Common use of Rights and Obligations of the Processor Clause in Contracts

Rights and Obligations of the Processor. 5.1. The Processor shall process the Personal Data in accordance with the Agreement, this DPA and the Data Protection Legislation unless required to do so by Union or Member State law to which the Processor is subject. In that case, the Processor shall inform the Controller of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest or otherwise. 5.2. The Processor shall assist the Controller in ensuring compliance with the obligations pursuant to applicable Data Protection Legislation (in particular articles 32 to 36 of the General Data Protection Regulation when it will apply) taking into account the nature of Processing and the information available to the Processor. 5.3. The Processor shall correct, delete or block the access to the Personal Data on the instruction of the Controller. 5.4. The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in article 28 of the General Data Protection Regulation, and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller. The Processor authorizes the Controller to take any reasonable measures to inspect the Processor’s compliance with applicable Data Protection Legislation as well as his compliance with the Controller’s instructions. 5.5. The Processor shall inform the Controller if he concludes that an instruction of the Controller may violate applicable Data Protection Legislation. In this case, the Processor may interrupt the relevant processing until instructions are confirmed or changed by the responsible person of the Controller. 5.6. If the Processor receives a request for information or any correction, deletion, blocking from the Data Subjects, he shall transfer such request to the Controller and shall support the Controller in the handling thereof. The Parties agree that the Processor can be in direct contact with the Data Subjects to provide technical support. 5.7. The Processor shall promptly inform the Controller in the event of substantial disruption of the Services or infringements of relevant Data Protection Legislation, including any breach of privacy or security in relation to the Processing arising from the Processor and or its employees. In view thereof, the Controller commits to subscribe on the Proxyclick platform (xxxx://xxxxxx.xxxxxxxxxx.xxx) to receive status updates. 5.8. The Controller authorizes the Processor to use Personal Data of Data Subjects when it is aggregated or anonymized for the purpose of improvement of the Services and research and development. In such form, the data is no longer Personal Data as such data can no longer be used to identify a Data Subject.

Rights and Obligations of the Processor. 5.1. The Processor shall process the Personal Data in accordance with the Agreement, this DPA and the Data Protection Legislation Legislation, unless required to do so by Union or Member State law to which the Processor is subject. In that case, the Processor shall inform the Controller of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest or otherwise. 5.2. The Processor shall assist the Controller in ensuring compliance with the obligations pursuant to applicable Data Protection Legislation (in particular articles 32 to 36 of the General Data Protection Regulation when it will apply) taking into account the nature of Processing and the information available to the Processor. 5.3. The Processor shall correct, delete or block the access to the Personal Data on the instruction of the Controller. 5.4. The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in article 28 of the General Data Protection Regulation, and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller. The Processor authorizes the Controller to take any reasonable measures to inspect the Processor’s compliance with applicable Data Protection Legislation as well as his compliance with the Controller’s instructions. 5.5. The Processor shall inform the Controller if he concludes comes to the conclusion that an instruction of the Controller may violate applicable Data Protection Legislation. In this case, the Processor may interrupt the relevant processing until instructions are confirmed or changed by the responsible person of the Controller. 5.6. If the Processor receives a request for information or for any correction, deletion, blocking from the Data Subjects, he shall transfer such request to the Controller and shall support the Controller in the handling thereof. The Parties agree that the Processor can be in direct contact with the Data Subjects in order to provide technical support. 5.7. The Processor shall promptly inform the Controller in the event of substantial disruption of the Services or of infringements of relevant Data Protection Legislation, including any breach of privacy or security in relation to the Processing arising from the Processor and or its employees. In view thereof, the Controller commits to subscribe on the Proxyclick [company name] platform (xxxx://xxxxxx.xxxxxxxxxx.xxx) to receive status updates. 5.8[insert URL]. The Controller authorizes the Processor to use Personal Data of Data Subjects when it is aggregated or anonymized for the purpose of improvement of the Services and research and development. In such form, the data is no longer Personal Data as such data can no longer be used to identify a Data Subject.. The Controller is primarily responsible for handling and responding to requests made by Data Subjects. The Processor shall assist the Controller, especially through appropriate technical and organizational measures, insofar as this is possible, with the fulfilment of the Controller's obligation to comply with the rights of the Data Subjects and respond to Data Subjects' requests relating to their rights. In particular, the Service Provider shall assist as follows:

