Relationship with the Agreement. 10.1. The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that MindWire and Client may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data. 10.2. Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Personal Data. 10.3. Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Client Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement. 10.4. In no event shall this DPA benefit or create any right or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs). 10.5. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date Appendix 1 Security Measures
Appears in 2 contracts
Samples: Data Processing Agreement, Data Processing Agreement
Relationship with the Agreement. 10.1. 11.1 The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, attachment or exhibit or standard contractual clauses (including the Standard Contractual Clauses (as applicable)) that MindWire Snowflake and Client Customer may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. 11.2 Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Customer Personal Data. Notwithstanding the foregoing, and solely to the extent applicable to any Customer Personal Data comprised of patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state health care laws, rules or regulations (“HIPAA Data”), if there is any conflict between this DPA and a business associate agreement between Customer and Snowflake (“BAA”), then the BAA shall prevail solely with respect to such HIPAA Data.
10.3. 11.3 Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCsStandard Contractual Clauses, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting either of the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by the one party (the “Incurring Party”) in relation to the Client Customer Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement.
10.4. 11.4 In no event shall this DPA benefit or create any right party restrict or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to limit the rights of any Data Subject or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs)of any competent supervisory authority.
10.5. 11.5 This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection. THE PARTIES HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1 Security Measures1.
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. 10.1 This DPA shall remain in effect for as long as Mailchimp carries out Customer Data processing operations on behalf of Customer or until termination of the Agreement (and all Customer Data has been returned or deleted in accordance with Section 7.1 above).
10.2 The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit agreement or standard contractual clauses similar document that MindWire and Client the parties may have previously entered into in connection with the Services. MindWire may update Service.
10.3 In the event of any conflict or inconsistency between this DPA from time to timeand the Mailchimp Standard Terms of Use, with such updated version provided by MindWire to Client by email noticethe provisions of the following documents (in order of precedence) shall prevail: (a) SCCs; provided, however, that no such update shall materially diminish then (b) this DPA; and then (c) the privacy or security Mailchimp Standard Terms of Client Personal DataUse.
10.2. 10.4 Except as provided for any changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Personal Dataeffect.
10.3. 10.5 Notwithstanding anything to the contrary in the Agreement or (including this DPA), each party’s Mailchimp shall have a right to collect, use and all disclose data relating to the use, support and/or operation of the Service ("Service Data") for its Affiliates’ liabilitylegitimate business purposes, taken together such as billing, account management, technical support, and product development. To the extent any such Service Data is considered personal data under Data Protection Laws, Mailchimp shall be responsible for and shall process such data in accordance with the aggregateMailchimp Privacy Policy and Data Protection Laws. For the avoidance of doubt, arising out of or relating this DPA shall not apply to Service Data.
10.6 No one other than a party to this DPA, the SCCs, its successors and permitted assignees shall have any other data protection agreements in connection with the Agreement (if any), shall be subject right to enforce any aggregate limitations on liability set out in the Agreement. Without limiting the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Client Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with of its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreementterms.
10.4. In no event shall this DPA benefit or create any right or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs).
10.5. 10.7 This DPA will shall be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Data Protection Laws. Name Name Signature Signature Title Title Date DateAnnex A – Details of Data Processing
(a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.
(b) Duration: As between Mailchimp and Customer, the duration of the data processing under this DPA is until the expiration or termination of the Agreement in accordance with its terms.
(c) Purpose: Mailchimp shall only process Customer Data for the following purposes:
(i) processing to perform the Service in accordance with the Agreement; (ii) processing initiated by Customer in its use of the Service; and (ii) processing to comply with any other reasonable instructions provided by Customer (e.g., via email or support tickets) that are consistent with the terms of the Agreement (individually and collectively, the "Purpose").
(d) Nature of the processing: Mailchimp provides an email service, automation and marketing platform and other related services, as more particularly described in the Agreement.
(e) Categories of data subjects: (i) Members; and (ii) Contacts, each as defined in the Mailchimp Privacy Policy.
(f) Types of Customer Data: Customer may upload, submit or otherwise provide certain personal data to the Service, the extent of which is typically determined and controlled by Customer in its sole discretion, and may include the following types of personal data: Members: Identification and contact data (name, address, title, contact details, username); financial information (credit card details, account details, payment information); employment details (employer, job title, geographic location, area of responsibility); Contacts: Identification and contact data (name, date of birth, gender, general, occupation or other demographic information, address, title, contact details, including email address), personal interests or preferences (including purchase history, marketing preferences and publicly available social media profile information); IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data); financial information (credit card details, account details, payment information).
