Common use of Obligations of the data exporter Clause in Contracts

Obligations of the data exporter. The data exporter agrees and warrants: (a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State; (b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses; (c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures as specified on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement); (d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation; (e) that it will ensure compliance with the security measures; (f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC; (g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension; (h) to make available to the data subjects upon request a copy of the Clauses, with the exception of the security measures mentioned on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement), and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information; (i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and (j) that it will ensure compliance with Clause 4(a) to (i).

Obligations of the data exporter. The data exporter Data Exporter agrees and warrants: (a) that a. That the processingProcessing, including the transfer itself, of the personal data Personal Data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law Applicable Data Protection Law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter Data Exporter is established) and does not violate the relevant provisions of that State;. (b) that b. That it has instructed and throughout the duration of the personal data processing Personal Data-Processing services will instruct the data importer Data Importer to process Process the personal data Personal Data transferred only on the data exporter's Data Exporter’s behalf and in accordance with the applicable data protection law and Applicable Data Protection Law, the Clauses;Master Agreement and/or this Addendum. (c) that c. That the data importer Data Importer will provide sufficient guarantees in respect of the technical and organisational organizational security measures as specified on the Cover Page of the Data Processor Agreement (and any appendices in Annex 2 to the Data Processor Agreement);this Appendix. (d) that d. That after assessment of the requirements of the applicable data protection lawApplicable Data Protection Law, the security measures are appropriate to protect personal data Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised unauthorized disclosure or access, in particular where the processing Processing involves the transmission of data over a network, and against all other unlawful forms of processingProcessing, and that these measures ensure a level of security appropriate to the risks presented by the processing Processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;, and business resources. (e) that e. That it will ensure compliance with the security measures;. (f) thatf. That, if the transfer involves special categories Special Categories of dataData, the data subject Data Subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC; (g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension; (h) to make available to the data subjects upon request a copy of the Clauses, with the exception of the security measures mentioned on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement), and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information; (i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and (j) that it will ensure compliance with Clause 4(a) to (i)GDPR.

Obligations of the data exporter. The data exporter Data Exporter agrees and warrants: (a) that a. That the processingProcessing, including the transfer itself, of the personal data Personal Data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law Applicable Data Protection Law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter Data Exporter is established) and does not violate the relevant provisions of that State;. (b) that b. That it has instructed and throughout the duration of the personal data processing Personal Data-Processing services will instruct the data importer Data Importer to process Process the personal data Personal Data transferred only on the data exporter's Data Exporter’s behalf and in accordance with the applicable data protection law and Applicable Data Protection Law, the Clauses;Master Agreement and/or this Addendum. (c) that c. That the data importer Data Importer will provide sufficient guarantees in respect of the technical and organisational organizational security measures as specified on the Cover Page of the Data Processor Agreement (and any appendices in Annex 2 to the Data Processor Agreement);this Appendix. (d) that d. That after assessment of the requirements of the applicable data protection lawApplicable Data Protection Law, the security measures are appropriate to protect personal data Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised unauthorized disclosure or access, in particular where the processing Processing involves the transmission of data over a network, and against all other unlawful forms of processingProcessing, and that these measures ensure a level of security appropriate to the risks presented by the processing Processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;, and business resources. (e) that e. That it will ensure compliance with the security measures;. (f) thatf. That, if the transfer involves special categories Special Categories of dataData, the data subject Data Subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;the GDPR. (g) to g. To forward any notification received from the data importer Data Importer or any subprocessor Sub-Processor pursuant to Clause Section 5(b) and Clause Section 8(3) to the data protection supervisory authority Supervisory Authority if the data exporter Data Exporter decides to continue the transfer or to lift the suspension;. (h) to h. To make available to the data subjects Data Subjects upon request a copy of the Clausesthis Appendix, with the exception of the security measures mentioned on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement)Annex 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing sub- Processing services which has to be made in accordance with the Clausesthis Appendix, unless the Clauses Appendix or the contract contain commercial information, in which case it may remove such commercial information;. (i) thati. That, in the event of subprocessingsub-Processing, the processing Processing activity is carried out in accordance with Clause Section 11 by a subprocessor Sub- Processor providing at least the same level of protection for the personal data Personal Data and the rights of data subject Data Subject as the data importer Data Importer under the Clauses; andthis Appendix. (j) that j. That it will ensure compliance with Clause Section 4(a) to (i).

Obligations of the data exporter. The data exporter Data Exporter agrees and warrants: (a) that a. That the processingProcessing, including the transfer itself, of the personal data Personal Data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law Applicable Data Protection Law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter Data Exporter is established) and does not violate the relevant provisions of that State;. (b) that b. That it has instructed and throughout the duration of the personal data processing Personal Data-Processing services will instruct the data importer Data Importer to process Process the personal data Personal Data transferred only on the data exporter's Data Exporter’s behalf and in accordance with the applicable data protection law and Applicable Data Protection Law, the Clauses;Master Agreement and/or this Addendum. (c) that c. That the data importer Data Importer will provide sufficient guarantees in respect of the technical and organisational organizational security measures as specified on the Cover Page of the Data Processor Agreement (and any appendices in Annex 2 to the Data Processor Agreement);this contract. (d) that d. That after assessment of the requirements of the applicable data protection lawApplicable Data Protection Law, the security measures are appropriate to protect personal data Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised unauthorized disclosure or access, in particular where the processing Processing involves the transmission of data over a network, and against all other unlawful forms of processingProcessing, and that these measures ensure a level of security appropriate to the risks presented by the processing Processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;. (e) that e. That it will ensure compliance with the security measures;. (f) thatf. That, if the transfer involves special categories Special Categories of dataData, the data subject Data Subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;the GDPR. (g) to g. To forward any notification received from the data importer Data Importer or any subprocessor sub-Processor pursuant to Clause Section 5(b) and Clause Section 8(3) to the data protection supervisory authority Supervisory Authority if the data exporter Data Exporter decides to continue the transfer or to lift the suspension;. (h) to h. To make available to the data subjects Data Subjects upon request a copy of the Clausesthis Addendum, with the exception of the security measures mentioned on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement)Annex 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing sub-Processing services which has to be made in accordance with the Clausesthis Addendum, unless the Clauses Addendum or the contract contain commercial information, in which case it may remove such commercial information;. (i) thati. That, in the event of subprocessingsub-Processing, the processing Processing activity is carried out in accordance with Clause Section 11 by a subprocessor sub-Processor providing at least the same level of protection for the personal data Personal Data and the rights of data subject Data Subject as the data importer Data Importer under the Clauses; andthis Addendum. (j) that j. That it will ensure compliance with Clause Section 4(a) to (i).

Obligations of the data exporter. The data exporter Data Exporter agrees and warrants: (a) that a. That the processingProcessing, including the transfer itself, of the personal data Personal Data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law Applicable Data Protection Law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter Data Exporter is established) and does not violate the relevant provisions of that State;. (b) that b. That it has instructed and throughout the duration of the personal data processing Personal Data-Processing services will instruct the data importer Data Importer to process Process the personal data Personal Data transferred only on the data exporterData Exporter's behalf and in accordance with the applicable data protection law and Applicable Data Protection Law, the Clauses;Master Agreement and/or this Addendum. (c) that c. That the data importer Data Importer will provide sufficient guarantees in respect of the technical and organisational organizational security measures as specified on the Cover Page of the Data Processor Agreement (and any appendices in Annex 2 to the Data Processor Agreement);this Appendix. (d) that d. That after assessment of the requirements of the applicable data protection lawApplicable Data Protection Law, the security measures are appropriate to protect personal data Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised unauthorized disclosure or access, in particular where the processing Processing involves the transmission of data over a network, and against all other unlawful forms of processingProcessing, and that these measures ensure a level of security appropriate to the risks presented by the processing Processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;, and business resources. (e) that e. That it will ensure compliance with the security measures;. (f) thatf. That, if the transfer involves special categories Special Categories of dataData, the data subject Data Subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;the GDPR. (g) to g. To forward any notification received from the data importer Data Importer or any subprocessor Sub-Processor pursuant to Clause Section 5(b) and Clause Section 8(3) to the data protection supervisory authority Supervisory Authority if the data exporter Data Exporter decides to continue the transfer or to lift the suspension;. (h) to h. To make available to the data subjects Data Subjects upon request a copy of the Clausesthis Appendix, with the exception of the security measures mentioned on the Cover Page of the Data Processor Agreement (and any appendices to the Data Processor Agreement)Annex 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing sub-Processing services which has to be made in accordance with the Clausesthis Appendix, unless the Clauses Appendix or the contract contain commercial information, in which case it may remove such commercial information;. (i) thati. That, in the event of subprocessingsub-Processing, the processing Processing activity is carried out in accordance with Clause Section 11 by a subprocessor Sub-Processor providing at least the same level of protection for the personal data Personal Data and the rights of data subject Data Subject as the data importer Data Importer under the Clauses; andthis Appendix. (j) that j. That it will ensure compliance with Clause Section 4(a) to (i).