in compliance it will enter into a written agreement with the Partiesthird-party processor incorporating terms which offer at least the same level of protection for the personal data as those set out in this clause 5 and which meet the requirements of Article 28 of the UK GDPR.
5.9 As between the Customer and Homeless Link, Homeless Link shall remain fully liable for all acts or omissions of any third-party processor appointed by it pursuant to this clause 5.
5.10 Either party may, at any time on not less than 30 days' obligations under the Data Protection Lawsnotice, revise this clause 5 by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when replaced by attachment to this Agreement).
Appears in 1 contract
Samples: Services Agreement
Customer Data. 8.1 You4.1 As between the parties, not bookinglab or JRNI, the End User shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right quality of all Client Data.
4.2 MMO shall follow its standard archiving procedures for Client Data as may be notified to the End User from time to time. In the event of any loss or damage to Client Data, the End User’s sole and exclusive remedy against MMO shall be for MMO to use reasonable commercial endeavours to restore the Customer Datalost or damaged Client Data from the latest back-up of such Client Data maintained by MMO in accordance with such procedures. bookinglab and JRNI is MMO shall not be responsible for any loss, destruction, alteration or disclosure of Client Data caused by any third party (except those third parties sub-contracted by MMO to perform services related to Client Data maintenance and back-up for which it shall remain fully liable under Clause 4.9).
4.3 MMO shall, in providing the Services, comply with its Privacy Policy relating to the privacy and security of the foregoing or for any destructionClient Data available at xxxxx://xxx.xxxxxxxxxxxxxxxx.xx.xx/ such other website address as may be notified to the End User from time to time, damage, loss, or failure as such document may be amended from time to store any Customer Data beyond time by MMO in its reasonable control or resulting from any failure in data transmission or operation sole discretion.
4.4 Both parties will comply with all applicable requirements of the Booking Service by youData Protection Legislation. This Clause 4 is in addition to, and does not relieve, remove or replace, a party’s obligations or rights under the Data Protection Legislation.
8.2 As 4.5 The parties acknowledge that, to the extent the Client Data comprises personal data:
4.5.1 MMO may be controller in its own right and also processor in respect of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.Client Data;
8.3 If JRNI and/or bookinglab 4.5.2 if MMO processes any Personal Data personal data on your the End User’s behalf when performing its obligations under this Agreementagreement, the Parties acknowledge that you shall be End User (or, where applicable, the Client) is the controller and MMO is the processor for the purposes of the Data Controller Protection Legislation;
4.5.3 Schedule 4 sets out the scope, nature and JRNI and/or bookinglab shall purpose of processing by MMO when acting as processor, the duration of the processing and the types of personal data and categories of data subject;
4.5.4 the personal data may be a Data Processor and in any such casetransferred or stored outside the EEA or the country where the End User is located.
4.6 Without prejudice to the generality of Clause 4.4, the End User will ensure that:
4.6.1 it (aor, where applicable, the Client) you shall ensure that you are entitled has all necessary appropriate consents and notices in place to enable lawful transfer of the relevant Customer Personal Data personal data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data MMO as set out in accordance with this Agreement on your behalf;agreement; and
(b) you shall ensure that 4.6.2 the relevant third parties have been informed ofof and, and where applicable, have given their consent to, such to the use, processing, processing and transfer of their data.