(g) Sensitive Data: Mailchimp does not want to, nor does it intentionally, collect or process any Sensitive Data in connection with the provision of the Service.
(h) Processing Operations: Customer Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities: Storage and other processing necessary to provide, maintain and improve the Service provided to Customer pursuant to the Agreement; and/or Disclosures in accordance with the Agreement and/or as compelled by applicable law. Annex B – Security Measures The Security Measures applicable to the Service are described here (as updated from time to time in accordance with Section 4.3 of this DPA). Annex C All defined terms used in this Annex C shall have the meaning given to them in the SCCs unless otherwise defined in this Annex. Appendix 1 Security Measures3 to the Standard Contractual Clauses This Appendix forms part of the Clauses and must be completed by the parties. This Appendix sets out the parties' interpretation of their respective obligations under specific Clauses identified below. Where a party complies with the interpretations set out in this Appendix, that party shall be deemed by the other party to have complied with its commitments under the Clauses.
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that MindWire and Client may have previously entered into in connection with 10.1 Except for the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. Except as provided changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Customer Personal DataInformation.
10.3. 10.2 Notwithstanding anything to the contrary in the Agreement or this DPA, the liability of each party and each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to Affiliates under this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), DPA shall be subject to any aggregate the exclusions and limitations on of liability set out in the Agreement. Without limiting either of the parties’ obligations under the Agreement, each party Customer agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Client Personal Data IDVerifact that arise as a result of, or in connection with, the other partyCustomer’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring PartyIDVerifact’s liability under the Agreement as if it were liability to the other party Customer under the Agreement.
10.410.3 Any claims against IDVerifact or its Affiliates under this DPA shall only be brought by the Customer that is a party to the Agreement against IDVerifact. In no event shall this DPA benefit or create any right party restrict or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to limit the rights of any data subject or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs)of any competent supervisory authority.
10.5. 10.4 This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Data Protection Laws.
10.5 This DPA will terminate automatically with the termination or expiry of the Agreement, subject to additional provisions in any Addenda attached hereto. Name Name Signature Signature Title Title Company: Signature: Name: Title: Date DateSigned:
Appendix 1 Security Measures10.6 For purposes of interpreting this DPA, (a) unless the context otherwise requires, the singular includes the plural, and the plural includes the singular; (b) unless otherwise specifically stated, the words “herein,” “hereof,” and “hereunder” and other words of similar import refer to this DPA as a whole and not to any particular section or paragraph; (c) the words “include” and “including” will not be construed as terms of limitation, and will therefore mean “including but not limited to” and “including without limitation”; (d) unless otherwise specifically stated, the words “writing” or “written” mean preserved or presented in retrievable or reproducible form, whether electronic (including email but excluding voice mail) or hard copy; and (e) the captions and section and paragraph headings used in this DPA are inserted for convenience only and will not affect the meaning or interpretation of this DPA. This DPA may be executed in one or more counterparts, either in original, facsimile or scanned electronic form, each of which so executed shall constitute an original and all of which together shall constitute one and the same agreement. Company: IDVerifact Inc. Signature: Name: Xxx Xxxxxxxxx Title: CEO Date Signed: IDVerifact has implemented and shall maintain a commercially reasonable security program in accordance with industry best practices, which shall include technical and organizational measures to ensure an appropriate level of security for Customer Personal Data taking into account the risks presentedby the processing, in particular from the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of, or access to Customer Personal Data, and the nature of the Customer Personal Data to be protected having regard to the state of the art and the cost of implementation. IDVerifact’s security programshall include the following measures.
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. 9.1 The parties Parties agree that this DPA shall replace and supersede any existing data processing addendum, attachmentattachment or exhibit (including the Standard Contractual Clauses, exhibit or standard contractual clauses as applicable) that MindWire and Client the Parties may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. 9.2 Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Personal Data.
10.3. 9.3 Notwithstanding anything to the contrary in the Agreement or this DPA, each partyParty’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCsStandard Contractual Clauses, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting either of the partiesParties’ obligations under the Agreementhereunder, each party Party agrees that any regulatory penalties incurred by one party Party (the “Incurring Party”) in relation to the Client Personal Data that arise as a result of, or in connection with, the other partyParty’s failure to comply with its obligations under this DPA hereunder or any applicable Applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party Party under the Agreement.
