Use of Subprocessors. Where Processing is to be carried out by Subprocessors on behalf of Service Provider and with respect to the Services, the following rules shall apply: (a) Service Provider shall use only Subprocessors providing sufficient guarantees to implement appropriate technical and organizational measures so that the Processing meets the requirements of this GDPR Addendum. (b) Service Provider shall impose on each Subprocessor the same data protection obligations and standards that are imposed on Service Provider in this GDPR Addendum through a written contract or other legal act, including the obligations regarding the legality of crossborder data transfers. (c) The Subprocessors currently engaged by Service Provider are listed on xxxxx://xxxxxxxxxxx.xxx/legal/subprocessors. (d) Service Provider may, on no less than thirty (30) days written notice to Customer, make changes to the Subprocessors list. Customer may object to the appointment of a new Subprocessor or the addition of roles or responsibilities for an existing Subprocessor in writing, within fourteen (14) days of such notice, on reasonable grounds relating to the protection of Personal Data under this GDPR Addendum. If, within thirty (30) days of Customer’s written objection, the parties have not resolved the objection to their mutual satisfaction, either party may terminate the Agreement, and Customer will be entitled to a pro-rata refund of prepaid fees for the Services not performed as of the date of termination, if any. (e) If Service Provider is required to replace a Subprocessor on an emergency basis, due to reasons outside Service Provider’s control, Service Provider shall notify Customer as soon as reasonably practicable, and Customer shall retain the right to object to that Subprocessor pursuant to the section immediately above.
Appears in 3 contracts
Samples: GDPR Data Processing Addendum, GDPR Data Processing Addendum, GDPR Data Processing Addendum
Use of Subprocessors. Where Processing is to be carried out by Subprocessors on behalf of Service Provider and with respect to the Services, the following rules shall apply:
(a) Service Provider shall use only Subprocessors providing sufficient guarantees to implement appropriate technical and organizational measures so that the Processing meets the requirements of this GDPR Addendum.
(b) Service Provider shall impose on each Subprocessor the same or substantially similar data protection obligations and standards that are imposed on Service Provider in this GDPR Addendum through a written contract or other legal act, including the obligations regarding the legality of crossborder data transfers.
(c) The Subprocessors currently engaged by Service Provider are listed on xxxxx://xxxxxxxxxxx.xxx/legal/subprocessors.
(d) Service Provider may, on no less than thirty (30) days written notice to Customer, make changes to the Subprocessors list. Customer may object to the appointment of a new Subprocessor or the addition of roles or responsibilities for an existing Subprocessor in writing, within fourteen (14) days of such notice, on reasonable grounds relating to the protection of Personal Data under this GDPR Addendum. If, within thirty (30) days of Customer’s written objection, the parties have not resolved the objection to their mutual satisfaction, either party may terminate the Agreement, and Customer will be entitled to a pro-rata refund of prepaid fees for the Services not performed as of the date of termination, if any.
(e) If Service Provider is required to replace a Subprocessor on an emergency basis, due to reasons outside Service Provider’s control, Service Provider shall notify Customer as soon as reasonably practicable, and Customer shall retain the right to object to that Subprocessor pursuant to the section immediately above.
Appears in 2 contracts
Use of Subprocessors. Where Processing is to be carried out by Subprocessors a Subprocessor on behalf of Service Provider and with respect to the Services, the following rules shall apply:
(a) Service Provider shall use only Subprocessors providing sufficient guarantees to implement appropriate technical and organizational measures so that the Processing meets the requirements of this GDPR Addendum.
(b) Service Provider shall impose on each Subprocessor the same or substantially similar data protection obligations and standards that are imposed on Service Provider in this GDPR Addendum through a written contract or other legal act, including the obligations regarding the legality of crossborder data transfers.
(c) The Subprocessors currently engaged by Service Provider are listed on xxxxx://xxxxxxxxxxx.xxx/legal/subprocessors.
(d) Service Provider may, on no less than thirty (30) days written notice to Customer, make changes to the Subprocessors list. Customer may object to the appointment of a new Subprocessor or the addition of roles or responsibilities for an existing Subprocessor in writing, within fourteen (14) days of such notice, on reasonable grounds relating to the protection of Personal Data under this GDPR Addendum. If, within thirty (30) days of Customer’s written objection, the parties have not resolved the objection to their mutual satisfaction, either party may terminate the Services Agreement, and Customer will be entitled to a pro-rata refund of prepaid fees for the Services not performed as of the date of termination, if any.
(e) If Service Provider is required to replace a Subprocessor on an emergency basis, due to reasons outside Service Provider’s control, Service Provider shall notify Customer as soon as reasonably practicable, and Customer shall retain the right to object to that Subprocessor pursuant to the section immediately above.
Appears in 1 contract
Samples: Data Processing Addendum