Common use of Vendor's CCPA Obligations Clause in Contracts

Vendor's CCPA Obligations. 2.1 Vendor will only process Personal Information for the Contracted Business Purposes for which NTT provides or permits Personal Information access, including under any ’sale’ exemption. 2.2 Vendor will not process, sell, or otherwise make Personal Information available for Vendor's own commercial purposes or in a way that does not comply with the CCPA. If a law requires Vendor to disclose Personal Information for a purpose unrelated to the Contracted Business Purposes, Vendor must first inform NTT of the legal requirement and give NTT an opportunity to object or challenge the requirement, unless the law prohibits such notice. 2.3 Vendor will limit Personal Information processing to activities reasonably necessary and proportionate to achieve the Contracted Business Purposes or another compatible business purpose. 2.4 Vendor must promptly comply with any NTT request or instruction from Authorized Persons requiring Vendor to provide, amend, transfer, or delete the Personal Information, or to stop, mitigate, or remedy any unauthorized processing. 2.5 If the Contracted Business Purposes require the collection of Personal Information from consumers on NTT's behalf, NTT must provide Vendor with a CCPA-compliant notice addressing use and collection methods that NTT specifically pre-approves in writing. Vendor will not modify or alter the notice in any way without NTT's prior written consent. 2.6 If the CCPA permits, Vendor may aggregate, de-identify, or anonymize Personal Information so it no longer meets the Personal Information definition, and may use such aggregated, deidentified, or anonymized data for its own research and development purposes.

Vendor's CCPA Obligations. ‌ 2.1 Vendor will only process Personal Information for the Contracted Business Purposes for which NTT DATA provides or permits Personal Information access, including under any ’sale’ exemption. 2.2 Vendor will not process, sell, or otherwise make Personal Information available for Vendor's own commercial purposes or in a way that does not comply with the CCPA. If a law requires Vendor to disclose Personal Information for a purpose unrelated to the Contracted Business Purposes, Vendor must first inform NTT DATA of the legal requirement and give NTT DATA an opportunity to object or challenge the requirement, unless the law prohibits such notice. 2.3 Vendor will limit Personal Information processing to activities reasonably necessary and proportionate to achieve the Contracted Business Purposes or another compatible business purpose. 2.4 Vendor must promptly comply with any NTT DATA request or instruction from Authorized Persons requiring Vendor to provide, amend, transfer, or delete the Personal Information, or to stop, mitigate, or remedy any unauthorized processing. 2.5 If the Contracted Business Purposes require the collection of Personal Information from consumers on NTTNTT DATA's behalf, NTT DATA must provide Vendor with a CCPA-compliant notice addressing use and collection methods that NTT DATA specifically pre-approves in writing. Vendor will not modify or alter the notice in any way without NTTNTT DATA's prior written consent. 2.6 If the CCPA permits, Vendor may aggregate, de-identify, or anonymize Personal Information so it no longer meets the Personal Information definition, and may use such aggregated, deidentified, or anonymized data for its own research and development purposes.

Vendor's CCPA Obligations. 2.1 (a) Vendor will only process Personal Information collect, use, retain, or disclose personal information for the Contracted Business Purposes for which NTT Customer provides or permits Personal Information personal information access, including under any ’sale’ exemption. 2.2 (b) Vendor will not processcollect, use, retain, disclose, sell, or otherwise make Personal Information personal information available for Vendor's own commercial purposes or in a way that does not comply with the CCPA. If a law requires Vendor to disclose Personal Information personal information for a purpose unrelated to the Contracted Business PurposesPurpose, Vendor must first inform NTT the Customer of the legal requirement and give NTT the Customer an opportunity to object or challenge the requirement, unless the applicable law prohibits such notice. 2.3 (c) To the extent commercially reasonable, Vendor will limit Personal Information processing personal information collection, use, retention, and disclosure to activities reasonably necessary and proportionate to achieve the Contracted Business Purposes or another compatible business operational purpose. 2.4 (d) Vendor must promptly comply with any NTT Customer request or instruction from Authorized Persons requiring the Vendor to provide, amend, transfer, or delete the Personal Informationpersonal information, or to stop, mitigate, or remedy any unauthorized processing. If Customer is able to amend, transfer, or delete the personal information itself and chooses Vendor’s assistance, Customer agrees to pay reasonable fees for such assistance at a rate mutually agreed in advance between the parties. 2.5 (e) If the Contracted Business Purposes require the collection of Personal Information personal information from consumers individuals on NTTthe Customer's behalf, NTT must Vendor will always provide Vendor with a CCPA-compliant notice addressing use and collection methods that NTT specifically pre-approves in writing. Vendor will not modify or alter the notice in any way without NTT's prior written consentmethods. 2.6 (f) If the CCPA permits, Vendor may aggregate, de-identifydeidentify, or anonymize Personal Information personal information, so it no longer meets the Personal Information personal information definition, and may use such aggregated, deidentified, or anonymized data for its own research and development purposes. Vendor will not attempt to or actually re-identify any previously aggregated, deidentified, or anonymized data and will contractually prohibit downstream data recipients from attempting to or actually re-identifying such data.