Obligations Processor Clause Samples

Obligations Processor. 3.1. With regard to the processing referred to in Article 1, Processor shall ensure compliance with the conditions laid down, pursuant to the GDPR, for the processing of personal data by Processor in its role. 3.2. Processor shall inform Controller, at its first request and within a reasonable period of time, of the measures taken regarding its obligations under this DPA. 3.3. Processor shall notify Controller if, in its opinion, an instruction from Controller is in breach of relevant privacy laws and regulations. 3.4. Processor shall provide Controller with the necessary cooperation when a data protection impact assessment, or prior consultation of the supervisor, should be necessary in the context of the processing. 3.5. The obligations of Processor arising from this DPA also apply to those who process personal data under the authority of Processor, including but not limited to employees, in the broadest sense of the word. 3.6. The processing takes place under the responsibility of Controller. 3.7. Processor shall only make the personal data available to those employees who need the personal data for the performance of their work or who necessarily need to take note of the personal data in the context of and for the performance of the Agreement, and shall otherwise keep it confidential, except where it is subject to different statutory obligations.
View SourceView Similar (4)
Obligations Processor. 2.1 Processor will process the personal data solely upon instruction and on behalf of Controller. The processing of the personal data will occur in accordance with the written instructions of Controller and the GDPR, such under (ultimate) responsibility of Controller. Processor will only process the personal data for other, own purposes to the extent it obtains a legitimate ground, such as consent of the data subject, for such processing. 2.2 Processor’s obligations under this DPA will also apply to third parties processing personal data on behalf of Processor, such as but limited to employees. 2.3 To the extent within Processor’s power, Processor will provide assistance to Controller in the execution of data protection impact assessments (DPIA). Processor may charge Controller with the reasonable costs in connection with providing such assistance. 2.4 Processor will generally process the personal data in countries within the European Economic Area (EEA). The transfer of personal data to countries outside the EER is permitted, provided such transfer meets the applicable legal requirements. In such event, Processor will inform Controller of the country or countries involved.
View Source
Obligations Processor. 2.1 With regard to the processing operations referred to in Article 1, the Processor will ensure compliance with the applicable laws and regulations, including in any case the laws and regulations in the field of the protection of (personal) data, such as the General Regulation Data Protection (GDPR). 2.2 The Processor will inform the Controller, at its first request, about the measures it has taken regarding its obligations under this Processing Agreement. 2.3 The Processor is expressly not permitted to use personal data for its own purposes. The Processor ensures that these obligations are also fulfilled by the personnel it engages. 2.4 The obligations of the Processor arising from this Processing Agreement also apply to those who process (personal) data under the authority of the Processor, including but not limited to employees, in the broadest sense of the word. 2.5 The Processor will immediately notify the Controller if, in its opinion, an instruction from the Controller constitutes a breach of privacy laws and regulations or may lead to this. The Processor accompanies this notification of the motivated reasons why the Processor believes that the instruction constitutes or may constitute an infringement of privacy laws and regulations.
View Source
Obligations Processor. 4.1 Processor undertakes to take measures to guarantee the confidentiality, integrity and availability of the information provision. 4.2 Processor works in accordance with ISO 27001. 4.3 The Processor will inform the Controller, at its first request, about these measures it has taken and the measures regarding its obligations under this Processor Agreement. 4.4 The Processor will limit the distribution of personal data or other data of the Controller necessary for the functioning of PublicSonar and for the purposes and processing referred to in Article 2 to a minimum. 4.5 The obligations of the Processor arising from this Processor Agreement also apply to those who process personal data under the authority of the Processor, including but not limited to employees, in the broadest sense of the word.
View Source

Related to Obligations Processor

  • Obligations of the Processor 3.1 The Processor undertakes to carry out Data Processing exclusively on the basis of documented instructions from the Controller. If the Processor considers an instruction of the Controller to be unlawful, the Processor shall be entitled to suspend the implementation of the relevant instruction until it is confirmed or amended by the Controller. 3.2 The Processor shall be obliged to treat confidentially any personal data of which it becomes aware in connection with the Data Processing. The Processor shall impose a confidentiality obligation on all persons authorized by it to process the data, unless they are already subject to a statutory duty of confidentiality. The obligation of confidentiality and non-disclosure shall continue to apply after termination of this DPA. 3.3 The Processor shall take all necessary technical and organizational measures within the meaning of Art. 32 of the GDPR. These technical and organizational measures are data security measures to ensure a level of protection appropriate to the risk with regard to confidentiality, integrity, availability and the resilience of the systems. They shall take into account the state of the art, the costs of implementation and the nature, scope and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. The technical and organizational measures taken by the Processor are available at ▇▇▇▇▇://▇▇▇▇.▇▇/en/legal in the current version. 3.4 The Processor shall, where possible, support the Controller with appropriate technical and organizational measures to enable the Controller to comply with the data subject rights under Chapter III of the GDPR within the legal time limits and shall provide the Controller with the necessary information to do so upon the Controller's request, provided that the Processor has such information. If a subject submits a request to the Processor to exercise the data subject rights, the Processor shall be obliged to forward the request to the Controller if the request relates to Data Processing by the Controller. 3.5 The Processor shall support the Controller in the performance of the obligations incumbent upon the Controller pursuant to Art. 32 to 36 of the GDPR, which shall include, but not be limited to, the implementation of security measures, the notification of data protection breaches and, where applicable, the preparation of a data protection impact assessment. 3.6 The Processor shall delete the personal data of the Data Processing after the expiry of the retention periods provided for in the Main Agreement and/or without delay at the request of the Controller. If the Controller expressly requests this, the personal data shall be returned to the Party. Statutory retention periods remain unaffected by this. 3.7 The Processor is obliged to provide the Controller with information at the latter's request in order to demonstrate compliance with the obligations pursuant to Art. 28 of the GDPR. The Processor shall support the Controller in verifying the Data Processing and shall grant the Controller access to the documents and technical systems necessary for verifying the Data Processing in accordance with Section 5 of this DPA. 3.8 To the extent permitted by law, the Processor shall inform the Controller about control actions and measures taken by the supervisory authorities insofar as they relate to the Controller's Data Processing operations.

