Common use of Government Access Requests Clause in Contracts

Government Access Requests. 9.1 In its role as a Processor, Supplier shall maintain appropriate measures to protect Personal Data in accordance with the requirements of Data Protection Laws. If Supplier receives a legally binding request to access Personal Data from a law enforcement agency, Supplier shall, unless legally prohibited: (a) promptly notify Customer including a summary of the request; (b) inform the requesting government authority that Supplier is a service provider and it is not authorized to disclose the Personal Data; (c) inform the requesting government authority that all requests for the Personal Data must be sent to Customer; and (d) not provide access to the Personal Data unless authorized by Customer in writing. To the extent Supplier is prohibited by law from providing such notification, Supplier shall use commercially reasonable efforts to obtain a waiver of the prohibition to enable Supplier to communicate to Customer as much information as possible, as soon as possible. Further, Supplier may challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful. Supplier may pursue possibilities of appeal and may request Customer to cover expenses for such appeal. Supplier shall promptly notify Customer if Supplier becomes aware of any direct access by a Public Authority to Personal Data and provide information available to Supplier, to the extent permitted by law. For the avoidance of doubt, this DPA shall not require Supplier to pursue action or inaction that could result in civil or criminal penalty for Supplier. Supplier shall not disclose Personal Data in a massive, disproportionate, and indiscriminate manner that goes beyond what is necessary in a democratic society. Supplier shall ensure that Sub-Processors involved in the processing of Personal Data are subject to the relevant commitments regarding government access requests in the SCCs. Supplier shall ensure that Sub-Processors are subject to the relevant commitments regarding such government access requests.

Appears in 4 contracts

Samples: Master Services Agreement, Master Services Agreement, Data Processing Agreement

AutoNDA by SimpleDocs

Government Access Requests. 9.1 In its role as a Processor, Supplier Xactly shall maintain appropriate measures to protect Personal Data in accordance with the requirements of Data Protection LawsLaws and Regulations, including by implementing appropriate technical and organizational safeguards to protect Personal Data against any interference that goes beyond what is necessary in a democratic society to safeguard national security, defense and public security. If Supplier Xactly receives a legally binding request to access Personal Data from a law enforcement agencyPublic Authority, Supplier Xactly shall, unless otherwise legally prohibited: (a) , promptly notify Customer including a summary of the nature of the request; (b) inform the requesting government authority that Supplier is a service provider and it is not authorized to disclose the Personal Data; (c) inform the requesting government authority that all requests for the Personal Data must be sent to Customer; and (d) not provide access to the Personal Data unless authorized by Customer in writing. To the extent Supplier Xactly is prohibited by law from providing such notification, Supplier Xactly shall use commercially reasonable efforts to obtain a waiver of the prohibition to enable Supplier Xactly to communicate to Customer as much information as possible, as soon as possible. Further, Supplier may Xactly shall challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful. Supplier may Xactly shall pursue possibilities of appeal and may request Customer to cover expenses for such appeal. Supplier When challenging a request, Xactly shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the Personal Data requested until required to do so under the applicable procedural rules. Xactly agrees it will provide the minimum amount of information permissible when responding to a request for disclosure, based on a reasonable interpretation of the request. Xactly shall promptly notify Customer if Supplier Xactly becomes aware of any direct access by a Public Authority to Personal Data and provide information available to SupplierXactly in this respect, to the extent permitted by law. For the avoidance of doubt, this DPA shall not require Supplier Xactly to pursue action or inaction that could result in civil or criminal penalty for Supplier. Supplier shall not disclose Personal Data in a massive, disproportionate, and indiscriminate manner that goes beyond what is necessary in a democratic society. Supplier shall ensure that Sub-Processors involved in the processing Xactly such as contempt of Personal Data are subject to the relevant commitments regarding government access requests in the SCCs. Supplier shall ensure that Sub-Processors are subject to the relevant commitments regarding such government access requestscourt.