4.7 Without prejudice to the generality of Clause 4.4, MMO shall, in relation to any personal data processed as processor for the End User (or, where applicable, the Client), in connection with the performance by MMO of its obligations under this agreement:
4.7.1 process that personal data only on the documented written instructions of the End User unless MMO is required by all the laws of the European Union applicable to MMO and/or Domestic UK Law (where Domestic UK Law means the UK Data Protection Legislation and any other law that applies in the UK) to process personal data (Applicable Laws). Where MMO is relying on Applicable Laws as the basis for processing personal data, MMO shall promptly notify the End User of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit MMO from so notifying the End User;
(c) each Party 4.7.2 not transfer any personal data outside of the European Economic Area and the United Kingdom unless the following conditions are fulfilled:
4.7.2.1 the End User or MMO has provided appropriate safeguards in relation to the transfer;
4.7.2.2 the data subject has enforceable rights and effective legal remedies;
4.7.2.3 MMO complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any personal data that is transferred; and
4.7.2.4 MMO complies with reasonable instructions notified to it in advance by the End User with respect to the processing of the personal data;
4.7.3 assist the End User, at the End User’s cost, in responding to any request from a data subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
4.7.4 notify the End User without undue delay on becoming aware of a personal data breach;
4.7.5 at the written direction of the End User, delete or return personal data and copies thereof to the End User on termination of the agreement unless required by Applicable Law to store the personal data; and
4.7.6 maintain complete and accurate records and information to demonstrate its compliance with this Clause 4.7 and immediately inform the End User if, in the opinion of MMO, an instruction infringes the Data Protection Legislation.
4.8 Each party shall take ensure that it has in place appropriate technical and organisational measures designed to protect against unauthorised or unlawful processing of the personal data and against accidental loss or its destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage; and
damage and the nature of the data to be protected, having regard to the state of technologic al development and the cost of implementing any measures (d) notwithstanding any other provision those measures may include, where appropriate, pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of this Agreementits systems and services, but subject always ensuring that availability of and access to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services personal data can be restored in accordance with clause 3a timely manner after an incident, and otherwise in order to comply with Applicable Law or at regularly assessing and evaluating the request effectiveness of a governmental, regulatory or supervisory authoritythe technical and organisational measures adopted by it).
8.4 From 4.9 The End User consents to MMO, when acting as processor, appointing third-party processors of personal data under this agreement, as listed from time to time at Section 10,My Money Options Limited Privacy Policy MMO will notify users of any update to this list and allow 5 days from the MSA Start Date date of such notification for the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you End User (or made by JRNI other applicable data controller) to raise any objections. MMO confirms that it has entered or bookinglab at your request(as the case may be) from the Booking Service to a third party and for ensuring that such transfer is in compliance will enter with the Parties' obligations under third-party processor into a written agreement incorporating terms which are substantially similar to those set out in Clause 4.7 and 4.8 and in either case which MMO confirms reflect and will continue to reflect the requirements of the Data Protection LawsLegislation. As between the End User and MMO, MMO shall remain fully liable for all acts or omissions of any third- party processor appointed by it pursuant to this Clause 4.
4.10 The End User shall defend, indemnify and keep indemnified MMO, its employees, agents and sub-contractors against claims, actions, proceedings, losses, damages, expenses and costs (including court costs and reasonable legal fees) arising out of or in connection with any proceedings, claims, demands or actions in consequence of any breach or alleged breach of this clause 4 by the End User (including any claim by a data subject).
4.11 MMO may, at any time on not less than thirty (30) days’ written notice, revise this Clause 4 by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification.
4.12 If the End User is acting on behalf of a Client, Clauses 4.5 and 4.7-4.9 shall be deemed superseded by the relevant clauses in MMO’s agreement with the Client as the ultimate data controller.
Appears in 1 contract
Samples: Platform Licence Agreement
Customer Data. 8.1 You, not bookinglab or JRNITime Software, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI Time Software is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service Time Software – Low Code Development Platform for Bookings by you.
8.2 As of the MSA Start Date, JRNI Time Software is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI Time Software and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI Time Software and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI Time Software and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI Time Software or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI Time Software or bookinglab at your request) from the Booking Service Time Software – Low Code Development Platform for Bookings to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement (Msa)
Customer Data. 8.1 You5.1 You shall own all rights, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right to use quality of the Customer Data. bookinglab .
5.2 It shall be your responsibility to notify CANDDi when you require back-ups of the Customer Data to be created and JRNI is CANDDi's only obligation in this respect shall be to provide a copy of the Customer Data to the Customer within 7 Business Days of such a request.
5.3 In the event of any loss or damage to Customer Data, your sole and exclusive remedy shall be for CANDDi to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data provided to you by CANDDi.
