Onward Subprocessing. For the purposes of Clause 11 of these Clauses, the data exporter hereby consents to the data importer subcontracting any or all of its data processing operations performed under these Clauses in accordance with the DPA.
Onward Subprocessing a. The parties acknowledge that, pursuant to FAQ II.1 in Article 29 Working Party Paper WP 176 entitled "FAQs in order to address some issues raised by the entry into force of the EU Commission Decision 2010/87/EU of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC" the data exporter may provide a general consent to onward subprocessing by the data importer.
Onward Subprocessing. 4. The parties acknowledge that Article 28 of the GDPR allows for the general written authorisation of a subprocessor subject to notice of, and the opportunity to object to, the subprocessor. Accordingly, data exporter provides a general consent to data importer, pursuant to Clause 11 of the Standard Contractual Clauses, to engage onward subprocessors. Such consent is conditional on data importer’s compliance with the requirements set out in Section 4 (Sub-processing) of the DPA. Exhibit C Snowflake Security Policy (February 14, 2020) Snowflake and Customer agree that this Security Policy is hereby incorporated into and made a part of their written agreement that references this policy (the “Agreement”) and any capitalized terms used but not defined herein shall have the meaning set forth in the Agreement, as applicable. In the event of any conflict between the terms of the Agreement and this Security Policy, this Security Policy shall govern. Snowflake utilizes infrastructure-as-a-service cloud providers as further described in the Agreement and/or Documentation (each, a "Cloud Provider") and provides the Service to Customer from a VPC/VNET hosted by the applicable Cloud Provider (the “Cloud Environment"). Snowflake maintains a comprehensive documented security program based on NIST 800-53 (or industry recognized successor framework), under which Snowflake implements and maintains physical, administrative, and technical safeguards designed to protect the confidentiality, integrity, availability, and security of the Service and Customer Data (the “Security Program”), including, but not limited to, as set forth below. Snowflake regularly tests and evaluates its Security Program, and may review and update its Security Program as well as this Security Policy, provided, however, that such updates shall be designed to enhance and not materially diminish the Security Program. This Security Policy fulfills Snowflake’s obligations to comply with applicable laws related to data privacy and security, under Carahsoft NASPO Agreement Section 31, Data Privacy, Exhibit 1 to the Master Agreement: Software-as-a-Service, Section 9, Access to Security Logs and Reports, Section 10, Contract Audit, Section 11 Data Center Audit, and Section 13, Security.
Onward Subprocessing. The parties acknowledge that, pursuant to FAQ I1.1 in Article 29 Working Party Paper WP 176 entitled "FAQs in order to address some issues raised by the entry into force of the EU Commission Decision 2010/87/EU of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC" the data exporter may provide a general consent to onward subprocessing by the data importer. Accordingly, data exporter provides a general consent to data importer, pursuant to Clause 11 of these Clauses, to engage onward subprocessors. Such consent is conditional on data importer's
