Processor Requirements. Gateway Services neither include, nor does NCR Voyix take any responsibility for, any payment processing services, which must be provided by currently supported Processors with whom you contract directly.
Processor Requirements. SPECIMEN The following processor requirements apply where you are acting as a processor of any Data and set out the scope of processing. In processing Data, you must:
9.11.1 at all times process the Data lawfully and fully in compliance with the GDPR to the extent such legislation applies to You as a processor; and
9.11.2 process the Data in order to meet your obligations under any written requirements set out in any agreements from time to time that we have with you and otherwise solely in accordance with our written instructions from time to time and for no other purpose;
9.11.3 treat all Data as confidential information which should not be disclosed to any third party save in the circumstances set out in any agreement from time to time that we have with you;
9.11.4 not appoint or engage another processor without our prior written consent and where consent is given, shall ensure that you have a written agreement with the sub-processor that imposes on the sub- processor in a legally binding manner the obligations set out in this Section 4 applicable to you;
9.11.5 take all measures required pursuant to Art. 32 of the GDPR (Security of processing);
9.11.6 taking into account the nature of the processing, assist us by appropriate technical and organisational measures insofar as this is possible, for the fulfilment of our obligation to respond to requests for exercising the data subjects’ rights of the GDPR;
9.11.7 assist us in ensuring compliance with the obligations pursuant to Art. 32 to 36 of the GDPR taking into account the nature of processing and the information available to you;
9.11.8 you must not transfer Data outside the EEA save with our prior written consent and then subject to the execution of a European Model Agreement between Us and the transferee of Data;
9.11.9 at our choice, delete or return all Data to us in the event that you do not become a controller of Data; and maintain a record of your processing activities undertaken on our behalf in accordance with Art. 30 of the GDPR (Records of processing activities) and make available to us all information necessary to demonstrate compliance with the obligations laid down in Art. 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by us or on our behalf.
Processor Requirements. Each party agrees that it shall only appoint a Processor in relation to Controller Personal Data if that Processor has agreed in writing to:
4.2.1 implement adequate technical and organisational measures to ensure a level of Personal Data security consistent with the requirements of Article 32(1) of the GDPR, taking into account risks of Processing and inherent in a Personal Data Breach;
4.2.2 reasonably limit access to Controller Personal Data to individuals who need access to enable the Processor to provide its services to that party;
4.2.3 only carry out Restricted Transfers on terms equivalent to section 5 (Data Transfers);
4.2.4 reasonably assist that party in meeting its obligations under this DPA and the GDPR, including section 6 (Data Subjects), 7 (Personal Data Breach) and 8 (Audit);
4.2.5 protect confidentiality on terms equivalent to those set out in our Master Terms;
4.2.6 only appoint Subprocessors that agree to comply with the GDPR and this DPA in relation to Controller Personal Data.
Processor Requirements. Without limiting Supplier’s obligations under Section 13.a, Supplier, in its capacity as a Processor, service provider, or subprocessor of Personal Data, will
A. Process the Personal Data only on documented instructions from Microsoft, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by European Union or Member State law to which Supplier is subject, and only for the specific purpose of performing Services specified in this PO. In such case, Supplier will inform Microsoft of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest,
B. ensure that persons authorized to Process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality,
C. take all measures required in accordance with good industry practice and by Data Protection Law relating to data security (including pursuant to Article 32 of the GDPR),
D. not engage another party to Process the Personal Data without Microsoft’s prior written authorization, and if such authorization is granted, take those measures required pursuant to paragraphs 2 and 4 of Article 28 of the GDPR,
E. take into account the nature of the Processing, assist Microsoft by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Microsoft’s obligation to respond to requests for exercising the Data Subject’s rights laid down in Data Protection Law (including Chapter III of the GDPR) and, to the extent applicable, implementing the Data Subject’s rights,
F. assist Microsoft in ensuring compliance with data security, Personal Data Breach, data protection impact assessments, and engaging in other consultations, pursuant to Data Protection Law (including Articles 32 to 36 of the GDPR taking into account the nature of processing and the information available to Supplier),
G. without limiting Microsoft’s rights under Section 23, make available to Microsoft all information necessary to demonstrate compliance with Data Protection Law (including the obligations laid down in Article 28 of the GDPR) and allow for and contribute to audits, including inspections, conducted by Microsoft or another auditor mandated by Microsoft,
H. immediately inform Microsoft if, in its opinion, an instruction infringes Data Protection Law.
I. The subject matter and duration of the Processing, the na...
Processor Requirements. You may only Distribute the software with a Customer System that meets the processor requirements listed on xxxxx://xx.xxxxxxxxx.xxx/fwlink/?linkid=847781 (or updated URL). Certain editions of the software may only be properly licensed on devices with specific hardware configurations. Microsoft may add new processors to the Processor Requirements at any time with notice to you. Microsoft may modify the Processor Requirements no less than 90 days’ notice to you.
