Demonstration of Compliance. Vendor shall make available to Customer all information reasonably necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections by Customer, in order to assess compliance with this DPA. Customer acknowledges and agrees that it shall exercise its audit and inspection rights under this DPA by instructing Vendor to supply, on a confidential basis, (i) a summary copy of an independently validated report of its security programs (e.g. SOC 2, Type II Report), or its hosting provider’s security programs if Vendor does not host the Personal Data itself, or (ii) if Vendor does not have such a report, written responses to all reasonable requests for information made by Customer necessary to confirm Vendor’s compliance with this DPA. Customer shall not exercise this right to audit and inspect more than once per calendar year.
Appears in 4 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement