Common use of Obligations of the Provider Clause in Contracts

Obligations of the Provider. 3.1 To the extent that 1&1 shall be considered a processor of Controller’s customer personal data. 3.2 Any additional processing of personal data shall only be in accordance with instruction from Controller, unless an exception applies as defined in the GDPR. 1&1 shall promptly inform Controller if it believes that an instruction of Controller violates applicable laws. In such cases, 1&1 reserves the right to refuse Controller’s instructions. 3.3 1 1 shall implement technical and organisational measures to protect Controller’s customer data and to ensure the confidentiality, integrity, availability and capacity of the systems and services. 1&1 shall be obliged, in accordance with the GDPR, to implement a procedure for regularly reviewing the technical and organisational measures designed to ensure the security of the processing. 3.4 1 1 reserves the right to alter the agreed security measures, provided that any such amendment ensures that the agreed level of protection shall not be materially diminished. 3.5 1&1 agrees to reasonably assist Controller in respect of any requests and claims in accordance with the GDPR. 3.6 1 1 shall ensure that employees, subcontractors and affiliates who may be involved in the processing of Controller's data shall act in accordance with this Agreement. 3.7 1 1 shall inform Controller promptly if 1&1 becomes aware of any breaches which affect Controller's personal data. 3.8 1 1 shall, once notified in writing, inform Controller of any request for disclosure of personal data by authorities, unless expressly prohibited under applicable laws. 3.9 Controller may contact the Data Protection Officer by sending an email to: xxxxxxxxxxxxx@0xxx0.xx.xx. 3.10 At termination of services, all customer data, personal or otherwise, shall be deleted (including the pseudonymisation of data) within an appropriate time, in accordance with applicable laws. 3.11 In the event of a claim against Controller regarding any of the rights defined under the GDPR, 1&1 shall provide reasonable assistance to the Controller to avert any such claim.

Obligations of the Provider. 3.1 3.1. To the extent that 1&1 shall be considered a processor of Controller’s customer personal data. 3.2 3.2. Any additional processing of personal data shall only be in accordance with instruction from Controller, unless an exception applies as defined in the GDPR. 1&1 shall promptly inform Controller if it believes that an instruction of Controller violates applicable laws. In such cases, 1&1 reserves the right to refuse Controller’s instructions. 3.3 3.3. 1 1 shall implement technical and organisational measures to protect Controller’s customer data and to ensure the confidentiality, integrity, availability and capacity of the systems and services. 1&1 shall be obliged, in accordance with the GDPR, to implement a procedure for regularly reviewing the technical and organisational measures designed to ensure the security of the processing. 3.4 3.4. 1 1 reserves the right to alter the agreed security measures, provided that any such amendment ensures that the agreed level of protection shall not be me materially diminished. 3.5 1&1 3.5. 1 1 agrees to reasonably assist Controller in respect of any requests and claims in accordance with the GDPR. 3.6 3.6. 1 1 shall ensure that employees, subcontractors and affiliates who may be involved in the processing of Controller's ’s data shall act in accordance with this Agreement. 3.7 3.7. 1 1 shall inform Controller promptly if 1&1 becomes aware of any breaches which affect Controller's ’s personal data. 3.8 3.8. 1 1 shall, once notified in writing, inform Controller of any request for disclosure of personal data by authorities, unless expressly prohibited under applicable laws. 3.9 3.9. Controller may contact the Data Protection Officer by sending an email to: to xxxxxxxxxxxxx@0xxx0.xx.xx. 3.10 3.10. At termination of services, all customer data, personal or otherwise, shall be deleted (including the pseudonymisation of data) within an appropriate time, in accordance with applicable laws. 3.11 3.11. In the event of a claim against Controller regarding any of the rights defined under the GDPR, 1&1 shall provide reasonable assistance to the Controller to avert any such claim.

Obligations of the Provider. 3.1 To the extent that 1&1 shall be considered a processor of Controller’s customer personal data. 3.2 Any additional processing of personal data shall only be in accordance with instruction from Controller, unless an exception applies as defined in the GDPR. 1&1 shall promptly inform Controller if it believes that an instruction of Controller violates applicable laws. In such cases, 1&1 reserves the right to refuse Controller’s instructions. 3.3 1 1 1&1 shall implement technical and organisational measures to protect Controller’s customer data and to ensure the confidentiality, integrity, availability and capacity of the systems and services. 1&1 shall be obliged, in accordance with the GDPR, to implement a procedure for regularly reviewing the technical and organisational measures designed to ensure the security of the processing. 3.4 1 1 reserves the right to alter the agreed security measures, provided that any such amendment ensures that the agreed level of protection shall not be materially diminished. 3.5 1&1 agrees to reasonably assist Controller in respect of any requests and claims in accordance with the GDPR. 3.6 1 1 shall ensure that employees, subcontractors and affiliates who may be involved in the processing of Controller's data shall act in accordance with this Agreement. 3.7 1 1 shall inform Controller promptly if 1&1 becomes aware of any breaches which affect Controller's personal data. 3.8 1 1 shall, once notified in writing, inform Controller of any request for disclosure of personal data by authorities, unless expressly prohibited under applicable laws. 3.9 Controller may contact the Data Protection Officer by sending an email to: xxxxxxxxxxxxx@0xxx0.xx.xxxxxxxxxxxxxxx@xxxxx.xx.xx. 3.10 At termination of services, all customer data, personal or otherwise, shall be deleted (including the pseudonymisation of data) within an appropriate time, in accordance with applicable laws. 3.11 In the event of a claim against Controller regarding any of the rights defined under the GDPR, 1&1 shall provide reasonable assistance to the Controller to avert any such claim.

Obligations of the Provider. 3.1 To the extent that 1&1 shall be considered a processor of Controller’s customer personal data. 3.2 Any additional processing of personal data shall only be in accordance with instruction from Controller, unless an exception applies as defined in the GDPR. 1&1 shall promptly inform Controller if it believes that an instruction of the Controller violates applicable laws. In such cases, 1&1 reserves the right to refuse Controller’s instructions. 3.3 1 1 shall implement technical and organisational measures to protect Controller’s customer data and to ensure the confidentiality, integrity, availability and capacity of the systems and services. 1&1 shall be obliged, in accordance with the GDPR, to implement a procedure for regularly reviewing the technical and organisational measures designed to ensure the security of the processing. 3.4 1 1 reserves the right to alter the agreed security measures, provided that any such amendment ensures that the agreed level of protection shall not be materially diminished. 3.5 1&1 agrees to reasonably assist Controller in respect of any requests and claims in accordance with the GDPR. 3.6 1 1 shall ensure that employees, subcontractors and affiliates who may be involved in the processing of Controller's data shall act in accordance with this Agreement. 3.7 1 1 shall inform Controller promptly if 1&1 becomes aware of any breaches which affect Controller's personal data. 3.8 1 1 shall, once notified in writing, inform Controller of any request for disclosure of personal data by authorities, unless expressly prohibited under applicable laws. 3.9 Controller may contact with the Data Protection Officer by sending an email to: xxxxxxxxxxxxx@0xxx0.xx.xxxxxxxxxxxxxxx@xxxxx.xx.xx. 3.10 At termination of services, all customer data, personal or otherwise, shall be deleted (including the pseudonymisation of data) within an appropriate time, in accordance with applicable laws. 3.11 In the event of a claim against Controller regarding any of the rights defined under the GDPR, 1&1 shall provide reasonable assistance to the Controller to avert any such claim.