Restricted Transfers Clause Samples
POPULAR SAMPLE Copied 2 times
Restricted Transfers. Parties agree that when the transfer of personal data from Customer (as “data exporter”) to Atlassian (as “data importer”) is a Restricted Transfer and Applicable Data Protection Law requires that appropriate safeguards are put in place, the transfer will be subject to the Standard Contractual Clauses, which are deemed incorporated into and form a part of this DPA, as follows:
(a) In relation to transfers of Customer Personal Data governed by the EU GDPR and processed in accordance with Section 2.2(a) of this DPA, the EU SCCs will apply, completed as follows:
i. Module Two or Module Three will apply (as applicable);
ii. in Clause 7, the optional docking clause will not apply;
iii. in Clause 9, Option 2 will apply, and the time period for prior notice of Sub-processor changes will be as set out in Section 2.10 of this DPA;
iv. in Clause 11, the optional language will not apply;
v. in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;
vi. in Clause 18(b), disputes will be resolved before the courts of Ireland;
vii. Annex I of the EU SCCs is deemed completed with the information set out in Exhibit A to this DPA, as applicable; and
viii. Subject to Section 2.8 of this DPA, ▇▇▇▇▇ ▇▇ of the EU SCCs is deemed completed with the information set out in Exhibit B to this DPA;
(b) In relation to transfers of personal data governed by the EU GDPR and processed in accordance with Section 2.2(b) of this DPA, the EU SCCs apply, completed as follows:
i. Module One will apply;
ii. in Clause 7, the optional docking clause will not apply;
iii. in Clause 11, the optional language will not apply;
iv. in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;
v. in Clause 18(b), disputes will be resolved before the courts of Ireland;
vi. Annex I of the EU SCCs is deemed completed with the information set out in Exhibit A to this DPA, as applicable; and
vii. Subject to Section 2.8 of this DPA, ▇▇▇▇▇ ▇▇ of the EU SCCs is deemed completed with the information set out in Exhibit B to this DPA;
(c) In relation to transfers of personal data governed by UK Data Protection Law, the EU SCCs: (i) apply as completed in accordance with paragraphs (a) and (b) above; and (ii) are deemed amended as specified by the UK Addendum, which is deemed executed by the parties and incorporated into and forming an integral part of this DPA. In addition, Tables 1 to 3 in Part 1 of the UK Addendum is deemed completed respectively with the information set ...
Restricted Transfers. 11.1 Subject to Sections 11.2 and 11.3, Customer (as "data exporter") and each Contracted Processor, as appropriate, (as "data importer") hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer from that Customer to that Contracted Processor.
11.2 The Standard Contractual Clauses shall come into effect under section 11.1 on the later of:
11.2.1 the data exporter becoming a party to them;
11.2.2 the data importer becoming a party to them; and
11.2.3 commencement of the relevant Restricted Transfer.
11.3 Section 11.1 shall not apply to a Restricted Transfer unless its effect, together with other reasonably practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to take place without breach of applicable Data Protection Law.
Restricted Transfers. For the transfer of Personal Data from the EEA and Switzerland to the U.S., or any other “third country” as noted in the GDPR, Pantheon adheres to the Standard Contractual Clauses, a form is set forth in Schedule 5 to this DPA, as well as the application of physical, organizational and technological controls, as the transfer mechanism. Customer will comply with the
Restricted Transfers. 12.1 Subject to section 12.3, each Company Group Member (as "data exporter") and each Contracted Processor, as appropriate, (as "data importer") hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer from that Company Group Member to that Contracted Processor.
12.2 The Standard Contractual Clauses shall come into effect under section 12.1 on the later of:
12.2.1 the data exporter becoming a party to them;
12.2.2 the data importer becoming a party to them; and
12.2.3 commencement of the relevant Restricted Transfer.
12.3 Section 12.1 shall not apply to a Restricted Transfer unless its effect, together with other reasonably practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to take place without breach of applicable Data Protection Law.
12.4 Vendor warrants and represents that, before the commencement of any Restricted Transfer to a Subprocessor which is not a Vendor Affiliate, Vendor's or the relevant Vendor Affiliate’s entry into the Standard Contractual Clauses under section 12.1, and agreement to variations to those Standard Contractual Clauses made under section 13.4.1, as agent for and on behalf of that Subprocessor will have been duly and effectively authorised (or subsequently ratified) by that Subprocessor.
Restricted Transfers. The Parties understand and agree that Personal Data processed in accordance with this DPA may be transferred to respectively accessed from countries outside of the EU/EEA, the UK, US and Switzerland by Us, Medius’s Affiliates and Sub-processors when providing the Services in accordance with the terms of the Agreement.
Restricted Transfers. 8.1 The Parties understand and agree that Personal Data processed in accordance with this DPA may be transferred to respectively accessed from countries outside of the EU/EEA and Switzerland by Us, Our Affiliates and Sub-processors when providing the Services in accordance with the terms of the Agreement.