  • Client Obligations 3.1 The Client warrants and represents that: 3.1.1 it shall co-operate with Centaur as required for the proper performance of the Services; 3.1.2 it shall provide, for Centaur, its agents, subcontractors, consultants and employees, in a timely manner and at no charge, access to the Client's premises during normal office hours (being Monday – Friday 8am – 6pm), office accommodation, data and other facilities as is reasonably required by Centaur or any of them for the proper performance of the Services; 3.1.3 all information it has provided to Centaur in relation to the Services as at the date of the Order Form is accurate, complete and is not misleading and it shall provide, in a timely manner, such further information and Client Material as Centaur may require for the proper performance of the Services, and ensure that such information and Client Material is accurate, complete and not misleading; 3.1.4 it shall be responsible (at its own cost) for preparing and maintaining the relevant premises for the supply of the Services; 3.1.5 it shall inform Centaur of all health and safety rules and regulations and any other reasonable security requirements that apply at any of the Client's premises; 3.1.6 it shall only use the Services for internal business purposes and, without prejudice to the foregoing, shall not use the Services, the Deliverables or any Centaur Materials to develop a product or service that competes with any of the products or services provided by Centaur; 3.1.7 the Client Materials shall not infringe any third party rights, including any third party Intellectual Property Rights; and 3.1.8 it shall obtain and maintain all necessary licences and consents and comply with all relevant legislation in relation to the Services, before the date on which the Services are to start. 3.2 If Centaur's performance of its obligations under this Agreement is prevented or delayed by any act or omission of the Client, its agents, subcontractors, consultants or employees, Centaur shall not be liable for any costs, charges or losses sustained or incurred by the Client that arise directly or indirectly from such prevention or delay.

  • Obligations of Customer Axway’s indemnification obligation is contingent upon the Customer: (a) giving immediate written notice to Axway of any such Infringement Claim; (b) giving Axway control of the defense and related settlement negotiations, provided, however that Axway will obtain the Customer’s prior written consent, which shall not be unreasonably withheld or delayed, if any settlement of such an Infringement Claim requires Customer to admit liability, take or refrain from taking any particular action other than cessation of use of the infringing Services, Product, or Deliverable , and (c) assisting in the defense at Axway’s reasonable request, provided Axway agrees to pay Customer’s reasonable expenses in connection therewith. The Customer may participate in such defense and in any settlement discussions directly or through counsel of the Cus tomer’s choice, at the Customer’s expense, provided such participation does not materially prejudice Axway’s sole control of the defense or cause Axway to incur material additional costs in the conduct of such defense .

  • ▇▇▇▇▇ OBLIGATIONS A ▇▇▇▇▇▇▇'s acceptance of funds directly under the Grant or indirectly through a subaward acts as acceptance of the authority of the State, under the direction of the legislative audit committee, to conduct an audit or investigation in connection with those funds. In accordance with the legislative audit committee, DFPS can request any documentation, at any time, to be sent to DFPS to a location DFPS chooses. Examples of documentation that DFPS may request include, but are not limited to: 1. Participant files in their entirety. This includes, but is not limited to: a. Progress notes. b. Action plans. c. Registration forms. d. Surveys. e. Sign-in sheets. f. Monthly tracking forms.

  • Processor Obligations 4.1 The Processor may collect, process or use Personal Data only within the scope of this DPA. 4.2 The Processor confirms that it shall process Personal Data on behalf of the Controller and shall take steps to ensure that any natural person acting under the authority of the Processor who has access to Personal Data shall only process the Personal Data on the documented instructions of the Controller. 4.3 The Processor shall promptly inform the Controller, if in the Processor’s opinion, any of the instructions regarding the processing of Personal Data provided by the Controller, breach any Data Protection Law. 4.4 The Processor shall ensure that all employees, agents, officers and contractors involved in the handling of Personal Data: (i) are aware of the confidential nature of the Personal Data and are contractually bound to keep the Personal Data confidential; (ii) have received appropriate training on their responsibilities as a data processor; and (iii) are bound by the terms of this DPA. 4.5 The Processor shall implement appropriate technical and organisational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. 4.6 The Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymisation and encryption of Personal Data; (ii) the ability to ensure the on-going confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In accessing the appropriate level of security, account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. 4.7 The technical and organisational measures detailed in Exhibit B shall be at all times adhered to as a minimum security standard. The Controller accepts and agrees that the technical and organisational measures are subject to development and review and that the Processor may use alternative suitable measures to those detailed in the attachments to this DPA. 4.8 The Controller acknowledges and agrees that, in the course of providing the Services to the Controller, it may be necessary for the Processor to access the Personal Data to respond to any technical problems or Controller queries and to ensure the proper working of the Services. All such access by the Processor will be limited to those purposes.