Data Processor Obligations Sample Clauses

Data Processor Obligations. With respect to the Parties’ rights and obligations under this Provider Agreement, the Parties agree that the Council is the Data Controller and that the Service Provider is the Data Processor. A description of the Personal Data processed by the Service Provider and the processing activities undertaken by the Service Provider is set out in the Data Processing Activities set out in clause 19.1. • In respect of Personal Data that the Service Provider processes on behalf of the Council in connection with this Provider Agreement, the Service Provider shall and shall procure that its representatives shall: 19.3.1 solely process the Personal Data for the purposes of fulfilling its obligations under this Provider Agreement and in compliance with the Council’s written instructions as set out in this Provider Agreement and as may be specified from time to time in writing by the Council; 19.3.2 notify the Council immediately if any instructions of the Council relating to the processing of Personal Data are unlawful; 19.3.3 not transfer to or access any Personal Data from a country outside of the United Kingdom without the prior written consent of the Council; 19.3.4 comply with the Council’s instructions in relation to transfers of Personal Data to a country outside of the United Kingdom unless the Service Provider is required pursuant to applicable laws to transfer Personal Data outside the United Kingdom, in which case the Service Provider shall inform the Council in writing of the relevant legal requirement before any such transfer occurs unless the relevant law prohibits such notification on important grounds of public interest; 19.3.5 take reasonable steps to ensure the reliability of any Staff who have access to the Personal Data and ensure that all Staff used by the Service Provider to process Personal Data are subject to legally binding obligations of confidentiality in relation to the Personal Data; 19.3.6 ensure that none of the Service Provider’s Staff publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Council; 19.3.7 not engage any sub-contractor to carry out any processing of Personal Data without the prior written consent of the Council provided that notwithstanding any such consent the Service Provider shall remain liable for compliance with all the requirements of this Provider Agreement including in relation to the processing of Personal Data; 19.3.8 ensure that obligations equivalent ...

Data Processor Obligations. 2.3.1 To the extent that The Growth Company Processes any Personal Data as a Processor on behalf of the Customer for the purpose of performing the Services under this Agreement, The Growth Company undertakes to the Customer that The Growth Company shall: (a) only Process Personal Data for and on behalf of the Customer for the purposes of performing its obligations under this Agreement and only in accordance with the Customer's instructions from time to time, unless otherwise required by law; (b) inform the Customer immediately if it considers any of the Customer's instructions infringes Data Protection Laws; (c) implement and maintain appropriate technical and organisational security measures to safeguard against any unauthorised or unlawful Processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data and where requested provide to the Customer evidence of its compliance with such requirement; (d) take all reasonable steps to ensure the reliability and integrity of any of its staff and independent contractors who have access to Personal Data and ensure that only staff and contractors who are required to assist in performing the Services have access to such Personal Data; (e) ensure that any of its staff and/or contractors who have access to Personal Data have entered into appropriate contractually binding confidentiality obligations; (f) not disclose Personal Data to a third party (including a sub-contractor or sub-processor) unless the third party agrees to terms which are substantially the same as the terms set out in this Agreement or in response to Third Party Requests where The Growth Company is prohibited by law or regulation from notifying the Customer; (g) at the Customer’s reasonable request: (i) make available to the other party evidence to demonstrate The Growth Company’s compliance with the requirements of this Paragraph 2.3.1; and/or (ii) allow for and contribute to audits of The Growth Company’s Processing activities pursuant to this Agreement conducted by or on behalf of the Customer on reasonable notice; (h) at the Customer’s direction, arrange for the prompt and safe return and/or secure permanent destruction of all Personal Data, together with all copies in its possession or control (if any) within forty (40) days of such direction and, where requested by the Customer, certify that such destruction has taken place, except where The Growth Company is required by Applicable Law or any regulatory bod...

