Data Processing Agreement The Data Processing Agreement, including the Approved Data Transfer Mechanisms (as defined in the Data Processing Agreement) that apply to your use of the Services and transfer of Personal Data, is incorporated into this Agreement by this reference. Each party will comply with the terms of the Data Processing Agreement and will train its employees on DP Law.
Data Processing In this clause:
Details of Data Processing (a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.
Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller.
2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally.
2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest.
2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission.
2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data.
2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal framework on the protection of Personal Data. The practical consequence of this is that, in addition to the full responsibility of the Processor towards the Controller, she shall carry the same level of responsibility vis-à-vis the independent supervisory authority (and any other competent state authority) as well as the Natural Persons - Data Subjects of the data being processed.
End User Agreement This publication is distributed under the terms of Article 25fa of the Dutch Copyright Act. This article entitles the maker of a short scientific work funded either wholly or partially by Dutch public funds to make that work publicly available for no consideration following a reasonable period of time after the work was first published, provided that clear reference is made to the source of the first publication of the work. Research outputs of researchers employed by Dutch Universities that comply with the legal requirements of Article 25fa of the Dutch Copyright Act, are distributed online and free of cost or other barriers in institutional repositories. Research outputs are distributed six months after their first online publication in the original published version and with proper attribution to the source of the original publication. You are permitted to download and use the publication for personal purposes. All rights remain with the author(s) and/or copyrights owner(s) of this work. Any use of the publication other than authorised under this licence or copyright law is prohibited. If you believe that digital publication of certain material infringes any of your rights or (privacy) interests, please let the University Library know, stating your reasons. In case of a legitimate complaint, the University Library will, as a precaution, make the material inaccessible and/or remove it from the website. Please contact the University Library through email: xxxxxxxxx@xxx.xx.xx. You will be contacted as soon as possible. University Library Radboud University
LOAN SERVICES ADDENDUM If a Fund directs the Custodian in writing to perform loan services, the Custodian and the Fund will be bound by the terms of the Loan Services Addendum attached hereto. The Fund shall reimburse Custodian for its fees and expenses related thereto as agreed upon from time to time in writing by the Fund and the Custodian.
REMOTE ACCESS SERVICES ADDENDUM The Custodian and each Fund agree to be bound by the terms of the Remote Access Services Addendum hereto.
Service Level Agreement 6.1 NCR Voyix will use commercially reasonable efforts to make the Service available to you at or above the Availability Rate set forth at xxxxx://xxx.xxx.xxx/support/aloha-sla. If NCR Voyix does not meet the Availability Rate, you are entitled to request a service-level credit subject to the terms of this Agreement. This credit is calculated as a percentage of the monthly recurring bill (or monthly pro rata share of billing, if billing does not occur monthly) for the Service for the month in which the Availability Rate was not met. The Availability Rate is determined by: (a) dividing the total number of valid outage minutes in a calendar month by the total number of minutes in that month; (b) subtracting that quotient from 1.00; (c) multiplying that difference by 100; and (d) rounding that result to two decimal places in accordance with standard rounding conventions. The number of outage minutes per day for a given service is determined by the lesser of the number of outage minutes.
6.2 Unavailability due to other conditions or caused by factors outside of NCR Voyix’s reasonable control will not be included in the calculation of the Availability Rate. Further, the following are expressly excluded from the calculation of the Availability Rate: (a) service unavailability affecting services or application program interfaces that are not used by you; (b) cases where fail-over to another data center is available but not utilized; (c) transient time-outs, required re-tries, or slower-than-normal response caused by factors outside of NCR Voyix’s reasonable control; (d) Scheduled Downtime, including maintenance and upgrades; (e) force majeure; (f) transmission or communications outages outside the NCR Voyix- controlled environment; (g) store-level down-time caused by factors outside of NCR Voyix’s reasonable control; (h) outages attributable to services, hardware, or software not provided by NCR Voyix, including, but not limited to, issues resulting from inadequate bandwidth or related to third-party software or services;
(i) use of the Service in a manner inconsistent with the documentation for the application program interface or the NCR Voyix Product; (j) your Point of Sale (“POS”) failure or the failure to properly maintain the POS environment, including updating the POS firmware or version of the software running on the POS as recommended by either NCR Voyix, a third-party POS reseller or servicer; and (k) issues related to third party domain name system (“DNS”) errors or failures.
6.3 To obtain a service-level credit, you must submit a claim by contacting NCR Voyix through the website at xxxxx://xxx.xxx.xxx/support/aloha-sla Your failure to provide the claim and other information will disqualify you from receiving a credit. NCR Voyix must receive claims within 60 days from the last day of the impacted month. After that date, claims are considered waived and will be refused. You must be in compliance with the Agreement in order to be eligible for a service-level credit. You may not unilaterally offset for any performance or availability issues any amount owed to NCR Voyix. If multiple Services experience an outage in a given month, the total credit for that month will be the highest credit allowed for any single Service which failed; there is no stacking of credits.
6.4 The remedies set forth in the Section are your sole and exclusive remedies for performance or availability issues affecting the Services, including any failure by NCR Voyix to achieve the Availability Rate.
Processing of Customer Personal Data 3.1 UKG will:
3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data.
3.2 Customer hereby:
3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement.
3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and
3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law.
3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
Detailed Description of Services / Statement of Work Describe fully the services that Contractor will provide, or add and attach Exhibit B to this Agreement.
