Use of sub. processors 1. The data processor shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage an- other processor (a sub-processor). 2. The data processor shall therefore not engage another processor (sub-processor) for the fulfilment of the Clauses without the prior written general authorisation of the data controller. 3. The data processor has the data controller’s general authorisation for the engagement of sub-processors. The data processor shall inform in writing the data controller of any intended changes concerning the addition or replacement of sub-processors at least 30 days in advance, thereby giving the data controller the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). Longer time periods of prior notice for specific sub-processing services can be provided in Appendix B. The list of sub-processors al- ready authorised by the data controller can be found in Appendix B. 4. Where the data processor engages a sub-processor for carrying out specific processing activities on behalf of the data controller, the same data protection obligations as set out in the Clauses shall be imposed on that sub- processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the pro- cessing will meet the requirements of the Clauses and the GDPR. The data processor shall therefore be responsible for requiring that the sub-processor at least complies with the obligations to which the data processor is subject pursuant to the Clauses and the GDPR. 5. A copy of such a sub-processor agreement and subsequent amendments shall – at the data controller’s re- quest – be submitted to the data controller, thereby giving the data controller the opportunity to ensure that the same data protection obligations as set out in the Clauses are imposed on the sub-processor. Clauses on business related issues that do not affect the legal data protection content of the sub-processor agreement, shall not require submission to the data controller. 6. The data processor shall agree a third-party beneficiary clause with the sub-processor where – in the event of bankruptcy of the data processor – the data controller shall be a third-party beneficiary to the sub-processor agreement and shall have the right to enforce the agreement against the sub-processor engaged by the data processor, e.
Appears in 2 contracts
Samples: Data Processing Agreement, Data Processing Agreement
Use of sub. processors
1. The data processor shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage an- other another processor (a sub-processor).
2. The data processor shall therefore not engage another processor (sub-processorproces- sor) for the fulfilment of the Clauses without the prior general written general authorisation authori- sation of the data controller.
3. The data processor has the data controller’s general authorisation for the engagement en- gagement of sub-processors. The data processor shall inform in writing the data controller of any intended changes concerning the addition or replacement of sub-processors at least 30 days in advance, thereby giving the data controller the opportunity to object to such changes prior to the engagement of the concerned con- cerned sub-processor(s). Longer time periods of prior notice for specific sub-processing pro- cessing services can be provided in Appendix B. The list of sub-processors al- ready authorised by the data controller can be found in Appendix B.
4. Where the data processor engages a sub-processor for carrying out specific processing pro- cessing activities on behalf of the data controller, the same data protection obligations ob- ligations as set out in the Clauses shall be imposed on that sub- sub-processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organisational organi- sational measures in such a manner that the pro- cessing processing will meet the requirements require- ments of the Clauses and the GDPR. The data processor shall therefore be responsible for requiring that the sub-processor pro- cessor at least complies with the obligations to which the data processor is subject sub- ject pursuant to the Clauses and the GDPR.
5. A copy of such a sub-processor agreement and subsequent amendments shall – at the data controller’s re- quest request – be submitted to the data controller, thereby giving the data controller the opportunity to ensure that the same data protection protec- tion obligations as set out in the Clauses are imposed on the sub-processor. Clauses on business related issues that do not affect the legal data protection content of the sub-processor agreement, shall not require submission to the data controller.
6. The data processor shall agree a third-party beneficiary clause with If the sub-processor where – in does not fulfil his data protection obligations, the event data pro- cessor shall remain fully liable to the data controller as regards the fulfilment of bankruptcy the obligations of the sub-processor. This does not affect the rights of the data processor subjects under the GDPR – in particular those foreseen in Articles 79 and 82 GDPR – against the data controller shall be a third-party beneficiary to the sub-processor agreement and shall have the right to enforce the agreement against the sub-processor engaged by the data processor, e.including the sub- processor.
Appears in 1 contract
Samples: Data Processing Agreement
Use of sub. processors
1. The data processor shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage an- other another processor (a sub-processor).
2. The data processor shall therefore not engage another processor (sub-processor) for the fulfilment of the Clauses without the prior general written general authorisation of the data controller.
3. The data processor has the data controller’s general authorisation for the engagement of sub-processors. The data processor shall inform in writing the data controller of any intended changes concerning the addition or replacement of sub-processors at least 30 days in advance, thereby giving the data controller the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). Longer time periods of prior notice for specific sub-processing services can be provided in Appendix B. The list of sub-processors al- ready already authorised by the data controller can be found in Appendix B.
4. Where the data processor engages a sub-processor for carrying out specific processing activities on behalf of the data controller, the same data protection obligations as set out in the Clauses shall be imposed on that sub- sub-processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the pro- cessing processing will meet the requirements of the Clauses and the GDPR. The data processor shall therefore be responsible for requiring that the sub-processor at least complies with the obligations to which the data processor is subject pursuant to the Clauses and the GDPR.
5. A copy of such a sub-processor agreement and subsequent amendments shall – at the data controller’s re- quest request – be submitted to the data controller, thereby giving the data controller the opportunity to ensure that the same data protection obligations as set out in the Clauses are imposed on the sub-processor. Clauses on business related issues that do not affect the legal data protection content of the sub-processor agreement, shall not require submission to the data controller.
6. The data processor shall agree a third-party beneficiary clause with the sub-processor where – in the event of bankruptcy of the data processor – the data controller shall be a third-party beneficiary to the sub-sub- processor agreement and shall have the right to enforce the agreement against the sub-processor engaged by the data processor, e.
Appears in 1 contract
Samples: Standard Contractual Clauses
Use of sub. processors
1. The data processor shall meet the requirements specified in Article 28(2) and (4) GDPR in order to engage an- other another processor (a sub-processor).
2. The data processor shall therefore not engage another processor (sub-processor) for the fulfilment of the Clauses without the prior general written general authorisation of the data controller.
3. The data processor has the data controller’s general authorisation for the engagement of sub-processors. The data processor shall inform in writing the data controller of any intended changes concerning the addition or replacement of sub-processors at least 30 7 days in advance, thereby giving the data controller the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). Longer time periods of prior notice for specific sub-processing services can be provided in Appendix B. The list of sub-processors al- ready already authorised by the data controller can be found in Appendix B.
43. Where the data processor engages a sub-processor for carrying out specific processing activities on behalf of the data controller, the same data protection obligations as set out in the Clauses shall be imposed on that sub- sub-processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the pro- cessing processing will meet the requirements of the Clauses and the GDPR. The data processor shall therefore be responsible for requiring that the sub-processor at least complies with the obligations to which the data processor is subject pursuant to the Clauses and the GDPR.
54. A copy of such a sub-processor agreement and subsequent amendments shall – at the data controller’s re- quest request – be submitted to the data controller, thereby giving the data controller the opportunity to ensure that the same data protection obligations as set out in the Clauses are imposed on the sub-processor. Clauses on business related issues that do not affect the legal data protection content of the sub-processor agreement, shall not require submission to the data controller.
65. The data processor shall agree a third-party beneficiary clause with the sub-processor where – in the event of bankruptcy of the data processor – the data controller shall be a third-party beneficiary to the sub-processor agreement and shall have the right to enforce the agreement against the sub-processor engaged by the data processor, e.
Appears in 1 contract
Samples: Data Processing Agreement