5.4 CANDDi shall not be responsible for any of the foregoing or for any loss, destruction, damage, loss, alteration or failure to store any disclosure of Customer Data beyond its reasonable control or resulting from caused by any failure in data transmission or operation of the Booking Service third party (except those third parties sub-contracted by youCANDDi to perform services related to Customer Data maintenance and back-up).
8.2 As 5.5 In providing the Services, CANDDi shall process Personal Data of End Users or that Personal Data otherwise within the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Customer Data on your behalf when performing its obligations under this Agreementand the parties record their intention that in respect of such processing you, the Parties acknowledge that you Customer, shall be the Data Controller and JRNI and/or bookinglab CANDDi shall be a Data Processor and in any such case:
(a) 5.5.1 you shall ensure that you are entitled to transfer the relevant Customer such Personal Data to JRNI and/or bookinglab CANDDi so that they CANDDi may lawfully use, process and transfer the Customer such Personal Data in accordance with this Agreement these Terms on your behalf;
(b) 5.5.2 you shall ensure that the all relevant third parties including, but not limited to, the End Users have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Lawsdata protection legislation;
(c) 5.5.3 CANDDi shall process such Personal Data only in accordance with these Terms and any lawful instructions reasonably given by the Customer from time to time; and
5.5.4 each Party party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data such Personal Data or its accidental loss, destruction or damage.
5.6 Without prejudice to its obligations under condition 5.5, you shall:
5.6.1 include a privacy policy on each Customer Website(s) which includes the following:
5.6.1.1 the identity of the Data Controller;
5.6.1.2 the nature of the Personal Data processed;
5.6.1.3 the purposes for which such Personal Data will be used;
5.6.1.4 how that Personal Data is collected (and methods of seeking appropriate consents where necessary);
5.6.1.5 how and where the Personal Data is stored; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer 5.6.1.6 whether the Personal Data will be shared with any third parties and if so, identification those third parties and the purpose for which the Personal Data is being shared; and
5.6.1.7 details of how End Users may request a copy of their Personal Data being processed (a subject access request) and the correction or deletion of such Personal Data;
5.6.2 obtain the End User's consent to the use of Cookies on the Customer Website(s) for the purposes of allowing the Services to be provided;
5.6.3 not request any sensitive Personal Data to their Group Companies, Affiliates and third party service providers as necessary to provide be processed by CANDDi in providing the Services in accordance with clause 3, and otherwise in order to Services;
5.6.4 comply with Applicable Law the provisions of the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 with regards to the use of Cookies on the Customer Website(s); and
5.6.5 without delay deal with any requests made by CANDDi, whether automatically through the Software or at the request of a governmentalotherwise, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and for action to be taken in relation to any Personal Data deemed as a special category of Data under GDPR is not given to us collected by CANDDi in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from providing the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection LawsServices.
Appears in 1 contract
Samples: Terms and Conditions
Customer Data. 8.1 You16.1 The Supplier acknowledges that the Customer Data is the property of the Customer and the Customer hereby reserves all Intellectual Property Rights which may subsist in the Customer Data.
16.2 For the avoidance of doubt, the Supplier shall not bookinglab acquire any right in, or JRNItitle to, have sole responsibility for any part of the entryCustomer Data, deletionwhether existing prior to the date of this Contract or created after such date.
16.3 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data.
16.4 The Supplier shall not and shall procure that the Sub-Contractors and Employees shall not store, correctioncopy, accuracydisclose, quality, integrity, legality, reliability, appropriateness, and right to or use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program except as strictly necessary for the Services that complies with performance by the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing Supplier of its obligations under this AgreementContract or as otherwise expressly authorised in writing by the Customer.
16.5 The Supplier shall take responsibility for preserving the integrity of that Customer Data and preventing the corruption or loss of that Customer Data.
16.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system.
16.7 The Supplier shall ensure that, when disposing of any hardware during the course of performing the Software and Services, it shall erase from any computers, storage devices and storage media any software containing all Customer Data.
16.8 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier’s Default so as to be unusable, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such caseCustomer may:
(a) you require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall ensure that you are entitled to transfer do so as soon as practicable but not later than 24 hours from the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully useoccurrence of the corruption, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;loss or degradation; and/or
(b) you shall ensure that itself restore or procure the relevant third parties have been informed ofrestoration of Customer Data, and have given their consent to, such use, processing, and transfer as required shall be repaid by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding Supplier any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services reasonable expenses incurred in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authoritydoing so.
8.4 From 16.9 If at any time the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure Supplier suspects or has reason to believe that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us has or may become corrupted, lost or sufficiently degraded in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable way for any transfer reason or has or may have been subject to unauthorised disclosure, then the Supplier shall notify the Customer immediately and inform the Customer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service remedial action the Supplier proposes to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Lawstake.
Appears in 1 contract
Samples: Call Off Terms and Conditions
Customer Data. 8.1 You, not bookinglab 14.1 The Supplier shall promptly notify the Customer in writing of any actual or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right suspected loss or damage to use the Customer Data. bookinglab In the event of any loss or damage to Customer Data, the Customer's sole and JRNI is exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest backup of such Customer Data. The Supplier shall not be responsible for any loss, destruction, alteration or unauthorised access to or disclosure of Customer Data caused by any third party (except those third parties (excluding Microsoft) sub- contracted by the Supplier to perform services related to Customer Data maintenance and back-up).
14.2 For the purposes of this Clause 14, the terms controller, processor, data subject, personal data, personal data breach and processing shall have the meaning given to them in the UK Data Protection Legislation.
14.3 Both Parties will comply with all applicable requirements of Applicable Data Protection Laws. This Clause 14 is in addition to, and does not relieve, remove or replace, a Party's obligations or rights under Applicable Data Protection Laws.
14.4 The Parties have determined that, for the purposes of Applicable Data Protection Laws, the Supplier shall process the personal data set out in Error! Bookmark not defined.Error! Reference source not found., as a processor on behalf of the foregoing or for any destructionCustomer.
14.5 Without prejudice to the generality of Clause 14.3, damage, loss, or failure the Customer will ensure that it has all necessary appropriate consents and notices in place to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation enable lawful transfer of the Booking Service by youCustomer Personal Data to the Supplier for the duration and purposes of this Agreement.
8.2 As 14.6 In relation to the Customer Personal Data, 0 sets out the scope, nature and purpose of processing by the Supplier, the duration of the MSA Start Date, JRNI is certified under ISO 27001 processing and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001types of personal data and categories of data subject.
8.3 If JRNI and/or bookinglab processes any 14.7 Without prejudice to the generality of clause 14.3 the Supplier shall, in relation to Customer Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such caseData:
(a) you shall ensure process that you are entitled to transfer the relevant Customer Personal Data only on the documented instructions of the Customer, unless the Supplier is required by Applicable Laws to JRNI and/or bookinglab so otherwise process that they may lawfully useCustomer Personal Data. Where the Supplier is relying on Applicable Laws as the basis for processing Customer Processor Data, process and transfer the Supplier shall notify the Customer Personal of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Supplier from so notifying the Customer on important grounds of public interest. The Supplier shall inform the Customer if, in the opinion of the Supplier, the instructions of the Customer infringe Applicable Data in accordance with this Agreement on your behalfProtection Legislation;
(b) you shall ensure that implement appropriate the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, which the personal data Customer has reviewed and confirms are appropriate to the harm that might result from the unauthorised or its unlawful processing or accidental loss, destruction or damagedamage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
(c) ensure that any personnel engaged and authorised by the Supplier to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
(d) assist the Customer insofar as this is possible (taking into account the nature of the processing and the information available to the Supplier), and at the Customer's cost and written request, in responding to any request from a data subject and in ensuring the Customer's compliance with its obligations under Applicable Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Customer without undue delay on becoming aware of a personal data breach involving the Customer Personal Data;
(f) at the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of the Agreement unless the Supplier is required by Applicable Law to continue to process that Customer Personal Data. For the purposes of this Clause Error! Reference source not found. Customer Personal Data shall be considered deleted where it is put beyond further use by the Supplier; and
(dg) notwithstanding any other provision of maintain records to demonstrate its compliance with this AgreementClause 14 and allow for reasonable audits by the Customer or the Customer's designated auditor, but subject always for this purpose, on reasonable written notice.
