INTERNATIONAL DATA EXPORTS. 6.1 Data Controller acknowledges that Data Processor and its Sub-processors may maintain data processing operations in countries that are outside of the EEA and Switzerland. As such, Data Processor and its Sub- processors may Process Personal Data in non-EEA and non-Swiss countries. This will apply even where Data Controller has agreed with Data Processor to host Personal Data in the EEA in accordance with Zendesk’s Regional Data Hosting Policy if such non- EEA Processing is necessary to provide support- related or other services requested by Data Controller.
INTERNATIONAL DATA EXPORTS. 6.1 Subscriber acknowledges that Zendesk and its Sub-processors may process Personal Data in countries that are outside of the EEA, United Kingdom, and Switzerland (“European Countries”). This will apply even where Subscriber has agreed with Zendesk to host Personal Data in the EEA in accordance with Zendesk’s Regional Data Hosting Policy if such non-European Countries processing is necessary to provide support-related or other services requested by Subscriber. If Personal Data is transferred to a country or territory outside of European Countries, then such transfer will only take place if: (a) the country ensures an adequate level of data protection;
(b) one of the conditions listed in Article 46 GDPR (or its equivalent under any successor legislation) is satisfied; or (c) the Personal Data is transferred on the basis of the Zendesk Binding Corporate Rules as set out in Section 6.2 and which establish appropriate safeguards for such Personal Data and are legally binding on the Zendesk Group.
INTERNATIONAL DATA EXPORTS. 7.1. Data Controller acknowledges that Data Processor and its Sub-Processors may maintain data processing operations in countries that are outside of the EEA (including the UK ) as such, both Data Processor and its Sub-Processors may Process Personal Data in non-EEA countries. This will apply even where Data Controller has agreed with Data Processor to host Personal Data in the EEA if such non-EEA Processing is necessary to provide support-related or other services requested by Data Controller.
7.2. Data Processor will make best endeavours to limit data exports to non-EEA countries to what is strictly necessary.
7.3. In all cases where transfers to non-EEA countries may take place, these transfers will be subject to necessary safeguards as defined within applicable Data Protection Law.
INTERNATIONAL DATA EXPORTS. 6.1 Subscriber acknowledges that if Zendesk and its Sub-processors process Personal Data subject to the GDPR, UK Data Protection Law, or FADP (“European Data”), Zendesk may process such data in countries that are outside of the EEA, United Kingdom, and Switzerland (“European Countries”). This will apply even where Subscriber has agreed with Zendesk to host Personal Data in the EEA in accordance with Zendesk’s Regional Data Hosting Policy. If Zendesk processes European Data in a country that has not received an adequacy decision from the European Commission or Swiss or UK authorities, as applicable, such transfer shall take place on the basis of (i) the Zendesk Binding Corporate Rules as set out in Section 6.2, or (ii) the EU SCCs and/or UK Addendum, as applicable. In the event the Services are covered by more than one transfer mechanism, the transfer of Personal Data will be subject to a single transfer mechanism in the order listed in this Section. If neither (i) nor (ii) is applicable, the Parties agree to work in good faith without undue delay to implement an appropriate transfer mechanism authorised under Applicable Data Protection Law.
INTERNATIONAL DATA EXPORTS. 7.1 Data Controller acknowledges that Data Processor and its Sub-processors may maintain data processing operations in countries that are outside of the EEA and Switzerland. As such, both Data Processor and its Sub-processors may Process Personal Data in non-EEA and non-Swiss countries. This will apply even where Data Controller has agreed with Data Processor to host Personal Data in the EEA if such non-EEA Processing is necessary to provide support-related or other services requested by Data Controller.
7.2 Where Data Controller is self-certified to the Privacy Shield Framework and transfers Personal Data from the EEA or Switzerland to Data Processor, Data Controller is obliged under the terms of the Privacy Shield Framework to flow down the following requirements and Data Processor hereby agrees:
(i) to provide at least the same level of protection to such Personal Data as is required by the Privacy Shield Principles;
(ii) to notify Data Controller if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles; and
(iii) upon notice, including under Section 7.2(ii) above, to work with Data Controller to take reasonable and appropriate steps to stop and remediate any unauthorized processing of the Personal Data.