Data Processor Obligations. The Contractor shall (and shall ensure that its Contract Workers and agents shall): a) implement and maintain appropriate technical and organisational measures and safeguards for protection of personal data, to ensure the rights of data subjects are protected and to ensure that processing will meet the requirements of the General Data Protection Regulation; b) ensure that all employees and subcontractors authorised to process personal data are subject to binding confidentiality obligations in respect of that personal data; c) assist the Purchaser, using appropriate technical and organisational measures, to respond to requests from data subjects including requests for information, requests for deletion and amendments of information and requests for the transfer of data; d) assist the Purchaser in ensuring compliance with its security, data breach notification, impact assessment and consultation obligations under Data Protection Legislation, taking into account the nature of processing and information available to the data processor; e) at the Purchaser’s election, delete or return all personal data and existing copies to the Purchaser (unless Data Protection Legislation requires the data processor to store that personal data); f) make available to the Purchaser all information necessary, and allow for and contribute to audits and inspections conducted by the Purchaser or the Purchaser’s mandated auditor, to demonstrate the data processor’s compliance with its obligations under this agreement; g) immediately inform the Purchaser if, in the data processor’s opinion, any instruction given by the Purchaser to the data processor infringes Data Protection Legislation; h) maintain a written record of all processing activities under its responsibility and of all categories of processing activities carried out on behalf of the Purchaser, that satisfies the requirements of the Data Protection Legislation; i) cooperate on request with any relevant European Union or member state supervisory authority; j) notify the Purchaser without undue delay after becoming aware of a breach of personal data and notify the Purchaser immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state; k) take any further action and execute any further documents and amendments to this Contract as may, in the Purchaser’s reasonable opinion, be required to comply with Data Protection Legislation; l) only process personal data in accorda...

Data Processor Obligations. (A) To the extent that the Supplier Processes Personal Data under this Agreement as a Processor on behalf of the Client (as the Controller), then the Supplier shall: (1) only Process the Personal Data for and on behalf of the Client for the purposes of performing its obligations under this Agreement, and only in accordance with the terms of this Agreement and any documented instructions from the Client; (2) keep a record of any Processing of the Personal Data it carries out on behalf of the Client; (3) unless prohibited by law, notify the Client immediately (and in any event within 24 hours of becoming aware of the same) if it considers, in its opinion (acting reasonably) that it is required by law to act other than in accordance with the instructions of the Client, including where it believes that any of the Client’s instructions under paragraph 14.7(A)(1) infringe any Data Protection Legislation. (4) procure that appropriate technical and organisational measures are taken against unauthorised or unlawful Processing of such Personal Data and against accidental loss or destruction of, or damage to, such Personal Data, taking into account the nature of the Personal Data and which are at least sufficient to comply with the obligations imposed on the Client by the Security Requirements under Data Protection Legislation. Where requested by the Client, the Supplier shall provide to the Client evidence of its compliance with such requirements promptly, and in any event within 48 hours of the request; (5) ensure that all such Personal Data shall be collected, processed and used fairly and lawfully and in accordance with Data Protection Legislation; (6) operate adequate security procedures, processes and systems to ensure that unauthorised persons do not have access to any equipment used to Process such Personal Data or to the Personal Data itself where possible access to Personal Data is restricted to the Account Manager for the Client; (7) ensure that any and all use of such Personal Data for marketing purposes shall comply with Data Protection Legislation and, with the provisions of the Privacy and Electronic Communications (EC Directive) Regulations 2003; (8) ensure that such Personal Data is not transferred to a country, territory or jurisdiction outside of the European Economic Area which the EU Commission has not deemed to provide adequate protection in accordance with Article 45 (1) of the GDPR (as applicable) except with the prior written consent of the C...

Data Processor Obligations. 3.1 You shall, in relation to any Personal Data processed by You in connection with the provision of the Goods and/ or Services under the Principal Agreement: (a) process that Personal Data only on Our written instructions unless You are required by the laws of any member of the European Union or by the laws of the European Union applicable to You to process Personal Data (“Applicable Data Laws”); (b) where You are relying on laws of a member of the European Union or European Union law as the basis for processing Personal Data under sub- clause (a) above, promptly notify Us of this before performing the processing required by the Applicable Data Laws unless those Applicable Data Laws (or other applicable laws) prohibit You from so notifying Us; and (c) ensure that all personnel who have access to and/ or process Personal Data are obliged to keep the Personal Data confidential. Only such of Your personnel who are necessarily required to have access to the Personal Data for the Purpose shall have access to the Personal Data.

