TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”. 11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement. 11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors. 11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA. 11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request. 11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications: 11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit. 11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request. 11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail. 1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”). 2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data. 3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service. 4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system. 5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided. 6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx 7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx. 8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
Appears in 7 contracts
Samples: Master Services Agreement, Master Services Agreement, Master Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: Hosting of Celonis Software in the context of providing evaluation services (“Proof of Values” or “POVs”): As directed by the Controller, names and e-mail addresses may be inserted in the Celonis Software hosted as a Cloud Service for the purposes of a POV to automatically send reports relating to process analyses to the respective persons. Usernames User names are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud ServicePOV. Support Training Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- e-mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”)) or under a Services assignment, including for a POV.
2. Procedures of data processing Cloud Service Hosting: The Processor provides the functionalities of the Cloud Service Celonis Software including the data sets uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel processes these for the purposes of administering the support ticketsa POV. Shadowing Training Services: Exchange of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted contact details and storage in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participationProcessor’s contact database. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service Hosting: The Cloud Service Celonis Software provided during a POV on a cloud instance provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud Training: Execution and administration of Online Training Cloud training Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Microsoft Corporation, Redmond (WA), United States • Hosting location for Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Support of the Services through personnel of such Affiliate. Processor may use the following sub-processors (based on the respective Services according to the relevant Order): Celonis B.V., The Netherlands Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 6 contracts
Samples: Professional Services Agreement, Professional Services Agreement, Professional Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller AbsorbLMS Technology Ltd., Dublin, Republic of Ireland Hosting of Online Training Cloud Processor may use the following sub-processors (based on the respective Services according to the relevant Order): HappyFox Inc., Frankfurt, Germany Operation of the Support Ticketing Tools Microsoft Corporation, Redmond (WA), United States • Hosting location for Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Xxxxxxxxxx.xxx Germany GmbH, Munich, Germany Operation of the Support Ticketing Tools UserLane GmbH, Munich, Germany Operation of Guided Learning Tours within the Online Training Cloud Tool Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Celonis B.V., The Netherlands Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic Support of the Services through personnel of such Affiliate. For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 5 contracts
Samples: Cloud Services Agreement, Cloud Services Agreement, Cloud Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, SebastianXxxxxxxxx; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
Appears in 3 contracts
Samples: Master Services Agreement, Cloud Services Agreement, Master Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: Hosting of Celonis Software in the context of providing evaluation services (“Proof of Values” or “POVs”): As directed by the Controller, names and e-mail addresses may be inserted in the Celonis Software hosted as a Cloud Service for the purposes of a POV to automatically send reports relating to process analyses to the respective persons. Usernames User names are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud ServicePOV. Support Training Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- e-mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”)) or under a Services assignment, including for a POV.
2. Procedures of data processing Cloud Service Hosting: The Processor provides the functionalities of the Cloud Service Celonis Software including the data sets uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel processes these for the purposes of administering the support ticketsa POV. Shadowing Training Services: Exchange of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted contact details and storage in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participationProcessor’s contact database. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service Hosting: The Cloud Service Celonis Software provided during a POV on a cloud instance provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud Training: Execution and administration of Online Training Cloud training Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, SebastianXxxxxxxxx; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Microsoft Corporation, Redmond (WA), United States • Hosting location for Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Support of the Services through personnel of such Affiliate. Processor may use the following sub-processors (based on the respective Services according to the relevant Order): Celonis B.V., The Netherlands Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 2 contracts
Samples: Professional Services Agreement, Professional Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
Appears in 1 contract
Samples: Cloud Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: Hosting of Celonis Software in the context of providing evaluation services (“Proof of Values” or “POVs”): As directed by the Controller, names and e-mail addresses may be inserted in the Celonis Software hosted as a Cloud Service for the purposes of a POV to automatically send reports relating to process analyses to the respective persons. Usernames User names are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud ServicePOV. Support Training Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- e-mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”)) or under a Services assignment, including for a POV.
