Eu Area Personal Data Transfers Sample Clauses

Eu Area Personal Data Transfers 
Sample 1Sample 2Sample 3
AutoNDA by SimpleDocs

Related to Eu Area Personal Data Transfers

  • Data Transfers If Lenovo or its Subcontractors are located outside the EEA, Lenovo and Controller hereby execute the controller to processor standard contractual clauses as set out in MODULE TWO in the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council as amended or superseded from time to time (the "C2P Standard Contractual Clauses") and hereby incorporate them into this Addendum by reference. The parties acknowledge and agree that: a. Lenovo and Controller shall each comply with their respective obligations in the C2P Standard Contractual Clauses; b. If there is any conflict or inconsistency between the C2P Standard Contractual Clauses and this Addendum or the Agreement, the C2P Standard Contractual Clauses shall control to the extent of the conflict; and c. The information in the following tables is hereby incorporated into the C2P Standard Contractual Clauses between the Parties: Clause 9. Use of sub-processors Option 2 GENERAL WRITTEN AUTHORISATION is selected. Data importer shall provide information at least 30 days in advance as per Clause “Subprocessing” Clause 17. Governing law These Clauses shall be construed in accordance with the governing law set forth in the Parties’ base agreement unless that governing law is not that of an EU Member State that allows for third-party beneficiary rights. In such event, the Parties agree that these Clauses shall be governed by the law of IRELAND. Clause 18 (b). Choice of forum and jurisdiction The Parties agree that any dispute arising from these Clauses shall be resolved by the courts of IRELAND. Data Exporter’s Name Controller, and any of its commonly owned or controlled affiliates Data Exporter’s Address The address of the Customer entity that entered into the Agreement. Data Exporter´s contact person´s name, position and contact details As agreed as part of the Agreement. Data Exporter´s activities relevant to the data transferred under these Clauses The Services provided by the Data Importer to the Data Exporter in accordance with the Agreement Data Exporter´s signature and date The parties agree that acceptance of the Agreement by the Data Importer and the Data Exporter has the equivalent legal effect of a signature. The date of signature is the date of such acceptance Data Exporter´s role Controller Data Importer’s name Lenovo and its subcontractors Data Importer´s address The address of the Lenovo entity that is providing the Services Data Importer´s contact details xxxx@xxxxxx.xxx Data Importer´s activities relevant to the data transferred under these Clauses The Services provided by the Data Importer to the Data Exporter in accordance with the Agreement Data Importer´s signature and date The parties agree that acceptance of the Agreement by the Data Importer and the Data Exporter has the equivalent legal effect of a signature. The date of signature is the date of such acceptance Data Importer’s Role Processor Categories of data subjects As set out in Exhibit A Categories of personal data As set out in Exhibit A Sensitive data As set out in Exhibit A Frequency of the Transfer As required for the provision of the Services Nature of the processing As set out in Exhibit A Purpose of the processing As set out in Exhibit A Period for which personal data will be retained As set out in Exhibit A Subject matter, nature and duration of the processing carried out by subprocessors As set out in Exhibit A Competent Supervisory Authority with responsibility for ensuring compliance by the data exporter with Regulation (EU) 2016/679 ty The supervisory authority that will act as competent supervisory authority will be that of the EU member State where Data Exporter is established in the EU. If Data Exporter (i.e., contracting legal entity) is not established in EU, then the Competent Supervisory Authority will be such of the EU Member State in which the Data Exporter´s EU representative within the meaning of Article 27(1) of Regulation (EU) 2016/679 is established. If the Data Exporter is not established in the EU but does not need to appoint an EU representative, then the Competent Supervisory Authority will be that of the EU Member State in which the data subjects whose personal data is transferred under these Clauses in relation to the offering of goods or services to them, or whose behaviour is monitored, are located. Description of the technical and organisational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights andfreedoms of natural persons. Set forth at Section 11 of this Addendum and in its Exhibit A. List of authorised subprocessors As set out in Annex 1 to Exhibit A

  • Transfers of Personal Data Oracle may store or transfer Your Content on a global basis as necessary for the Purpose(s). Oracle and its affiliates may perform certain aspects of the Services (e.g., administration, maintenance, support, disaster recovery, data processing, etc.) from locations and through subcontractors, worldwide. Data transfers are made subject to the terms of the EU Standard Contractual Clauses for Controllers (“Clauses”) if: (a) You (or Your data partner) share, use, or process Personal Data under this Agreement; and (b) such data transfer is: (i) subject to any restrictions or requirements under Directive 95/46/EC or Regulation (EU) 2016/679 repealing Directive 95/46/EC (General Data Protection Regulation); and (ii) made to countries, jurisdictions or recipients outside the EEA or Switzerland not recognized by the European Commission as ensuring an adequate level of protection pursuant to Directive 95/46/EC or General Data Protection Regulation. You and Oracle agree that incorporation of the Clauses into this Agreement acts as a legally-binding execution of the Clauses as entered into between Oracle (acting in its own name and in the name and on behalf of the Oracle affiliates) and You (acting in Your own name and in the name and on behalf of Your affiliates).