14.8 The Customer hereby provides its prior, general authorisation for the Supplier to:
(a) appoint processors to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing process the Customer Personal Data or Customer Data to their Group CompaniesData, Affiliates and third party service providers as necessary to provide provided that the Services in accordance with clause 3, and otherwise in order to Supplier:
(i) shall ensure that the terms on which it appoints such processors comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws, and are consistent with the obligations imposed on the Supplier in this Clause Error! Bookmark not defined.Error! Reference source not found.4;
Appears in 1 contract
Samples: Master Framework Agreement
Customer Data. 8.1 You, not bookinglab Field Dynamics or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab Field Dynamics and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab Field Dynamics processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab Field Dynamics shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab Field Dynamics so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab Field Dynamics from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab Field Dynamics at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNIbookinglab, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking TuGO Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 8.3 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 8.4 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 8.5 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking TuGO Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you Customer shall ensure that you are entitled to transfer be solely responsible for, and shall hold T2, its third party suppliers, and their respective Representatives harmless from any loss, damage or liability arising in connection with Customer’s inputs, selection and use of the relevant Services, and all data (including Customer Personal Data to JRNI and/or bookinglab so that they may lawfully useData), process reports, statements and transfer other content transmitted, posted, received or created on the Customer Personal Data in accordance with this Agreement on your behalf;T2 System through Customer’s account, even if transmitted, posted, received or created by a third party.
(b) you shall ensure The Software may create and store databases of personal information of end-users and data relating to Customer on the computer system on which the Software is accessed or installed. Customer agrees to take all steps which it deems are appropriate to provide adequate security for that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;information.
(c) each Party The parties acknowledge that at all times Customer will remain the owner of Customer Data. Except as otherwise set forth herein or in the applicable Addenda, T2 shall take appropriate technical not at any time use Customer Data or disclose Customer’s data to any third parties, except that T2 may use Customer Data for the purpose of meeting its obligations under an Addendum and organisational measures against unauthorised or unlawful processing of providing the personal data or its accidental lossServices, destruction or damage; andand may store, back-up and archive Customer Data.
(d) notwithstanding any other provision T2 will comply with all applicable laws governing the collection, access, use, disclosure of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Data. All Customer Data which is submitted by Customer to their Group CompaniesT2 pursuant to this Agreement will be safeguarded by T2 to the same extent that T2 safeguards data relating to its own business; provided, Affiliates however, if Customer Data is publicly available, is already in T2’s possession from a source other than Customer or otherwise known to it, or was rightfully obtained by T2 from third parties, T2 shall bear no responsibility for its disclosure, inadvertent or otherwise. T2 has implemented and third party service providers as necessary will maintain administrative, physical and technical safeguards to provide protect Customer Data from unauthorized access, acquisition or disclosure, destruction, alteration, accidental loss, misuse or damage that are no less rigorous than accepted industry practices. In the Services in accordance with clause 3event of unauthorized access to Customer Data which has been verified by T2, T2 shall promptly i) take action to stop the unauthorized access, and otherwise in order ii) notify Customer, provide Customer with relevant details of the unauthorized access and an explanation of steps that T2 took or is taking to comply stop the unauthorized access. T2 maintains Payment Card Industry (PCI) Level One compliance and upon request (no more than once annually), T2 will provide Customer with Applicable Law or at the request a copy of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure its third-party audit certification demonstrating that appropriate information security standards to protect Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us are in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Lawsplace.