2. Procedures of data processing Cloud Service Hosting: The Processor provides the functionalities of the Cloud Service Celonis Software including the data sets uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel processes these for the purposes of administering the support ticketsa POV. Shadowing Training Services: Exchange of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted contact details and storage in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participationProcessor’s contact database. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service Hosting: The Cloud Service Celonis Software provided during a POV on a cloud instance provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud Training: Execution and administration of Online Training Cloud training Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Microsoft Corporation, Hosting of Cloud Service Redmond (WA), United States and processing of data • Hosting location for provided by the Controller Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Processor may use the following sub-processors (based on the respective Services according to the relevant Order): Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Celonis B.V., The Netherlands Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Support of the Services through personnel of such Affiliate. Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 1 contract
Samples: Professional Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Hosting of Cloud Service Seattle, United States and processing of data • Hosting location for provided by the Controller Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, Sebastian; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
Appears in 1 contract
Samples: Master Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: Hosting of Celonis Software in the context of providing evaluation services (“Proof of Values” or “POVs”): As directed by the Controller, names and e-mail addresses may be inserted in the Celonis Software hosted as a Cloud Service for the purposes of a POV to automatically send reports relating to process analyses to the respective persons. Usernames User names are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud ServicePOV. Support Training Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- e-mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”)) or under a Services assignment, including for a POV.
2. Procedures of data processing Cloud Service Hosting: The Processor provides the functionalities of the Cloud Service Celonis Software including the data sets uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel processes these for the purposes of administering the support ticketsa POV. Shadowing Training Services: Exchange of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted contact details and storage in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participationProcessor’s contact database. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service Hosting: The Cloud Service Celonis Software provided during a POV on a cloud instance provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud Training: Execution and administration of Online Training Cloud training Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, SebastianXxxxxxxxx; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Microsoft Corporation, Redmond (WA), United States • Hosting location for Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Celonis B.V., The Netherlands Support of the Services through personnel of such Affiliate. Processor may use the following sub-processors (based on the respective Services according to the relevant Order): Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 1 contract
Samples: Professional Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, SebastianXxxxxxxxx; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
9. Permitted Sub-processors Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Seattle, United States • Hosting location for Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller AbsorbLMS Technology Ltd., Dublin, Republic of Ireland Hosting of Online Training Cloud Processor may use the following sub-processors (based on the respective Services according to the relevant Order): HappyFox Inc., Frankfurt, Germany Operation of the Support Ticketing Tools Microsoft Corporation, Redmond (WA), United States • Hosting location for Customers in the United States and Canada: Washington, United States • Hosting location for Customers in Japan: Tokyo, Saitama, Japan • Hosting location for all other Customers: Frankfurt, Germany Hosting of Cloud Service and processing of data provided by the Controller Xxxxxxxxxx.xxx Germany GmbH, Munich, Germany Operation of the Support Ticketing Tools UserLane GmbH, Munich, Germany Operation of Guided Learning Tours within the Online Training Cloud Tool Our Affiliates (as applicable): Celonis SE, Germany Celonis, Inc., United States Celonis AB, Sweden Celonis ApS, Denmark Celonis B.V., The Netherlands Celonis Canada Ltd., Canada Celonis K.K., Japan Celonis L.L.C., Kosovo Celonis Ltd., United Kingdom Celonis SAS, France Celonis Schweiz GmbH, Switzerland Celonis S.L., Spain Celonis Srl, Italy Integromat s.r.o., Czech Republic Support of the Services through personnel of such Affiliate. For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection Name of the data exporting organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organisation: (the data exporter) And Name of the data importing organisation: Address: … Tel. …; fax …; e-mail: … Other information needed to identify the organization: (the data importer) each a ‘party’; together ‘the parties’, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Appears in 1 contract
Samples: Cloud Services Agreement
TERMS FOR THE SCCs. 11.1. The SCCs and the additional terms specified in this Section apply to (i) a customer which is subject to the Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom and, (ii) its Authorized Affiliates. For the purpose of the SCCs and this Section, the aforementioned entities shall be deemed “data exporters”.
11.2. This DPA and the Agreement are Your complete and final documented instructions at the time of signature of the Agreement to Us for the Processing of Personal Data. Any additional or alternate instructions must be agreed upon separately. For the purposes of Clause 5(a) of the SCCs, the following is deemed an instruction by You to process Personal Data: (a) Processing in accordance with the Agreement and applicable Order(s); (b) Processing initiated by Users in their use of the Services and (c) Processing to comply with other reasonable documented instructions provided by You (e.g., via e-mail) where such instructions are consistent with the terms of the Agreement.
11.3. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that (a) Our Affiliates may be retained as Sub-processors; and (b) Us and Our Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services. We shall make available to You the current list of Sub-processors.
11.4. Pursuant to Clause 5(h) of the SCCs, You acknowledge and expressly agree that We may engage new Sub-processors as described in Section 8 of the DPA.
