Customer Data 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.
Processing of Customer Personal Data 3.1 UKG will:
3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data.
3.2 Customer hereby:
3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement.
3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and
3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law.
3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
User Data We will maintain certain data that you transmit to the Services for the purpose of managing the performance of the Services, as well as data relating to your use of the Services. Although we perform regular routine backups of data, you are solely responsible for all data that you transmit or that relates to any activity you have undertaken using the Services. You agree that we shall have no liability to you for any loss or corruption of any such data, and you hereby waive any right of action against us arising from any such loss or corruption of such data.
Use of Customer Data Verizon, Verizon Affiliates and their respective agents, may use, process and/or transfer Customer Data (including intra-group transfers and transfers to entities in countries that do not provide statutory protections for personal information) as set forth in the Privacy Policy and as necessary:
(a) in connection with provisioning of Services; (b) to incorporate Customer Data into databases controlled by Verizon, Verizon Affiliates or their respective agents for the purpose of providing Services; administration; provisioning; invoicing and reconciliation; verification of Customer identity, solvency and creditworthiness; maintenance, support and product development; fraud detection and prevention; sales, revenue and customer analysis and reporting; market and customer use analysis including in the manner described in the Privacy Policy; and (c) to communicate to Customer regarding Services.
Return of Customer Data Okta shall return Customer Data to Customer and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and time periods specified in the Trust & Compliance Documentation, unless the retention of the data is requested from Okta according to mandatory statutory laws.
Database File The Servicer will provide the Successor Servicer with a magnetic tape (in a format reasonably acceptable to the Indenture Trustee and the Servicer) containing the database file for each Contract (i) as of the Initial Cutoff Date, (ii) the Subsequent Cutoff Date, (iii) thereafter, as of the last day of the preceding Due Period on each Determination Date prior to a Service Transfer and (iv) on and as of the Business Day before the actual commencement of servicing functions by the Successor Servicer following the occurrence of a Service Transfer.
Customer Lists We hereby agree that we shall not use any list of your customers which may be obtained in connection with this Agreement for the purpose of solicitation of any product or service without your express written consent. However, nothing in this paragraph or otherwise shall be deemed to prohibit or restrict us or our affiliates in any way from solicitations of any product or service directed at, without limitation, the general public, any segment thereof, or any specific individual, provided such solicitation is not based upon such list.
Links to Third Party Websites In your use of the Service and/or the Company’s website, you may encounter various types of links that enable you to visit websites operated or owned by third parties (“Third Party Site”). These links are provided to you as a convenience and are not under the control or ownership of the Company. The inclusion of any link to a Third Party Site is not (i) an endorsement by the Company of the Third Party Site, (ii) an acknowledgement of any affiliation with its operators or owners, or (iii) a warranty of any type regarding any information or offer on the Third Party Site. Your use of any Third Party Site is governed by the various legal agreements and policies posted at that website.
Customer Information CPNI of a Customer and any other non-public, individually identifiable information about a Customer or the purchase by a Customer of the services or products of a Party.
