Data Transfers and Additional Safeguards Sample Clauses

Data Transfers and Additional Safeguards a. Menlo Security will not engage in any cross-border Processing of Personal Data, or transmit, directly or indirectly, any Personal Data to any country outside of the country from which such Personal Data was collected, without complying with applicable Data Privacy Laws. Where Menlo Security engages in an onward transfer of Personal Data, Menlo Security shall ensure that a lawful data transfer mechanism is in place prior to transferring Personal Data from one country to another. b. To the extent legally required, by signing this DPA, ▇▇▇▇▇▇▇▇ and Menlo Security are deemed to have signed the EU SCCs, which form part of this DPA and (except as described in Section 7(c) and (d) below) will be deemed completed as follows: i. Module 2 of the EU SCCs applies to transfers of Personal Data from Customer (as a controller) to Menlo Security (as a processor) and Module 3 of the EU SCCs applies to transfers of Personal Data from Customer (as a processor) to Menlo Security (as a sub-processor); ii. Clause 7 of Modules 2 and 3 (the optional docking clause) is not included; iii. Under Clause 9 of Modules 2 and 3 (Use of sub-processors), the Parties select Option 2 (General written authorization). The initial list of sub-processors is set forth in Exhibit C of this DPA and Menlo Security shall propose an update to that list at least 7 days in advance of any intended additions or replacements of sub-processors in accordance with Section 6(b) of this DPA; iv. Under Clause 11 of Modules 2 and 3 (Redress), the optional language requiring that data subjects be permitted to lodge a complaint with an independent dispute resolution body shall not be deemed to be included; v. Under Clause 17 of Modules 2 and 3 (Governing law), the Parties choose Option 1 (the law of an EU Member State that allows for third-Party beneficiary rights). The Parties select the law of Ireland; vi. Under Clause 18 of Modules 2 and 3 (Choice of forum and jurisdiction), the Parties select the courts of Ireland; vii. ▇▇▇▇▇ ▇(A) and I(B) of Modules 2 and 3 (List of Parties) is completed as set forth in Exhibit A of this DPA; viii. Under ▇▇▇▇▇ ▇(C) of Modules 2 and 3 (Competent supervisory authority), the Parties shall follow the rules for identifying such authority under Clause 13 and, to the extent legally permissible, select the Irish Data Protection Commission. ix. ▇▇▇▇▇ ▇▇ of Modules 2 and 3 (Technical and organizational measures) is completed with Exhibit B of this DPA; and x. ▇▇▇▇▇ ▇▇▇ of Modules 2 a...
View SourceView Similar (2)
Data Transfers and Additional Safeguards. To the extent that Securonix Processes Personal Data of Data Subjects located in or subject to the applicable Data Protection Laws of the European Economic Area (“EEA”), the United Kingdom, and/or Switzerland, by signing this Addendum, the Parties agree as follows: 10.1 With respect to Personal Data transferred from the United Kingdom for which United Kingdom law (and not the law in any EEA jurisdiction) governs the international nature of the transfer, and such law permits use of the Old SCCs but not use of the New EU SCCs, the Old SCCs form part of this DPA and take precedence over the rest of this DPA to the extent of any conflict, until such time that the United Kingdom recognizes the New EU SCCs, in which case this provision 11.1 shall be void and replaced with section 11.2, and shall be deemed completed as follows: 10.1.1 The data “exporter” is Company and the data “importer” is Securonix. 10.1.2 Clause 9 of the Old SCCs specifies that United Kingdom law will govern the Old SCCs. 10.1.3 The content of Appendix 1 of the Old SCCs is set forth in Annex I.B of the New EU SCCs. 10.1.4 The content of Appendix 2 of the Old SCCs is set forth in the Annex II of the New EU SCCs. 10.2 For all other Personal Data, the New EU SCCs form part of this DPA and take precedence over the rest of this DPA to the extent of any conflict. 10.3 With respect to Personal Data transferred from Switzerland for which Swiss law (and not the law in any EEA jurisdiction) governs the international nature of the transfer, references to the GDPR in Clause 4 of the New EU SCCs are, to the extent legally required, amended to refer to the Swiss Federal Data Protection Act or its successor instead, and the concept of supervisory authority shall include the Swiss Federal Data Protection and Information Commissioner. 10.4 To the extent applicable, Securonix will provide reasonable assistance to Company for the parties’ compliance obligations under Section III of the New EU SCCs, including, to the extent legally permissible, by informing Company of new facts or determinations known to Securonix that are likely to negatively impact the level of protection that the transferred Personal Data receives. 10.5 Company and Securonix shall encrypt all transfers of the Personal Data between them, and Securonix shall encrypt any onward transfers it makes of such personal data, to prevent the acquisition of such data by third parties, such as governmental authorities who may gain physical access to the t...
View SourceView Similar (2)
Data Transfers and Additional Safeguards. To the extent that Securonix Processes Personal Data of Data Subjects located in or subject to the applicable Data Protection Laws of the European Economic Area (“EEA”), the United Kingdom, and/or Switzerland, by signing this Addendum, the Parties agree as follows:
View Source