Appears in 2 contracts

Samples: Data Processing Addendum, Data Processing Addendum

Government Access Requests. 9.1 iSpring requirements. In its role as a Processor, Supplier iSpring shall maintain appropriate measures to protect Personal Data in accordance with the requirements of the applicable Data Protection LawsLaws and Regulations, including by implementing appropriate technical and organizational safeguards to protect Personal Data against any interference that goes beyond what is necessary in a democratic society to safeguard national security, defense and public security. If Supplier iSpring receives a legally binding request to access Personal Data from a law enforcement agencyPublic Authority, Supplier iSpring shall, unless otherwise legally prohibited: (a) , promptly notify Customer including a summary of the nature of the request; (b) inform the requesting government authority that Supplier is a service provider and it is not authorized to disclose the Personal Data; (c) inform the requesting government authority that all requests for the Personal Data must be sent to Customer; and (d) not provide access to the Personal Data unless authorized by Customer in writing. To the extent Supplier iSpring is prohibited by law from providing such notification, Supplier iSpring shall use commercially reasonable efforts to obtain a waiver of the prohibition to enable Supplier iSpring to communicate to Customer as much information as possible, as soon as possible. Further, Supplier may iSpring shall challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful. Supplier may iSpring shall pursue possibilities of appeal and may request Customer to cover expenses for such appeal. Supplier When challenging a request, iSpring shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the Personal Data requested until required to do so under the applicable procedural rules. iSpring agrees it will provide the minimum amount of information permissible when responding to a request for disclosure, based on a reasonable interpretation of the request. iSpring shall promptly notify Customer if Supplier iSpring becomes aware of any direct access by a Public Authority to Personal Data and provide information available to SupplieriSpring in this respect, to the extent permitted by law. For the avoidance of doubt, this DPA shall not require Supplier to pursue action or inaction that could result in civil or criminal penalty for SupplierSub-processors requirements. Supplier shall not disclose Personal Data in a massive, disproportionate, and indiscriminate manner that goes beyond what is necessary in a democratic society. Supplier iSpring shall ensure that Sub-Processors processors involved in the processing Processing of Personal Data are subject to the relevant commitments regarding government access requests Government Access Requests in the SCCsStandard Contractual Clauses. 10. Supplier Deletion or return of Customer Data 10.1. Subject to sections 10.2 and 10.3 iSpring and each iSpring Affiliate shall ensure that Sub-Processors are subject to promptly and in any event within thirty (30) days of the relevant commitments regarding such government access requestsdate of cessation of any Products involving the Processing of Customer Data (the "Cessation Date"), delete and procure the deletion of all copies of those Customer Data.

Appears in 1 contract

Samples: Data Processing Agreement

AutoNDA by SimpleDocs

Government Access Requests. 9.1 In its role as a Processorprocessor, Supplier Sourcegraph shall maintain appropriate measures to protect Personal Data in accordance with the requirements of applicable law, including by implementing appropriate technical and organizational safeguards to protect Customer Personal Data Protection Lawsagainst any interference that goes beyond what is necessary in a democratic society to safeguard national security, defense and public security. If Supplier Sourcegraph receives a legally binding request to access Customer Personal Data from a law enforcement agencyPublic Authority, Supplier Sourcegraph shall, unless otherwise legally prohibited: (a) , promptly notify Customer including a summary of the nature of the request; (b) inform the requesting government authority that Supplier is a service provider and it is not authorized to disclose the Personal Data; (c) inform the requesting government authority that all requests for the Personal Data must be sent to Customer; and (d) not provide access to the Personal Data unless authorized by Customer in writing. To the extent Supplier Sourcegraph is prohibited by law from providing such notification, Supplier Sourcegraph shall use commercially reasonable efforts to obtain a waiver of the prohibition to enable Supplier Sourcegraph to communicate to Customer as much information as possible, as soon as possible. Further, Supplier may Sourcegraph shall challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful. Supplier may Sourcegraph shall pursue possibilities of appeal and may request Customer to cover expenses for such appeal. Supplier When challenging a request, Sourcegraph shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the Customer Personal Data requested until required to do so under the applicable procedural rules. Sourcegraph agrees it will provide the minimum amount of information permissible when responding to a request for disclosure, based on a reasonable interpretation of the request. Sourcegraph shall promptly notify Customer if Supplier Sourcegraph becomes aware of any direct access by a Public Authority to Customer Personal Data and provide information available to SupplierSourcegraph in this respect, to the extent permitted by law. For the avoidance of doubt, this DPA shall not require Supplier Sourcegraph to pursue action or inaction that could result in civil or criminal penalty for Supplier. Supplier shall not disclose Personal Data in a massive, disproportionate, and indiscriminate manner that goes beyond what is necessary in a democratic society. Supplier shall ensure that Sub-Processors involved in the processing Sourcegraph such as contempt of Personal Data are subject to the relevant commitments regarding government access requests in the SCCs. Supplier shall ensure that Sub-Processors are subject to the relevant commitments regarding such government access requestscourt.

Appears in 1 contract

Samples: Data Processing Agreement

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!