Data Processing Agreement The Data Processing Agreement, including the Approved Data Transfer Mechanisms (as defined in the Data Processing Agreement) that apply to your use of the Services and transfer of Personal Data, is incorporated into this Agreement by this reference. Each party will comply with the terms of the Data Processing Agreement and will train its employees on DP Law.
Data Processing In this clause:
Data Input Control It will be possible to retrospectively examine and establish whether and by whom Personal Data have been entered, modified or removed from SAP data processing systems.
Details of Data Processing (a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.
Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller.
2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally.
2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest.
2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission.
2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data.
2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal framework on the protection of Personal Data. The practical consequence of this is that, in addition to the full responsibility of the Processor towards the Controller, she shall carry the same level of responsibility vis-à-vis the independent supervisory authority (and any other competent state authority) as well as the Natural Persons - Data Subjects of the data being processed.
Network Services Local Access Services In lieu of any other rates and discounts, Customer will pay fixed monthly recurring local loop charges ranging from $1,200 to $2,000 for TDM-based DS-3 Network Services Local Access Services at 2 CLLI codes mutually agreed upon by Customer and Company.
Processing of Customer Personal Data 3.1 UKG will:
3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data.
3.2 Customer hereby:
3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement.
3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and
3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law.
3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
Data Services In lieu of any other rates or discounts, the Customer will receive a discount equal to 20% for the following Data Services: Access: Standard VBS3Guide local loop charges for DS-0, DS-1 and DS-3 Access Service.
Xxxxxxxx-Xxxxx; Internal Accounting Controls The Company and the Subsidiaries are in compliance with any and all applicable requirements of the Xxxxxxxx-Xxxxx Act of 2002 that are effective as of the date hereof, and any and all applicable rules and regulations promulgated by the Commission thereunder that are effective as of the date hereof and as of the Closing Date. The Company and the Subsidiaries maintain a system of internal accounting controls sufficient to provide reasonable assurance that: (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management’s general or specific authorization, and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Company and the Subsidiaries have established disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) for the Company and the Subsidiaries and designed such disclosure controls and procedures to ensure that information required to be disclosed by the Company in the reports it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the Commission’s rules and forms. The Company’s certifying officers have evaluated the effectiveness of the disclosure controls and procedures of the Company and the Subsidiaries as of the end of the period covered by the most recently filed periodic report under the Exchange Act (such date, the “Evaluation Date”). The Company presented in its most recently filed periodic report under the Exchange Act the conclusions of the certifying officers about the effectiveness of the disclosure controls and procedures based on their evaluations as of the Evaluation Date. Since the Evaluation Date, there have been no changes in the internal control over financial reporting (as such term is defined in the Exchange Act) of the Company and its Subsidiaries that have materially affected, or is reasonably likely to materially affect, the internal control over financial reporting of the Company and its Subsidiaries.
Sxxxxxxx-Xxxxx; Internal Accounting Controls The Company and the Subsidiaries are in compliance with any and all applicable requirements of the Sxxxxxxx-Xxxxx Act of 2002 that are effective as of the date hereof, and any and all applicable rules and regulations promulgated by the Commission thereunder that are effective as of the date hereof and as of the Closing Date. The Company and the Subsidiaries maintain a system of internal accounting controls sufficient to provide reasonable assurance that: (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management’s general or specific authorization, and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Company and the Subsidiaries have established disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) for the Company and the Subsidiaries and designed such disclosure controls and procedures to ensure that information required to be disclosed by the Company in the reports it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the Commission’s rules and forms. The Company’s certifying officers have evaluated the effectiveness of the disclosure controls and procedures of the Company and the Subsidiaries as of the end of the period covered by the most recently filed periodic report under the Exchange Act (such date, the “Evaluation Date”). The Company presented in its most recently filed periodic report under the Exchange Act the conclusions of the certifying officers about the effectiveness of the disclosure controls and procedures based on their evaluations as of the Evaluation Date. Since the Evaluation Date, there have been no changes in the internal control over financial reporting (as such term is defined in the Exchange Act) of the Company and its Subsidiaries that have materially affected, or is reasonably likely to materially affect, the internal control over financial reporting of the Company and its Subsidiaries.