10.4. 9.4 In no event shall this DPA benefit or create any right party restrict or cause limit the rights of action on behalf any Data Subject or of a third party (including a Third-Party Controller)any competent supervisory authority. Schedule 1 – Description of Processing/Transfer
1. List of Parties Processor:
1. Name: Esko Address: As defined in the Agreement Contact person’s name, but without prejudice position and contact details: As defined in the Agreement Activities relevant to the rights data transferred under the Standard Contractual Clauses: Described in this Schedule 1 Role: Processor or remedies available to Data Subjects under Data Protection Laws or this DPA (including Controller as defined in Section 2.1 of the SCCs).DPA
10.51. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions Name: Customer Address: As defined in the AgreementAgreement Contact person’s name, position and contact details: As defined in the Agreement Activities relevant to the data transferred under the Standard Contractual Clauses: Processor or Controller as defined in Section 2.1 of the DPA Role: Controller
2. Name Name Signature Signature Title Title Date DateCategories of data subjects whose personal data is transferred
Appendix 1 Security Measures(A) Prospects, customers, business partners and vendors of Customer (who are natural persons)
(B) Employees or contact persons of Customer’s prospects, customers, business partners and vendors
(C) Employees, agents, advisors, freelancers of Customer (who are natural persons) (D) Customer’s Users authorized by Customer to use the Services
3. Categories of personal data transferred
4. Sensitive data transferred (if applicable)
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. 9.1 The parties Parties agree that this DPA shall replace and supersede any existing data processing addendum, attachmentattachment or exhibit (including the Standard Contractual Clauses, exhibit or standard contractual clauses as applicable) that MindWire and Client the Parties may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. 9.2 Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Personal Data.
10.3. 9.3 Notwithstanding anything to the contrary in the Agreement or this DPA, each partyParty’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCsStandard Contractual Clauses, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting either of the partiesParties’ obligations under the Agreementhereunder, each party Party agrees that any regulatory penalties incurred by one party Party (the “Incurring Party”) in relation to the Client Personal Data that arise as a result of, or in connection with, the other partyParty’s failure to comply with its obligations under this DPA hereunder or any applicable Applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party Party under the Agreement.
10.4. 9.4 In no event shall this DPA benefit or create any right party restrict or cause limit the rights of action on behalf any Data Subject or of a third party (including a Third-Party Controller)any competent supervisory authority. Schedule 1 – Description of Processing/Transfer
1. List of Parties Processor:
1. Name: Enfocus Address: As defined in the Agreement Contact person’s name, but without prejudice position and contact details: As defined in the Agreement Activities relevant to the rights data transferred under the Standard Contractual Clauses: Described in this Schedule 1 Role: Processor or remedies available to Data Subjects under Data Protection Laws or this DPA (including Controller as defined in Section 2.1 of the SCCs).DPA
10.51. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions Name: Customer Address: As defined in the AgreementAgreement Contact person’s name, position and contact details: As defined in the Agreement Activities relevant to the data transferred under the Standard Contractual Clauses: Processor or Controller as defined in Section 2.1 of the DPA Role: Controller
2. Name Name Signature Signature Title Title Date DateCategories of data subjects whose personal data is transferred
Appendix 1 Security Measures(A) Prospects, customers, business partners and vendors of Customer (who are natural persons)
(B) Employees or contact persons of Customer’s prospects, customers, business partners and vendors
(C) Employees, agents, advisors, freelancers of Customer (who are natural persons) (D) Customer’s Users authorized by Customer to use the Services
3. Categories of personal data transferred
4. Sensitive data transferred (if applicable)
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that MindWire Vendor and Client Customer may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Customer Personal Data. Notwithstanding the foregoing, and solely to the extent applicable to any Customer Personal Data comprised of patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state health care laws, rules or regulations (“HIPAA Data”), if there is any conflict between this DPA and a business associate agreement between Customer and Vendor (“BAA”), then the BAA shall prevail solely with respect to such HIPAA Data.
10.3. Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Client Customer Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement.
10.4. In no event shall this DPA benefit or create any right or cause of action on behalf of a third party (including a Third-Third- Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs).
10.5. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date
Appendix 1 Security Measures.
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that MindWire and Client may have previously entered into in connection with 2.1 Except for the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. Except as provided changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict conflict.
2.2 Any claims brought under or in connection with the Processing of Client Personal Data.
10.3. Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), DPA shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting the parties’ obligations under terms and conditions of the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation including but not limited to the Client Personal Data that arise as a result of, exclusions and limitations set forth therein. Any claims against Lookout or in connection with, the other party’s failure to comply with its obligations Affiliates under this DPA or any applicable Data Protection Laws shall count toward and reduce be brought solely against the Incurring Party’s liability under the Agreement as if it were liability entity that is a party to the other party under the Agreement.