11.5. The parties agree that the copies of the Sub-processor agreements that must be provided by Us to You pursuant to Clause 5(j) of the SCCs may have all commercial information, or clauses unrelated to the SCCs, removed by Us beforehand; and, that such copies will be provided by Us, in a manner to be determined in Our discretion, only upon request.
11.6. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the SCCs shall be carried out in accordance with the following specifications:
11.7. Upon Your request, and subject to the confidentiality obligations set forth in the Agreement, We shall make available to You or Your independent, third-party auditor information regarding the Our compliance with the obligations set forth in this DPA in the form of the third-party certifications and audits set forth in the Celonis Trust Center Documentation. You may contact xxxx@xxxxxxx.xxx to request an on-site audit of the procedures relevant to the protection of Personal Data. You shall reimburse Us for any time expended for any such on-site audit at the Our then-current Professional Services rates. Before the commencement of any such on-site audit, the parties shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which You shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Us. You shall promptly notify Us with information regarding any non-compliance discovered during the course of an audit.
11.8. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the SCCs shall be provided to You only upon Your request.
11.9. In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the SCCs) and the SCCs, the SCCs shall prevail.
1. Scope of data processing Cloud Service: As directed by the Controller, names and e-mail addresses may be inserted in the Cloud Service to automatically send reports relating to process analyses to the respective persons. Usernames are uploaded into the Cloud Service which then are pseudonymized. Controller can upload process data into the Cloud Service. This data may contain Personal Data of employees and/or customers of the Controller which Processor will host as part of the Cloud Service. Support Services : Processor’s personnel may access Controller’s instance or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Support Services (e.g. “shadowing”). In addition, Personal Data of Controller’s employees issuing Support Services requests (“tickets”) may be stored by Processor for the purposes of administrating the Support Services. Online Training Cloud : Controller’s personnel contact details (e- mail addresses) are stored and used for the transmission of training materials, the execution of trainings and for its certification. Professional Services : Processor’s personnel may access Controller’s instance, or be on Controller’s premises, or be provided Controller’s data excerpted from Controller’s Cloud Service instance on a case-by-case basis if requested by the Controller in the context of Professional Services (e.g. “shadowing”).
2. Procedures of data processing Cloud Service : The Processor provides the functionalities of the Cloud Service including the data uploaded and processed by Controller in a third-party data center. Sub-processor name and processing location (as applicable) Description of processing Amazon Web Services Inc., Hosting of Cloud Service Seattle, United States and processing of data • Hosting location for provided by the Controller Customers in the United States and Canada: North Virginia, United States • Hosting location for all other Customers: Frankfurt, Germany Support Services : The Support Ticketing Tool used by Processor is externally hosted in a data center and used by Processor’s personnel for the purposes of administering the support tickets. Shadowing of Users or otherwise accessing of data sets as part of Support Services only occurs where explicitly requested by the Controller. Online Training Cloud : Online Training is hosted in a data center. The training tool may be used to transmit invitations and certifications and for evidencing its participation. Professional Services : During the course of providing Professional Services for implementation, configuration or evaluation of the Cloud Services, Our personnel may have access to Customer Data containing Personal Data.
3. Purpose of data processing Cloud Service : The Cloud Service provides the tools to analyze processes based on data from IT systems of the Controller. Personal Data is primarily used to provide the affected person with information (e.g. the person would like to receive scheduled reports). If Personal Data is used for process analysis in which case usernames will be pseudonymized. Support Services : Support of the Cloud Service through provision of Support Services for the Controller. Online Training Cloud : Execution and administration of Online Training Cloud Services. Professional Service : Implementation, configuration and evaluation projects regarding the Cloud Service.
4. Categories of data which are processed under the instructions of the Controller User account related data. Depending on individual use case, processed personal data may also include, without limitation, names, identification numbers, business addresses, communication data (e. g. phone, cellphone, e-mail), process log data, usernames from the Controller’s IT / ERP system.
5. Data subjects Employees, customers, vendors, agents, or consultants of the Controller based on Services provided.
6. Data Protection Officer of the Processor : Xx. Xxxxxx, SebastianXxxxxxxxx; +00 00 0000 0000; xxxxxxx@xxxx.xx
7. Contact for the Processor : security- xxxxxxxx@xxxxxxx.xxx.
8. Contact for the Controller: To be provided by Controller via email to Processor at above address.
Appears in 1 contract
Samples: Master Services Agreement