Appears in 1 contract
Samples: Master Customer Agreement
Customer Data. 8.1 You, not bookinglab BookingLab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab BookingLab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking TuCO Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab BookingLab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab BookingLab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab BookingLab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab BookingLab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab BookingLab at your request) from the Booking TuCO Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNIJRNI or You.Smart.Thing, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and bookinglab, JRNI or You.Smart.Thing is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Pool Hire Booking Service Service by you.
8.2 As of the MSA Start Date, JRNI and You.Smart.Thing is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or You.Smart.Thing and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or You.Smart.Thing and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or You.Smart.Thing and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI JRNI, You.Smart.Thing or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI JRNI, You.Smart.Thing or bookinglab at your request) from the Pool Hire Booking Service Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities.
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing.
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Master Subscription Agreement
Customer Data. 8.1 You(a) Customer shall be solely responsible for maintaining the Original Data and Customer Networks, and Customer shall retain said data such that it can be promptly regenerated or duplicated as needed. Accordingly, Customer expressly agrees that Service Provider shall not bookinglab have any liability for any data loss, damage to, or JRNI, have sole responsibility corruption of the Original Data. Customer also agrees that it shall not provide any data to Service Provider unless that data is necessary for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessdelivery of the Services, and right even if necessary such data shall not be provided in violation of the following representations and warranties.
i. All Customer Data was accumulated and collected in compliance with all relevant Data Protection Laws, rules and regulations;
ii. The provision of Customer Data to use Service Provider and the processing of the Customer Data by the Service Provider in accordance with the terms of this Agreement will not cause Service Provider to be in breach of any laws or regulations applicable to the Customer Data; and
iii. bookinglab Customer shall not deliver or otherwise provide Service Provider access to Customer Data that is subject to any statutory or regulatory data protection measures or restrictions without first securing Service Provider’s written approval for all such disclosures to be made. For clarity, and JRNI without limiting the applicability of this provision, data that is subject to the following may be impacted: (i) Export Administration Regulations (EAR);
(ii) Gramm–Xxxxx–Xxxxxx Act (GLBA); (iii) Health Insurance Portability and Accountability Act (HIPAA); (iv) Health Information Technology for Economic and Clinical Health (HITECH) Act; and (v) International Traffic in Arms Regulations (ITAR). If Service Provider is not responsible for advised of what type of data will be provided, any of fines and penalties (including those imposed on Service Provider) related to a disclosure that violates the foregoing or for any destructionshall be at Customer’s sole cost and expense. Customer further warrants that no Customer Data shall be transferred to Service Provider via email, damage, lossthrough a third-party tool, or failure to store in any Customer Data beyond its reasonable control other unencrypted or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program unsecured manner. Except for the Services that complies with the ISO 27001 standards purpose of copying, imaging, or such other standards otherwise collecting data as are substantially equivalent requested hereunder, Customer shall not transfer custody of any Original Media to ISO 27001Service Provider. Service Provider disclaims all liability for a violation of this Section.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you Customer shall ensure that it acts in complete compliance with the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical Laws in respect of all personal data, and organisational measures against unauthorised or unlawful processing warrants to Service Provider that, in respect of the any and all personal data that it transfers, or its accidental lossotherwise makes available, destruction to Service Provider, it is lawfully able to transfer or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3make such personal data available, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection has any and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) all necessary consents from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Lawsrelevant data subjects.
Appears in 1 contract
Samples: Internet Services Agreement
Customer Data. 8.1 You16.1 The Customer shall own all rights, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right quality of the Customer Data used in conjunction with and/or entered into the Software Solution. FlowForma shall not be responsible for any loss, destruction, alteration or disclosure of any Customer Data.
