Common use of Records, Information, and Audits Clause in Contracts

Records, Information, and Audits. With effect from 25 May 2018, Spin Technology shall (i) maintain, in accordance with Article 30 of the GDPR, written records of all categories of processing activities carried out on behalf of Customer; and (ii) to the extent required under Article 28 of the GDPR, make available to Customer or the Supervisory Authority such information as is reasonably necessary to demonstrate Spin Technology’s compliance with the obligations of a Processor under the GDPR. (a) provides Spin Technology reasonable prior notice of such information request, audit, and/or inspection being required by Customer; (b) ensures that all information obtained or generated by Customer or its auditor(s) in connection with such information requests, inspections, and audits is kept strictly confidential (save for disclosure to the Supervisory Authority or as otherwise required by Applicable Law); (c) ensures that the audit or inspection is undertaken during normal business hours, with minimal disruption to Spin Technology’s business, the Sub-processors’ business and the business of other customers of Spin Technology; (d) reimburses Spin Technology for reasonable costs undertaken by Spin Technology in assisting with the provision of information and allowing for and contributing to inspections and audits; and (e) undertakes no more than one such audit or inspection during any twelve (12) month period. Parties will undertake an audit or inspection only by an independent and certified third-party auditor, with all costs to be paid by the Customer who requests the audit or inspection. If a Supervisory Authority requires an audit of the Personal Data Processing facilities in order to ascertain or monitor Spin Technology's compliance with Applicable Laws, Spin Technology will cooperate with such audit.

Records, Information, and Audits. With effect from 25 May 2018, Spin Technology shall (i) maintain, in accordance with Article 30 of the GDPR, written records of all categories of processing activities carried out on behalf of Customer; and (ii) to the extent required under Article 28 of the GDPR, make available to Customer or the Supervisory Authority such information as is reasonably necessary to demonstrate Spin Technology’s compliance with the obligations of a Processor under the GDPR.. In a case of such information request, audit, and/or inspection request by Customer, Customer: (a) provides Spin Technology reasonable prior notice of such information request, audit, and/or inspection being required by Customer; (b) ensures that all information obtained or generated by Customer or its auditor(s) in connection with such information requests, inspections, and audits is kept strictly confidential (save for disclosure to the Supervisory Authority or as otherwise required by Applicable Law); (c) ensures that the audit or inspection is undertaken during normal business hours, with minimal disruption to Spin Technology’s business, the Sub-processors’ business and the business of other customers of Spin Technology; (d) reimburses Spin Technology for reasonable costs undertaken by Spin Technology in assisting with the provision of information and allowing for and contributing to inspections and audits; and (e) and undertakes no more than one such audit or inspection during any twelve (12) month period. Parties will undertake an audit or inspection only by an independent and certified third-party auditor, with all costs to be paid by the Customer who requests the audit or inspection. If a Supervisory Authority requires an audit of the Personal Data Processing facilities in order to ascertain or monitor Spin Technology's compliance with Applicable Laws, Spin Technology will cooperate with such audit.

Records, Information, and Audits. With effect from 25 May 2018, Spin Technology Spinbackup shall (i) maintain, in accordance with Article 30 of the GDPR, written records of all categories of processing activities carried out on behalf of Customer; and (ii) to the extent required under Article 28 of the GDPR, make available to Customer or the Supervisory Authority such information as is reasonably necessary to demonstrate Spin TechnologySpinbackup’s compliance with the obligations of a Processor under the GDPR. (a) provides Spin Technology Spinbackup reasonable prior notice of such information request, audit, and/or inspection being required by Customer; (b) ensures that all information obtained or generated by Customer or its auditor(s) in connection with such information requests, inspections, and audits is kept strictly confidential (save for disclosure to the Supervisory Authority or as otherwise required by Applicable Law); (c) ensures that the audit or inspection is undertaken during normal business hours, with minimal disruption to Spin TechnologySpinbackup’s business, the Sub-processors’ business and the business of other customers of Spin TechnologySpinbackup; (d) reimburses Spin Technology Spinbackup for reasonable costs undertaken by Spin Technology Spinbackup in assisting with the provision of information and allowing for and contributing to inspections and audits; and (e) undertakes no more than one such audit or inspection during any twelve (12) month period. Parties will undertake an audit or inspection only by an independent and certified third-party auditor, with all costs to be paid by the Customer who requests the audit or inspection. If a Supervisory Authority requires an audit of the Personal Data Processing facilities in order to ascertain or monitor Spin TechnologySpinbackup's compliance with Applicable Laws, Spin Technology Spinbackup will cooperate with such audit.

Records, Information, and Audits. With effect from 25 May 2018, Spin Technology MapAnything shall (i) maintain, in accordance with Article 30 of the GDPR, written records of all categories of processing activities carried out on behalf of Customer; and (ii) to the extent required under Article 28 of the GDPR, make available to Customer or the Supervisory Authority such information as is reasonably necessary to demonstrate Spin TechnologyMapAnything’s compliance with the obligations of a Processor under the GDPR. (a) provides Spin Technology MapAnything reasonable prior notice of such information request, audit, and/or inspection being required by Customer; (b) ensures that all information obtained or generated by Customer or its auditor(s) in connection with such information requests, inspections, and audits is kept strictly confidential (save for disclosure to the Supervisory Authority or as otherwise required by Applicable Law); (c) ensures that the audit or inspection is undertaken during normal business hours, with minimal disruption to Spin TechnologyMapAnything’s business, the Sub-processors’ business and the business of other customers of Spin TechnologyMapAnything; (d) reimburses Spin Technology MapAnything for reasonable costs undertaken by Spin Technology MapAnything in assisting with the provision of information and allowing for and contributing to inspections and audits; and (e) undertakes no more than one such audit or inspection during any twelve (12) month period. Parties will undertake an audit or inspection only by an independent and certified third-party auditor, with all costs to be paid by the Customer who requests the audit or inspection. If a Supervisory Authority requires an audit of the Personal Data Processing facilities in order to ascertain or monitor Spin Technology's MapAnything’s compliance with Applicable Laws, Spin Technology MapAnything will cooperate with such audit.