Common use of Processing of Controller Personal Data Clause in Contracts

Processing of Controller Personal Data. 3.1 Processor and each Processor Affiliate shall: 3.1.1 comply with all applicable Data Protection Laws in the Processing of Controller Personal Data; and 3.1.2 not Process Controller Personal Data other than on the relevant Controller Group Member’s written instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Processor or the relevant Processor Affiliate shall to the extent permitted by Applicable Laws inform the relevant Controller Group Member of that legal requirement before the relevant Processing of that Controller Personal Data. 3.2 Each Controller Group Member: 3.2.1 instructs Processor and each Processor Affiliate (and authorizes Processor and each Processor Affiliate to instruct each Subprocessor and each Subprocessor Affiliate) to: 3.2.1.1 Process Controller Personal Data; and 3.2.1.2 in particular, transfer Controller Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the Agreement, Applicable Laws, and this Addendum; 3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instruction set out in section 3.2.1 on behalf of each relevant Controller Affiliate; 3.2.3 warrants and represents that all of its instructions to any Contracted Processor will, at all times, comply with Data Protection Laws. 3.3 Annex 1 to this Addendum sets out certain information regarding the Contracted Processors' Processing of the Controller Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Controller may, upon 60 days prior written notice, make reasonable amendments to Annex 1 by written notice to Processor from time to time as Controller reasonably considers necessary to meet those requirements.

Processing of Controller Personal Data. 3.1 Processor and each Processor Affiliate shall: 3.1.1 comply with all applicable Data Protection Laws in the Processing of Controller Personal Data; and 3.1.2 not Process Controller Personal Data other than on the relevant Controller Group Member’s written documented instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Processor or the relevant Processor Affiliate shall to the extent permitted by Applicable Laws inform the relevant Controller Group Member of that legal requirement before the relevant Processing of that Controller Personal Data. 3.2 Each Controller Group Member: 3.2.1 instructs Processor and each Processor Affiliate (and authorizes authorises Processor and each Processor Affiliate to instruct each Subprocessor and each Subprocessor AffiliateSubprocessor) to: 3.2.1.1 Process Controller Personal Data; and 3.2.1.2 in particular, transfer Controller Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the Principal Agreement, Applicable Laws, and this Addendum;; and 3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized authorised to give the instruction set out in section 3.2.1 on behalf of each relevant Controller Affiliate; 3.2.3 warrants and represents that all of its instructions to any Contracted Processor will, at all times, comply with Data Protection Laws. 3.3 Annex 1 to this Addendum sets out certain information regarding the Contracted Processors' Processing of the Controller Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Controller may, upon 60 days prior written notice, may make reasonable amendments to Annex 1 by written notice to Processor from time to time as Controller reasonably considers necessary to meet those requirements. Nothing in Annex 1 (including as amended pursuant to this section 3.3) confers any right or imposes any obligation on any party to this Addendum.