Demonstration of Compliance. Vendor shall make available to Customer all information reasonably necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections by Customer, in order to assess compliance with this DPA. Customer acknowledges and agrees that it shall exercise its audit and inspection rights under this DPA by instructing Vendor to supply, on a confidential basis, (i) a summary copy of an independently validated report of its security programs (e.g. SOC 2, Type II Report), along with copies of any related policies and other documentation, or its hosting provider’s security programs and related policies and documentation if Vendor does not host the Personal Data itself, or (ii) if Vendor does not have such a report, written responses to all reasonable requests for information made by Customer necessary to confirm Vendor’s compliance with this DPA, along with copies of any related policies and other documentation. Customer shall not exercise this right to audit and inspect more than once per calendar year.
Appears in 5 contracts
Samples: Processing Agreement, Data Processing Agreement, Data Processing Agreement
