Data Processing In this clause:
Details of Data Processing (a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.
Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller.
Privacy Shield To the extent that MailChimp processes any Customer Data protected by EU Data Protection Law under the Agreement and/or that originates from the EEA, in a country that has not been designated by the European Commission or Swiss Federal Data Protection Authority (as applicable) as providing an adequate level of protection for Personal Data, the parties acknowledge that MailChimp shall be deemed to provide adequate protection (within the meaning of EU Data Protection Law) for any such Customer Data by virtue of having self-certified its compliance with Privacy Shield. MailChimp agrees to protect such Personal Data in accordance with the requirements of the Privacy Shield Principles. If MailChimp is unable to comply with this requirement, MailChimp shall inform Customer.
Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.