8.2 We have entered into the Standard Contractual Clauses, including Appendices 1 and 2, with each Sub-processor outside the EU/EEA which processes Personal Data under this DPA if the arrangement with the Sub-processor involves a Restricted Transfer. You hereby accedes to the Standard Contractual Clauses and commission Us to enforce them against the relevant Sub-processor on Your behalf. Nothing in this DPA will be construed to prevail over any conflicting clause of the Standard Contractual Clauses.
Restricted Transfers. 7.1 The parties agree that, when a transfer of Personal Data occurs between the Controller and the Processor or from the Processor to a Sub-processor which is a Restricted Transfer, it shall be subject to the applicable SCCs.
7.2 The parties agree that the EU SCCs shall apply to Restricted Transfers from the EEA. The EU SCCs shall be deemed entered into (and incorporated into this DPA by reference) and completed as follows:
(i) Module Two (Controller to Processor) shall apply where the Customer is a Controller of Personal Data and the Company is processing Personal Data;
(ii) Module Three (Processor to Processor) shall apply where the Company is a Processor of Personal Data and the Company uses a Sub-processor to process the Personal Data;
(iii) Module Four (Processor to Controller) shall apply where the Company is processing Personal Data and the Customer is not subject to the EU GDPR or UK GDPR;
(iv) In Clause 7 of the EU SCCs, the optional docking clause shall not apply;
(v) In Clause 9 of the EU SCCs, Option 2 applies, and the time period for giving notice of Sub- processor changes shall be as set out in clause 6.3 of this DPA;
(vi) In Clause 11 of the EU SCCs, the optional language shall not apply;
(vii) In Clause 17 of the EU SCCs, Option 1 applies and the EU SCCs shall be governed by Irish law;
(viii) In Clause 18(b) of the EU SCCs, disputes shall be resolved by the courts of Ireland;
(ix) Annex I of the EU SCCs shall be deemed completed with the information set out in Exhibit A of this DPA;
(x) Annex II of the EU SCCs shall be deemed completed with the information set out in Exhibit B of this DPA.
7.3 The parties agree that the EU SCCs as amended in clause 7.2 above, shall be adjusted as set out below where the FADP applies to any Restricted Transfer:
(i) The Swiss Federal Data Protection and Information Commissioner (“FDPIC”) shall be the sole Supervisory Authority for Restricted Transfers exclusively subject to the FADP;
(ii) Restricted Transfers subject to both the FADP and the EU GDPR, shall be dealt with by the EU Supervisory Authority named in Exhibit A of this DPA;
(iii) The term ’member state’ must not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the EU SCCs;
(iv) Where Restricted Transfers are exclusively subject to the FADP, all references to the GDPR in the EU SCCs are to be under...
Restricted Transfers. If the processing of Customer Personal Data involves any transfers that are not Permitted Transfers, and European Data Protection Law applies to those transfers (as certified by Customer under Section 10.4 (Certification by Non-EMEA Customers) if its billing address is outside EMEA) (“Restricted Transfers”), then:
a. if Google announces its adoption of an Alternative Transfer Solution for any Restricted Transfers, then Google will ensure that they are made in accordance with that Alternative Transfer Solution; and/or
b. if Google has not adopted an Alternative Transfer Solution for any Restricted Transfers, then:
i. if Google’s address is in an Adequate Country:
A. the SCCs (EU Processor-to-Processor, Google Exporter) will apply with respect to all Restricted Transfers from Google to Subprocessors; and
B. in addition, if Customer’s billing address is not in an Adequate Country, the SCCs (EU Processor-to-Controller) will apply (regardless of whether Customer is a controller and/or processor) with respect to Restricted Transfers between Google and Customer; or
ii. if Google’s address is not in an Adequate Country:
A. the SCCs (EU Controller-to-Processor) and/or SCCs (EU Processor- to-Processor) will apply (according to whether Customer is a controller and/or processor) with respect to Restricted Transfers between Customer and Google that are subject to the EU GDPR and/or the Swiss FDPA; and
B. the SCCs (UK Controller-to-Processor) will apply (regardless of whether Customer is a controller and/or processor) with respect to Restricted Transfers between Customer and Google that are subject to the UK GDPR.
Restricted Transfers. The parties agree that when the transfer of Data from Customer to Granicus is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:
a) in relation to data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:
(i) Module Two will apply;
(ii) in Clause 7, the optional docking clause will apply;
(iii) in Clause 9, Option 2 will apply, and the time period for prior notice of subprocessor changes shall be as set out in Clause
Restricted Transfers. 12.1 The parties anticipate no Restricted Transfers. Should Company or any Company Group Member initiate a Restricted Transfer, it is solely responsible for establishing, as a data exporter, appropriate means to ensure compliance with applicable data and privacy protection laws. Should Vendor or any Vendor Affiliate wish to initiate any Restricted Transfers, they must comply with the requirements for Subprocessing and must have appropriate agreements in place, which may, as appropriate, include the Standard Contractual Clauses.