16.2 The Customer shall and does hereby:
16.2.1 agree and confirm that all relevant third parties whose data are contained in the Customer Data agree that FlowForma may store the Customer Data in jurisdictions outside the European Economic Area;
16.2.2 agree that FlowForma may access and disclose Customer Data as required by applicable law, as permitted by the Customer and as is required to provide the Software Solution; and
16.2.3 agree to comply with the terms of FlowForma’s third party providers as is required to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by youSoftware Solution.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 16.3 If JRNI and/or bookinglab FlowForma processes any Personal Data personal data on your the Customer's behalf when performing its obligations under this Agreement, the Parties acknowledge parties record their intention that you the Customer shall be the Data Controller data controller and JRNI and/or bookinglab FlowForma shall be a Data Processor data processor and in any such case:
(a) you 16.3.1 the Customer acknowledges and agrees that the personal data may be transferred or stored outside the European Economic Area or the country where the Customer and the Authorised Users are located in order to provide/make available the Software Solution and FlowForma’s other obligations under this Agreement;
16.3.2 the Customer shall ensure that you are the Customer is entitled to transfer the relevant Customer Personal Data personal data to JRNI and/or bookinglab FlowForma so that they FlowForma may lawfully use, process and transfer the Customer Personal Data personal data in accordance with this Agreement on your the Customer's behalf;
(b) you 16.3.3 the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Lawsdata protection legislation;
16.3.4 FlowForma shall process the personal data only in accordance with the terms of this Agreement and any lawful instructions reasonably given by the Customer from time to time;
16.3.5 FlowForma may disclose such information:
(ca) to its affiliates and its/their employees, officers, representatives, advisers, agents and/or subcontractors who need to know such information for the purposes of carrying out FlowForma’s obligations under this Agreement; and
(b) as may be required by law, court order or any governmental or regulatory authority; and
16.3.6 each Party party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Software License Agreement
Customer Data. 8.1 You7.1 The Customer shall own all right, not bookinglab or JRNI, title and interest in and to all of the Customer Data and shall have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriatenessintegrity, accuracy and right to use quality of the Customer Data.
7.2 IMU shall follow its archiving procedures for Customer Data as set out in its Back-Up Policy, as such document may be amended by IMU in its sole discretion from time to time. bookinglab In the event of any loss or damage to Customer Data, the Customer’s sole and JRNI is exclusive remedy shall be for IMU to use reasonable commercial efforts to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by IMU in accordance with the archiving procedure described in its Back-Up Policy. IMU shall not be responsible for any of the foregoing or for any loss, destruction, damage, loss, alteration or failure to store any disclosure of Customer Data beyond its reasonable control or resulting from caused by any failure in data transmission or operation of the Booking Service third party (except those third parties sub-contracted by youIMU to perform services related to Customer Data maintenance and back-up).
8.2 As of 7.3 IMU shall, in providing the MSA Start DateServices, JRNI is certified under ISO 27001 comply with its Privacy and shall maintain an information security program for the Services that complies with the ISO 27001 standards or Security Policy, as such other standards as are substantially equivalent docu- ment may be amended from time to ISO 27001time by IMU in its sole discretion.
8.3 7.4 If JRNI and/or bookinglab IMU processes any Personal Data personal data on your the Customer’s behalf when performing its obligations under this AgreementContract, the Parties acknowledge parties record their intention that you the Customer shall be the Data Controller data control- ler and JRNI and/or bookinglab IMU shall be a Data Processor data processor and in any such case:
(a) you 7.4.1 the Customer acknowledges and agrees that the personal data may be transferred or stored outside the United States or the country where the Customer and the Authorized Users are located in order to carry out the Services and IMU’s other obligations under this Contract;
7.4.2 the Customer shall ensure that you are the Customer is entitled to transfer the relevant Customer Personal Data person- al data to JRNI and/or bookinglab IMU so that they IMU may lawfully use, process and transfer the Customer Personal Data personal data in accordance with this Agreement Contract on your the Customer’s behalf;
(b) you 7.4.3 the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Lawsapplica- ble data protection legislation;
(c) 7.4.4 IMU shall process the personal data only in accordance with the terms of this Contract and any lawful instructions reasonably given by the Customer from time to time; and
7.4.5 each Party party shall take appropriate technical and organisational organizational measures against unauthorised unau- thorized or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Appears in 1 contract
Samples: Contract