Rights and Obligations of the Processor. 5.1. The Processor shall process the Personal Data in accordance with the Agreement, this DPA and the Data Protection Legislation unless required to do so by Union or Member State law to which the Processor is subject. In that case, the Processor shall inform the Controller of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest or otherwise. 5.2. The Processor shall assist the Controller in ensuring compliance with the obligations pursuant to applicable Data Protection Legislation (in particular articles 32 to 36 of the General Data Protection Regulation when it will apply) taking into account the nature of Processing and the information available to the Processor. 5.3. The Processor shall correct, delete or block the access to the Personal Data on the instruction of the Controller. 5.4. The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in article 28 of the General Data Protection Regulation, and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller. The Processor authorizes the Controller to take any reasonable measures to inspect the Processor’s compliance with applicable Data Protection Legislation as well as his compliance with the Controller’s instructions. 5.5. The Processor shall inform the Controller if he concludes that an instruction of the Controller may violate applicable Data Protection Legislation. In this case, the Processor may interrupt the relevant processing until instructions are confirmed or changed by the responsible person of the Controller. 5.6. If the Processor receives a request for information or any correction, deletion, blocking from the Data Subjects, he shall transfer such request to the Controller and shall support the Controller in the handling thereof. The Parties agree that the Processor can be in direct contact with the Data Subjects to provide technical support. 5.7. The Processor shall promptly inform the Controller in the event of substantial disruption of the Services or infringements of relevant Data Protection Legislation, including any breach of privacy or security in relation to the Processing arising from the Processor and or its employees. In view thereof, the Controller commits to subscribe on the Proxyclick platform (xxxx://xxxxxx.xxxxxxxxxx.xxx) to receive status updates. 5.8. The Controller authorizes the Processor to use Personal Data of Data Subjects when it is aggregated or anonymized for the purpose of improvement of the Services and research and development. In such form, the data is no longer Personal Data as such data can no longer be used to identify a Data Subject.

Rights and Obligations of the Processor. 5.1. The Processor shall process the Personal Data in accordance with the Agreement, this DPA and the Data Protection Legislation Legislation, unless required to do so by Union or Member State law to which the Processor is subject. In that case, the Processor shall inform the Controller of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest or otherwise. 5.2. The Processor shall assist the Controller in ensuring compliance with the obligations pursuant to applicable Data Protection Legislation (in particular articles 32 to 36 of the General Data Protection Regulation when it will apply) taking into account the nature of Processing and the information available to the Processor. 5.3. The Processor shall correct, delete or block the access to the Personal Data on the instruction of the Controller. 5.4. The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in article 28 of the General Data Protection Regulation, and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller. The Processor authorizes the Controller to take any reasonable measures to inspect the Processor’s compliance with applicable Data Protection Legislation as well as his compliance with the Controller’s instructions., 5.5. The Processor shall inform the Controller if he concludes comes to the conclusion that an instruction of the Controller may violate applicable Data Protection Legislation. In this case, the Processor may interrupt the relevant processing until instructions are confirmed or changed by the responsible person of the Controller. 5.6. If the Processor receives a request for information or for any correction, deletion, blocking from the Data Subjects, he shall transfer such request to the Controller and shall support the Controller in the handling thereof. The Parties agree that the Processor can be in direct contact with the Data Subjects in order to provide technical support. 5.7. The Processor shall promptly inform the Controller in the event of substantial disruption of the Services or of infringements of relevant Data Protection Legislation, including any breach of privacy or security in relation to the Processing arising from the Processor and or its employees. In view thereof, the Controller commits to subscribe on the Proxyclick platform (xxxx://xxxxxx.xxxxxxxxxx.xxx) to receive status updates. 5.8. The Controller authorizes the Processor to use Personal Data of Data Subjects when it is aggregated or anonymized for the purpose of improvement of the Services and research and development. In such form, the data is no longer Personal Data as such data can no longer be used to identify a Data Subject.