Common use of Processing of Customer Personal Data Clause in Contracts

Processing of Customer Personal Data. 2.1 The parties acknowledge that Supplier acts as a Processor; and Customer acts as the Controller. 2.2 Supplier shall comply with the GDPR and CCPA in Processing Customer Personal Data; and not Process Customer Personal Data other than on Customer’s instructions; and as required by applicable laws. To the extent permitted by applicable laws, Supplier shall inform Customer of any Processing to be carried out as required by applicable laws and the relevant legal requirements that require it to carry out such Processing, before the relevant Processing of that Customer Personal Data. 2.3 Annex 1 & Annex 2 (Data Processing Details) sets out certain information regarding Supplier’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR and Cal. Civ. Code § 1798.140(c) of the CCPA 2.4 Notwithstanding anything to the contrary herein, Supplier may terminate the Agreement in its entirety upon written notice to Customer with immediate effect if Supplier considers (in its reasonable discretion) that: (a) it is unable to adhere to, perform or implement any instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or (b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise). 2.5 Customer represents and warrants on an ongoing basis that, for the purposes of Article 6 of the GDPR, and (where applicable) Article 9 and/or Article 10 of the GDPR, there is, and will be throughout the term of the Agreement, a valid legal basis and (where applicable) condition for the Processing by Supplier of Customer Personal Data in accordance with this Data Processing Addendum and the Agreement (including, any and all instructions issued by Customer from time to time in respect of such Processing).

Processing of Customer Personal Data. 2.1 2.1. The parties acknowledge that Supplier acts as a Processor; and Customer acts as the Controller. 2.2 2.2. Supplier shall comply with the GDPR and CCPA in Processing Customer Personal Data; and not Process Customer Personal Data other than on Customer’s instructions; and as required by applicable laws. To the extent permitted by applicable laws, Supplier shall inform Customer of any Processing to be carried out as required by applicable laws and the relevant legal requirements that require it to carry out such Processing, before the relevant Processing of that Customer Personal Data. 2.3 2.3. Annex 1 & Annex 2 (Data Processing Details) sets out certain information regarding Supplier’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR and Cal. Civ. Code § 1798.140(c) of the CCPA 2.4 2.4. Notwithstanding anything to the contrary herein, Supplier may terminate the Agreement in its entirety upon written notice to Customer with immediate effect if Supplier considers (in its reasonable discretion) that: (a) it is unable to adhere to, perform or implement any instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or (b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise). 2.5 2.5. Customer represents and warrants on an ongoing basis that, for the purposes of Article 6 of the GDPR, and (where applicable) Article 9 and/or Article 10 of the GDPR, there is, and will be throughout the term of the Agreement, a valid legal basis and (where applicable) condition for the Processing by Supplier of Customer Personal Data in accordance with this Data Processing Addendum and the Agreement (including, any and all instructions issued by Customer from time to time in respect of such Processing).