Customer’s Processing of Personal Data Customer shall, in its use of the Services, Process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. For the avoidance of doubt, Customer’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Customer shall have sole responsibility for the means by which Customer acquired Personal Data.
Relation of the Standard Contractual Clauses to the Agreement Nothing in the Agreement shall be construed to prevail over any conflicting clause of the Standard Contractual Clauses. For the avoidance of doubt, where this DPA further specifies audit and subprocessor rules in sections 5 and 6, such specifications also apply in relation to the Standard Contractual Clauses.
Processing of Personal Data (a) SORACOM collects and processes personal data about the Subscriber, including name, e-mail, IP-address as well as data on data uses and billing data in order to provide SORACOM’s service and other purposes such as billing.
Standard Contractual Clauses Where (i) Personal Data of an EEA or Swiss based Controller is processed in a country outside the EEA, Switzerland and any country, organization or territory acknowledged by the European Union as safe country with an adequate level of data protection under Art. 45 GDPR, or where (ii) Personal Data of another Controller is processed internationally and such international processing requires an adequacy means under the laws of the country of the Controller and the required adequacy means can be met by entering into Standard Contractual Clauses, then:
APPENDIX 2 TO THE STANDARD CONTRACTUAL CLAUSES This Appendix forms part of the Clauses and must be completed by the parties. Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
APPENDIX 1 TO THE STANDARD CONTRACTUAL CLAUSES Data exporter The data exporter is the entity identified as “Customer” in the DPA Data importer The data importer is Amazon Web Services, Inc., a provider of web services. Data subjects Data subjects are defined in Section 1.3 of the DPA. Categories of data The personal data is defined in Section 1.3 of the DPA.
Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach.
TO THE STANDARD CONTRACTUAL CLAUSES This Appendix forms part of the Clauses and must be completed and signed by the parties. Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
Deletion of Personal Data Upon termination or expiration of the Agreement, Data Processor shall return and delete Customer Data, including Personal Data contained therein, as described in the Agreement.
Types of Personal Data Contact Information, the extent of which is determined and controlled by the Customer in its sole discretion, and other Personal Data such as navigational data (including website usage information), email data, system usage data, application integration data, and other electronic data submitted, stored, sent, or received by end users via the Subscription Service.