Data Transfers to Third Countries. 7.1 If the Processor processes EU, UK or Swiss Personal Data at or from its facilities in a third country as a data controller located in the EU, UK or Switzerland (“European Territories”), the Standard Contractual Clauses shall be incorporated by reference in this DPA. The parties agree that Processor is the data importer and Controller is the data exporter. Unless otherwise agreed by the parties, Exhibits A and B of this DPA shall apply to the Standard Contractual Clauses, and for the purpose of clauses 9 and 11(3) of the Standard Contractual Clauses, the governing law will be the country in which the relevant Controller is established. Nothing in this DPA shall be construed to prevail over any conflicting clause of the Standard Contractual Clauses. Each party acknowledges that it has had the opportunity to review the Standard Contractual Clauses. In particular, the Processor acknowledges its obligations: (i) under clause 5(a) of the Standard Contractual Clauses to promptly inform the Controller of the Processor’s inability to comply with the Standard Contractual Clauses; (ii) under clause 5(d)(i) of the Standard Contractual Clauses to notify the Controller of a legally binding request for disclosure by a law enforcement authority; and (iii) under clause 5(e) of the Standard Contractual Clauses to deal promptly and properly with all inquiries from the Controller relating to the processing which is the subject of the transfer.
Data Transfers to Third Countries. 11.1. YOC and the Service Provider are responsible for ensuring that, in the event of a data transfer, the technologies they use process the personal data either exclusively in a member state of the European Union ("EU") or in another state Party to the agreement on the European Economic Area ("EEA"). Any processing of personal data in countries without an adequate level of data protection (hereinafter "Third Country") requires that the legal requirements for data exports to Third Countries under applicable law are met. This shall apply mutatis mutandis to the extent that YOC or the Service Provider commissions processors in third countries to process the personal data.
Data Transfers to Third Countries. 3.18. To the extent any processing of Personal Data by Xxxxxxx takes place in any Third Country, the Customer agrees, and Xxxxxxx undertakes that, any such processing shall be subject to a written agreement which includes the Standard Contractual Clauses.
Data Transfers to Third Countries. The recipients of Personal Data might be located outside the European Union or the European Economic Area and therefore might not have a data protection equivalent to EU data protection law. Unless there is an adequacy decision by the EU Commission for these states or the transfer is based on an exemption provided for by the GDPR (e.g. express consent, assertion, exercise or defense of legal rights), the Supplier will take all necessary measures to ensure that transfers to such organizations are adequately protected, e.g. by signing the standard contractual clauses stipulated by the EU Commission (“SSC”) with the data recipients or be relying on Privacy Shield Principles (“PSP”). A copy of these reasonable warranties may be requested by contacting the Supplier’s Data Protection Department at: xxxxxxxxxxxxxx@xxxxxxxxxx.xxx. A transfer of data to official authorities in countries outside the European Union or the European Economic Area (so-called third countries) takes place, if required by law, express consent has been given or this is legitimated by the legitimate interest of the Supplier or the third party for data protection purposes, e.g. internal administrative purposes and no higher legitimate interests by Customer.
