EU Standard Contractual Clauses. To the extent applicable, the parties will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of Personal Data from the European Economic Area and Switzerland. All transfers of Customer Data out of the European Union, European Economic Area, and Switzerland will be governed by the Standard Contractual Clauses, as designated by the European Commission, made available by the Publisher at the applicable URL for such terms or as otherwise communicated to Customer.
EU Standard Contractual Clauses. The parties agree that the EU Standard Contractual Clauses will apply to Personal Information that is transferred via the Service from the EEA or Switzerland, either directly or via onward transfer, to any country or recipient outside the EEA or Switzerland that is: (a) not recognized by the European Commission (or, in the case of transfers from Switzerland, the competent authority for Switzerland) as providing an adequate level of protection for Personal Information. For data transfers from the EEA that are subject to the EU Standard Contractual Clauses, the EU Standard Contractual Clauses will be deemed entered into (and incorporated into this DPA by this reference) and completed as follows:
(a) Module One (Controller to Controller) of the EU Standard Contractual Clauses will apply where Webflow is processing Customer Account Data;
(b) Module Two (Controller to Processor) of the EU Standard Contractual Clauses will apply where Customer is a Controller of Customer Personal Information and Webflow is processing Customer Personal Information;
(c) Module Three (Processor to Processor) of the EU Standard Contractual Clauses will apply where Customer is a Processor of Customer Personal Information and Webflow is processing Customer Personal Information;
(d) For each Module, where applicable:
1. Clause 7: The optional docking clause will not apply;
2. Clause 9: Option 2 will apply and the time period for prior written notice of subprocessor changes will be as set forth in Section 5 (Use of Subprocessors) of the DPA;
3. Clause 11: The optional language will not apply;
4. Clause 17: the EU Standard Contractual Clauses will be governed by the laws of Ireland;
5. Clause 18: the EU Standard Contractual Clauses disputes will be resolved before the courts of Ireland.
(e) Schedule 1 of this DPA serves as Annex I of the EU Standard Contractual Clauses
(f) Schedule 2 (Technical and Organizational Security Measures) of this DPA serves as Annex II of the EU Standard Contractual Clauses.
EU Standard Contractual Clauses. Clause 1
EU Standard Contractual Clauses. 13.1. Under the ESA Personal Data Protection Framework, the transfer of Personal Data towards a country not recognized as offering an Adequate Level of Protection may only be done after being authorised by the ESA Data Protection Officer (DPO) and subject to “adequate safeguards with respect to the protection of the Personal Data and data subject’s rights”.
13.2. As “adequate safeguards”, the Parties agreed to adopt the level of protection resulting from the provisions of the EU Standard Contractual Clauses for the Transfer of Personal Data to Third Countries pursuant to Regulation (EU) 2016/679, in their latest version released / approved by the European Commission (hereinafter “EU SCC”), which shall be deemed included, by reference, in the Contract, together with the Annexes of EU SCC filled in as appropriate, subject always to the prevailing principles applicable in relation to ESA:
a) the provisions of EU SCC will apply mutatis mutandis, only to the extent compatible with the specific statute of ESA as international intergovernmental organisation and always subject to the application of ESA Convention, in particular its Annex I “Privileges and immunities” and its legal framework, including by PDP Framework available at xxxx://xxx.xxx.xxx/About_Us/Law_at_ESA/Highlights_of_ESA_rules_and_regulations, which shall prevail in particular in case of conflict, ambiguity or inconsistency;
b) any provision of the EU SCC referring a dispute to a national court or another national or international forum is deemed not applicable, given that the Parties agree that:
(i) any Personal Data-related incidents or disputes shall be submitted to the independent Data Protection Supervisory Authority established by ESA Council Resolution, in which case the Rules of Procedure for the Data Protection Supervisory Authority, as set forth ESA PDP Framework, shall apply;
(ii) any other matter giving rise to a dispute shall be referred to arbitration as per Clause 35 of the Contract.
EU Standard Contractual Clauses. The standard contractual clauses for the transfer of personal data to processors established in third countries, which are annexed to the European Commission Decision of 5 February 2010 (2010/87/EU), as amended and in force, or any other personal data protection standard contractual clauses to be approved by the European Commission in accordance with the GDPR.
EU Standard Contractual Clauses. To the extent applicable, the parties will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of Personal Data from the European Economic Area and Switzerland. All transfers of Customer Data out of the European Union, European Economic Area, and Switzerland will be governed by the Standard Contractual Clauses, as designated by the European Commission, made available by the Publisher at the applicable URL for such terms or as otherwise communicated to Customer. Personal Data. Customer consents to the processing of Personal Data by Publisher and its Affiliates, and their respective agents and Subcontractors, as provided in this Agreement. Before providing Personal Data to Publisher, Customer will obtain all required consents from third parties (including Customer’s contacts, partners, distributors, administrators, and employees) under applicable privacy and Data Protection Laws. Processing of Personal Data; GDPR. To the extent Publisher is a processor or subprocessor of Personal Data subject to the GDPR, the Standard Contractual Clauses govern that processing and the parties also agree to the following terms in this subsection (“Processing of Personal Data; GDPR”):
EU Standard Contractual Clauses. CA and CA Affiliates acting as Subprocessor (as listed in Annex 2) have previously entered into The EU Standard Contractual Clauses for a controller-processor relationship and for the benefit of the Customer. Further, CA hereby enters into approved EU Standard Contractual Clauses (Processors), as further set forth in Section 9 of this Addendum, and a copy of which is attached hereto in Attachment 1. In the event that Services are covered by more than one transfer mechanism, the transfer of Customer's Personal Data will be subject to a single transfer mechanism in accordance with the following order of precedence: (i) Privacy Shield self-certifications; (ii) EU Standard Contractual Clauses.
EU Standard Contractual Clauses. Appendix 1 Data Exporter Data importer Data subjects Categories of data Special categories of data (if appropriate) Processing operations DATA EXPORTER DATA IMPORTER EU Standard Contractual Clauses – Appendix 2 SIGNATURE FORM
EU Standard Contractual Clauses. For Services Data that is subject to the GDPR, Avalara complies with the EU Standard Contractual Clauses for international transfers in Commission Implementing Decision (EU) 2021/914 of 4 June 2021 (EU SCCs) for the transfer of personal data outside the European Economic Area (EEA), Modules 1-3 as noted below, in Exhibit 1. Under such EU SCCs, Customer will act as data exporter. Customer may be based within or outside the EEA. Customer may receive personal data from the EEA as a controller and as a processor under separate agreements. Avalara is based outside the EEA, acts as data importer, provides services to data exporter under separate commercial agreement(s) and agrees to the EU SCCs as a processor or sub-processor under Modules 2 and 3. Data exporter will provide all relevant instructions under Module 2 (as the controller) and under Module 3 (on the controller’s behalf). Customer instruct Avalara to provide Avalara’s standard services as described in Avalara’s commercial terms and service descriptions. For limited business contact information concerning individual representatives who provide instructions to Avalara, Avalara agrees to the EU SCCs as a controller under Module 1.
EU Standard Contractual Clauses. Modules and options