Data Processor Obligations. The Contractor shall (and shall ensure that its Contract Workers and agents shall):

Data Processor Obligations. NAIZ FIT and all its personnel are obliged to:

Data Processor Obligations. The Parties acknowledge that, where as part of SIT, the Industry Participant Processes the Data pursuant to the Purpose: a) the Industry Participant will be Processing the Data as a Processor; b) the Controller shall be Elexon (in its capacity as MHHS Implementation Manager as defined in the BSC); c) the Industry Participant shall comply with the provisions in Annex 1; d) the Industry Participant, in its capacity as Controller described in Clause 3.2 above, consents and agrees to the provisions of Annex 1.

Data Processor Obligations. Notwithstanding clause 6.1, to the extent that the Receiving Institution is acting as a Data Processor for and on behalf of the Disclosing Institution in relation to Processing in connection with the Purpose, in addition to its obligations set out in clauses 8.1.2 to 8.1.7 inclusive, it will comply with the obligations imposed on the Disclosing Institution by the Seventh Data Protection Principle, namely: maintain technical and organisational security measures sufficient to comply with the obligations imposed on the Disclosing Institution by the Seventh Data Protection Principle and take reasonable steps to ensure the reliability of any personnel of the Data Processor who have access to Speaker Data; only process Speaker Data for and on behalf of the Disclosing Institution for the purpose of performing its obligations under this Agreement in relation to the Purpose and in accordance with the terms of this Agreement (and where necessary only on instructions from the Disclosing Institution to ensure compliance with the Data Protection Laws); and allow representatives of the Disclosing Institution to audit the Receiving Institution's compliance with the requirements of this clause 9 on reasonable notice and/or, at the option of the Disclosing Institution on request to provide the Disclosing Institution with evidence of its compliance with such requirements.

Data Processor Obligations. 3.1. In relation to any Personal Data processed by or on behalf of Global in the provision of the Global Services, Global shall: (a) only process the Personal Data in order to provide the Global Services and shall act only in accordance with the Agreement, this Addendum and on the instruction of Advertiser ("Processing Instructions" and as may be further defined in Exhibit A). In the event that Data Protection Laws require Global to process Personal Data other than pursuant to Advertiser's instruction, Global will notify Advertiser before processing such Personal Data (unless prohibited from so doing by Data Protection Laws on important grounds of public interest); (b) as soon as reasonably practicable inform Advertiser if, in its opinion, an instruction of Advertiser infringes Data Protection Laws; (c) taking into account the nature of and risks associated with the type of Personal Data collected or used in connection with the Global Services, implement and maintain appropriate technical and organisational measures in relation to the processing of Personal Data by Global: (i) such that the processing will meet the requirements of Data Protection Laws and ensure the protection of the rights of Data Subjects; (ii) so as to ensure a level of security in respect of Personal Data processed by it is appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed; and (iii) without prejudice to clause 3.1(h), insofar as is possible, to assist Advertiser in the fulfilment of Advertiser's obligations to respond to Data Subject Requests relating to Personal Data. (d) not engage Sub-Processors in respect of the Global Services without Advertiser's prior written consent. Global shall remain fully liable to Advertiser for the performance of a Sub-Processor's obligations; (e) without prejudice to any other provision of this Addendum, ensure that Global personnel processing Personal Data are reliable and have received adequate training on compliance with this Addendum and the Data Protection Laws applicable to the processing; (f) ensure that all Sub-Processors and Global personnel processing Personal Data are subject to a binding written contractual obligation with Global to keep the Personal Data confidential (except where disclosure is required in accordance with law, in which case Global shall, where...