The Processors Undertakings Sample Clauses
The "Processor’s Undertakings" clause defines the obligations and commitments that a data processor must adhere to when handling personal data on behalf of a data controller. Typically, this clause outlines requirements such as following the controller’s instructions, implementing appropriate security measures, and ensuring that any sub-processors also comply with relevant data protection standards. Its core practical function is to ensure that the processor acts in accordance with data protection laws and the controller’s directives, thereby safeguarding personal data and clarifying responsibilities between the parties.
The Processors Undertakings. 5.1 The Processor undertakes to only process Personal Data in accordance with the Controller's instructions set forth in this Processing Agreement, the Processor's policies regarding processing of personal data applicable from time to time and the Controller's written instructions, unless such processing is necessary according to applicable law, and in such case the Processor shall inform the Controller of the legal requirement prior to conducting the processing (unless applicable legislation prohibits such information).
5.2 The Processor undertakes to only process Personal Data in accordance with Data Protection Legislation and without undue delay comply with all decisions and judgments of the Swedish Data Protection Authority, other competent authority, court or, where appropriate, arbitration tribunal regarding Personal Data;
5.3 The Processor also undertakes to:
a) not without the Controller's prior written authorisation transfer and/or disclose Personal Data to any third party;
b) keep all Personal Data strictly confidential and ensure that persons authorised to process Personal Data have undertaken to comply with confidentiality obligations in respect of Personal Data;
c) maintain written records of all processing activities relating to Personal Data in accordance with the requirements set forth in Data Protection Legislation; and
d) upon the Controller's request, provide the Controller with all relevant information and documentation demonstrating the measures taken by the Processor to fulfil its obligations under this Processing Agreement.
5.4 Should the Processor, in its opinion, consider that the Controller's instructions infringes Data Protection Legislation, the Processor shall immediately cease the processing based on such instructions and notify the Controller hereof and thereafter await further instructions.
5.5 The Processor shall promptly notify the Controller if the Processor suspects that Personal Data is subject to unauthorized, accidental or unlawful disclosure, destruction or alteration, and inform the Controller of other circumstances regarding the Processor's processing of Personal Data which can be assumed to be of significant importance to the Controller.
The Processors Undertakings