  • International Data Transfers The Company and the Stock Plan Administrator are based in the United States. The Participant should note that the Participant’s country of residence may have enacted data privacy laws that are different from the United States. The Company’s legal basis for the transfer of the Participant's Personal Information to the United States is the Participant’s consent.

  • Transfer of Personal Data The Participant authorizes, agrees and unambiguously consents to the transmission by the Company (or any Subsidiary) of any personal data information related to the RSUs awarded under this Agreement for legitimate business purposes (including, without limitation, the administration of the Plan). This authorization and consent is freely given by the Participant.

  • Types of Personal Data Contact Information, the extent of which is determined and controlled by the Customer in its sole discretion, and other Personal Data such as navigational data (including website usage information), email data, system usage data, application integration data, and other electronic data submitted, stored, sent, or received by end users via the Subscription Service.

  • Personal Data Registry Operator shall (i) notify each ICANN-­‐accredited registrar that is a party to the registry-­‐registrar agreement for the TLD of the purposes for which data about any identified or identifiable natural person (“Personal Data”) submitted to Registry Operator by such registrar is collected and used under this Agreement or otherwise and the intended recipients (or categories of recipients) of such Personal Data, and (ii) require such registrar to obtain the consent of each registrant in the TLD for such collection and use of Personal Data. Registry Operator shall take reasonable steps to protect Personal Data collected from such registrar from loss, misuse, unauthorized disclosure, alteration or destruction. Registry Operator shall not use or authorize the use of Personal Data in a way that is incompatible with the notice provided to registrars.

  • Processing of Personal Data 1.1. With regard to the Processing of Personal Data, You are the controller and determine the purposes and means of Processing of Personal Data You provide to Us (“Controller”) and You appoint Us as a processor (“Processor”) to process such Personal Data (hereinafter, “Data”) on Your behalf (hereinafter, “Processing”). 1.2. The details of the type and purpose of Processing are defined in the Exhibits attached hereto. Except where the DPA stipulates obligations beyond the Term of the Agreement, the duration of this DPA shall be the same as the Agreement Term. 1.3. You shall be solely responsible for compliance with Your obligations under the applicable Data Protection Laws, including, but not limited to, the lawful disclosure and transfer of Personal Data to Us by upload of source data into the Cloud Service or otherwise. 1.4. Processing shall include all activities detailed in this Agreement and the instructions issued by You. You may, in writing, modify, amend, or replace such instructions by issuing such further instructions to the point of contact designated by Us. Instructions not foreseen in or covered by the Agreement shall be treated as requests for changes. You shall, without undue delay, confirm in writing any instruction issued orally. Where We believe that an instruction would be in breach of applicable law, We shall notify You of such belief without undue delay. We shall be entitled to suspend performance on such instruction until You confirm or modify such instruction. 1.5. We shall ensure that all personnel involved in Processing of Customer Data and other such persons as may be involved in Processing shall only do so within the scope of the instructions. We shall ensure that any person Processing Customer Data is subject to confidentiality obligations similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Processing.

  • Your Personal Data 17.1. PCSIL is a registered Data Controller with the Data Protection Commission in Ireland. 17.2. In order for us to provide you with the services relating to your Account, we are required to collect and process personal data about you, Additional Cardholders and Authorised Persons, with your consent or on a legal basis to meet our obligations for Anti-Money Laundering legislation or other governmental organisation. Where applicable, if an Account holder is under 16, then parental consent is explicitly required. 17.3. Your consent will be sought for collection of your data and you have the right to agree or decline. Where you decline consent for the collection and processing of your data, we reserve our right to discontinue service due to our obligations as a financial services institution. 17.4. We may disclose or check your personal data with other organisations and obtain further information about you in order to verify your identity and comply with applicable money laundering and governmental regulations. A record of our enquiries will be left on your file. 17.5. We may pass your personal data on to third-party service providers contracted to PCSIL in the course of dealing with your Account. Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to fulfil the service they provide you on our behalf. Where we transfer the personal data to a third country or international organisation, we ensure this is done securely and that they meet a minimum standard of data protection in their country. 17.6. You have the right to receive information concerning the personal data we hold about you and to rectify such data where it is inaccurate or incomplete. You have the right to object to or withdraw any consent you have given for certain types of processing such as direct marketing. 17.7. Your data will be retained for 6 years after the end of the provision of services to you, where your data will be destroyed in compliance with the requirements of the General Data Protection Regulation. 17.8. In the event that you wish to make a complaint about how your personal data is being processed by us (or third parties as described in 17.5 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PCSIL’s Data Protection Officer. 17.9. Our Privacy Policy provides full details on your rights as a data subject and our obligations as a data controller. Please read this document carefully and ensure you understand your rights.

  • Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller. 2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally. 2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest. 2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission. 2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data. 2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal framework on the protection of Personal Data. The practical consequence of this is that, in addition to the full responsibility of the Processor towards the Controller, she shall carry the same level of responsibility vis-à-vis the independent supervisory authority (and any other competent state authority) as well as the Natural Persons - Data Subjects of the data being processed.

  • Type of Personal Data Data Subjects may provide the following Shared Personal Data in connection with the purchase of a domain name from a Registrar:

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!