7.3 Where Data Controller is not self-certified to the Privacy Shield Framework, this section shall apply in place of Section 7.2 above. Where Data Processor Processes or permits any Sub-processor to Process Personal Data outside the EEA or Switzerland, Data Processor shall comply with the EU Commission's "Controller-to• Processor Model Clauses" (annexed to EU Commission Decision 2010/87/EU). The Parties have agreed to practical interpretations of certain provisions contained within the Controller-to-Processor Model Clauses, as permitted by the Article 29 Working Party. These interpretations clarify how Data Processor should implement the Model Clauses in practice, and are set out in Appendix 3 to this Agreement.
7.4 The Parties agree that each Party may disclose any relevant privacy provisions in this Agreement to the US Department of Commerce, the Federal Trade Commission or a relevant European Data Protection Supervisory Authority.
INTERNATIONAL DATA EXPORTS. 7.1. Data Controller acknowledges that Data Processor and its Sub-Processors may maintain data processing operations in countries that are outside of the EEA. As such, both Data Processor and its Sub-Processors may Process Personal Data in non-EEA countries..
7.2. Data Processor will make best endeavors to limit data exports to non-EEA countries to what is strictly necessary.
7.3. In all cases where transfers to non-EEA countries may take place, these transfers will be subject to necessary safeguards as defined within applicable Data Protection Law.
INTERNATIONAL DATA EXPORTS. 6.1 Data Controller acknowledges that Data Processor and its Sub-processors may maintain data processing operations in countries that are outside of the EEA, United Kingdom, and Switzerland. As such, Data Processor and its Sub-processors may Process Personal Data in non-EEA, non-United Kingdom and non-Swiss countries. This will apply even where Data Controller has agreed with Data Processor to host Personal Data in the EEA in accordance with Zendesk’s Regional Data Hosting Policy if such non- EEA Processing is necessary to provide support- related or other services requested by Data Controller. If Personal Data is transferred to a country or territory outside of the EEA, then such transfer will only take place if: (a) the non-EEA country in question ensures an adequate level of data protection; (b) one of the conditions listed in Article 46 GDPR (or its equivalent under any successor legislation) is satisfied; or (c) the Personal Data is transferred on the basis of Zendesk’s
INTERNATIONAL DATA EXPORTS. 6.1 Subscriber acknowledges that if Zendesk and its Sub-processors process Personal Data subject to the GDPR, UK Data Protection Law, or FADP (“European Data”), Zendesk may process such data in countries that are outside of the EEA, United Kingdom, and Switzerland (“European Countries”). This will apply even where Subscriber has agreed with Zendesk to host Personal Data in the EEA in accordance with Zendesk’s Regional Data Hosting Policy. If Zendesk processes European Data in a country that has not received an adequacy decision from the European Commission or Swiss or UK authorities, as applicable, such transfer shall take place on the basis of (i) the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), as applicable; (ii) the Zendesk Binding Corporate Rules as set out in Section 6.2; or
INTERNATIONAL DATA EXPORTS. Simplifi processes data in the U.S., which may require the transfer of personal data outside of the EU/EEA to the US or other countries outside the EU/EEA which do not require the same level of data protection as the EU. The U.S. has not been deemed by the EU Commission to have adequate data protection laws. To the extent that, under this Addendum, Simplifi processes any personal data of EU, Swiss or EEA residents (“EU Personal Data”) is for Customer or on behalf of Customer, and EU Personal Data is being transferred outside the EEA to a country that is not recognized by the European Commission as providing an adequate level of protection for personal data (as set forth in the GDPR), then the parties shall enter in the SCCs, which is hereby incorporated by reference and attached as Annex
1. If Customer does not accept the SCCs, Simplifi reserves the right, in its sole discretion to cease processing EU Personal Data.
