Common use of Third-Party Certifications and Audits Clause in Contracts

Third-Party Certifications and Audits. 6.2.1 Upon Customer’s request not more than once per year, and subject to the confidentiality obligations set forth in the Agreement, ClickDimensions shall make available to Customer that is not a competitor of ClickDimensions (or Customer’s independent, third-party auditor that is not a competitor of ClickDimensions) a copy of ClickDimensions’ then most recent third-party audits or certifications, as applicable. Notwithstanding the foregoing limitations, Customer may conduct an audit at any time in particular, if (i) a Customer Data Incident has occurred which concerns it; or (ii) an audit is formally requested by its data protection authority. 6.2.2 Upon Customer’s request, ClickDimensions will make available to Customer information necessary to demonstrate its compliance with the obligations set forth in this DPA. Where the mandatory Data Protection Laws and Regulations provide Customer with a direct audit right, ClickDimensions will allow for and operationally collaborate with audits, including inspections, conducted by Customer or another auditor designated by Customer (provided such an auditor is not a competitor of ClickDimensions and has duly executed a non-disclosure agreement with ClickDimensions). In case of such audit, Customer may contact ClickDimensions to request an on-site audit with at least sixty (60) days prior notice, which shall be limited to the audit of the architecture, systems and procedures relevant to the protection of Personal Data at ClickDimensions’ locations where Personal Data is stored. Before the commencement of any such on-site audit, Customer and ClickDimensions shall mutually agree upon the scope, timing, and duration of the audit, none of which shall adversely impact ClickDimensions’ business activities. Customer shall promptly notify ClickDimensions of any non-compliance discovered during the course of an audit. Customer shall bear the costs of all such audits, as well as of any follow-up requested by Customer to ClickDimensions

Third-Party Certifications and Audits. 6.2.1 Upon Customer’s request not more than once per yearat reasonable intervals, and subject to the confidentiality obligations set forth in the AgreementTerms of Services and this DPA, ClickDimensions Devolutions shall make available to Customer that is not a competitor of ClickDimensions Devolutions (or Customer’s independent, reputable, third-party auditor that is not a competitor of ClickDimensionsDevolutions and not in conflict with Devolutions) a copy of ClickDimensions’ then most recent third-party audits or certifications, as applicable. Notwithstanding the foregoing limitations, Customer may conduct an audit at any time in particular, if (i) a Customer Data Incident has occurred which concerns it; or (ii) an audit is formally requested by its data protection authority. 6.2.2 Upon Customer’s request, ClickDimensions will make available to Customer all information necessary to demonstrate its compliance with this DPA and the obligations set forth laid down in this DPA. Where Article 28 of the mandatory Data Protection Laws GDPR (as applicable) and Regulations provide Customer with a direct audit right, ClickDimensions will allow for and operationally collaborate with contribute to audits, including inspections, conducted by Customer or another auditor designated them (provided, however, that such information, audits, inspections and the results therefrom, including the documents reflecting the outcome of the audit and/or the inspections, shall only be used by Customer (to assess compliance with this DPA, and shall not be used for any other purpose or disclosed to any third party without Devolutions’ prior written approval and, upon Devolutions’ first request, Customer shall return all records or documentation in Customer’s possession or control provided such an auditor is not a competitor by Devolutions in the context of ClickDimensions and has duly executed a non-disclosure agreement with ClickDimensionsthe audit and/or the inspection). In case of Customer shall be fully responsible for bearing all the costs and expenses arising from or related to this Section and shall reimburse Devolutions for any time expended for any such audit, Customer may contact ClickDimensions to request an on-site audit with at least sixty (60) days prior noticethe Devolutions’ then-current professional services rates, which shall be limited made available to the audit of the architecture, systems and procedures relevant to the protection of Personal Data at ClickDimensions’ locations where Personal Data is storedCustomer upon request. Before the commencement of any such on-site audit, Customer and ClickDimensions Devolutions shall mutually agree upon the scope, timing, and duration of the auditaudit in addition to the reimbursement rate for which Customer shall be responsible. All reimbursement rates shall be reasonable, none of which shall adversely impact ClickDimensions’ business activitiestaking into account the resources expended by Devolutions. Customer shall promptly notify ClickDimensions of Devolutions with information regarding any non-compliance noncompliance discovered during the course of an audit. Customer shall bear the costs of all such audits, as well as of any follow-up requested by Customer to ClickDimensions.