10.4. In no event shall this DPA benefit or create any party limit its liability with respect to any Data Subject whose Personal Data is processed under the Agreement.
2.3 Except to the extent required by applicable laws, no one other than a party to this DPA, its successors and permitted assignees shall have any right or cause to enforce any of action on behalf of a third party (including a Third-Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs)its terms.
10.5. 2.4 This DPA will shall be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date, unless required otherwise by Data Protection Laws.
Appendix 1 Security Measures2.5 This DPA shall terminate simultaneously and automatically with the termination or expiration of the Agreement.
2.6 Notwithstanding anything to the contrary in the Agreement, in the event of a change in Data Protection Laws or a determination or order by a supervisory authority or competent court affecting this DPA or the lawfulness of any processing activities under this DPA, Lookout may (in its sole discretion) make any amendments to this DPA (or changes to the Service) as are reasonably necessary to ensure continued compliance with Data Protection Laws or any such determination or order.
2.7 Each party acknowledges that the other party may disclose this DPA (including its Annexes and the Standard Contractual Clauses) and any privacy related provisions in the Agreement to a supervisory authority upon request.
Appears in 1 contract
Samples: Data Processing Addendum
Relationship with the Agreement. 10.1. The parties Parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that MindWire Snowflake and Client Customer may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data...
10.2. Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Customer Personal Data. Notwithstanding the foregoing, and solely to the extent applicable to any Customer Personal Data comprised of patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state health care laws, rules or regulations (“HIPAA Data”), if there is any conflict between this DPA and a business associate agreement between Customer and Snowflake (“BAA”), then the BAA shall prevail solely with respect to such HIPAA Data.
10.3. Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, and DPAand any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Client Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement.the
10.4. In no event shall this DPA benefit or create any right or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs).
10.5DPA. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date
Appendix 1 Exhibit C Snowflake Security MeasuresAddendum
Appears in 1 contract
Relationship with the Agreement. 10.1. 11.1 The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, attachment or exhibit or standard contractual clauses (including the Standard Contractual Clauses (as applicable)) that MindWire Snowflake and Client Customer may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. 11.2 Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the withthe Processing of Client Customer Personal Data. Notwithstanding the foregoing, and solely to the extent applicable to any Customer Personal Data comprised of patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state health care laws, rules or regulations (“HIPAA Data”), if there is any conflict between this DPA and a Business Associates Agreement between Customer and Snowflake (“BAA”), then the BAA shall prevail solely with respect to such HIPAA Data.
10.3. 11.3 Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, DPA and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting either of the parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by the one party (the “Incurring Party”) in relation to the Client Customer Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement.
10.4. 11.4 In no event shall this DPA benefit or create any right party restrict or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to limit the rights of any Data Subject or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs)of any competent supervisory authority.
10.5. 11.5 This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement. Name Name Signature Signature Title Title Date Date
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection. THE PARTIES HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1 Security Measures1.
Appears in 1 contract
Samples: Master Agreement
Relationship with the Agreement. 10.1. 12.1 The parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, attachment or exhibit or standard contractual clauses that MindWire and Client (including the Model Clauses (as applicable)) the parties may have previously entered into in connection with the Services. MindWire may update this DPA from time to time, with such updated version provided by MindWire to Client by email notice; provided, however, that no such update shall materially diminish the privacy or security of Client Personal Data.
10.2. 12.2 Except as provided for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Client Customer Personal Data.
10.3. 12.3 Notwithstanding anything to the contrary in the Agreement or this DPA, the liability of each party and each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to Affiliates under this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), DPA shall be subject to any aggregate the exclusions and limitations on of liability set out in the Agreement. Without limiting either of the parties’ obligations under the Agreement, each party Customer agrees that any regulatory penalties incurred by one party (the “Incurring Party”) HCL in relation to the Client Customer Personal Data that arise as a result of, or in connection with, the other partyCustomer’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring PartyHCL’s liability under the Agreement as if it were liability to the other party Customer under the Agreement.
10.412.4 Any claims against HCL or its Affiliates under this DPA shall only be brought by the Customer entity that is a party to the Agreement against the HCL entity that is a party to the Agreement. In no event shall this DPA benefit or create any right party restrict or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to limit the rights of any data subject or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs)of any competent supervisory authority.
10.5. 12.5 This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Data Protection Laws.
12.6 Subject to Section 2.4, this DPA and the Model Clauses will terminate simultaneously and automatically with the termination or expiry of the Agreement. Name Name Signature Signature Title Title Date Date
Available upon request Available upon request For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection. THE PARTIES HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1 Security Measures1.
Appears in 1 contract
Samples: Data Processing Agreement
