Common use of Zscaler Guidelines and Responsibilities Clause in Contracts

Zscaler Guidelines and Responsibilities. 4.6.1 Zscaler shall process, use, and/or access Customer Data only for the purpose of providing the Products to Customer. To provide the Products to Customer, Zscaler may transfer and access Customer Data from locations where Authorized Users access and use the Products and/or where Zscaler provides and supports the Products. During the deployment process, Customer may choose to have its transaction logs stored in (1) the United States, or (2) the European Union and/or Switzerland. Any such transfers will be done in compliance with applicable laws and regulations. Zscaler reserves the right to manage bandwidth or route traffic across the Internet in a commercially optimal way, provided such actions do not compromise Zscaler’s obligations under this Agreement. 4.6.2 Zscaler maintains reasonable and appropriate physical, organizational, administrative, and technical safeguards designed to protect Customer Data from loss, misuses, unauthorized access, disclosure, alteration, and destruction (“Security Measures”). Zscaler is certified under ISO 27001 and System and Organization Controls (SOC) 2, Type II standards and is audited annually by a third party to ensure its ongoing compliance with these certifications. Zscaler regularly tests, assesses and evaluates the effectiveness of the Security Measures. Upon written request, Xxxxxxx agrees to provide Customer with a copy of its most recent ISO 27001 certificate and/or SOC 2, Type II report. Zscaler will not materially decrease the Security Measures during the Subscription Term. Zscaler will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and subcontractors/sub-processors to the extent applicable to their scope of performance. 4.6.3 Zscaler reserves the right to suspend Customer’s access to or download of Products in the event Customer’s use of the Products represents an imminent threat to Zscaler’s network, or if directed by a court or competent authority. In such cases, Zscaler will (i) suspend such Products only to the extent reasonably necessary to prevent any harm to Zscaler’s network (for example, blocking offending source IP addresses); (ii) use its reasonable efforts to promptly contact Customer and give Customer the opportunity to promptly change the configuration of its server(s) accordingly and/or work with Customer to promptly resolve the issues causing the suspension of such Products; and (iii) reinstate any suspended Products immediately after any issue is abated.

Zscaler Guidelines and Responsibilities. 4.6.1 Zscaler shall process, use, and/or access Customer Data only for the purpose of providing the Products to Customer. Zscaler may process and store Customer Data in the European Economic Area (the “EEA”), the United States and in other countries and territories; however, Customer may choose during the deployment process to store its Customer Logs in either (1) the United States or (2) the European Union and Switzerland. To provide the Products to Customerfacilitate its global operations, Zscaler may transfer and access Customer Data from locations where Authorized Users access and use around the Products and/or where world, including from other countries in which Zscaler provides and supports the Products. During the deployment process, Customer may choose to have its transaction logs stored in (1) the United States, or (2) the European Union and/or Switzerlandhas operations. Any such transfers will be done in compliance with applicable laws and regulations. Zscaler reserves the right to manage bandwidth or route traffic across the Internet in a commercially optimal way, provided such actions do not compromise Zscaler’s obligations under this Agreement. 4.6.2 Zscaler maintains reasonable and appropriate physical, organizational, administrative, and technical safeguards designed to protect Customer Data from loss, misuses, unauthorized access, disclosure, alteration, and destruction (“Security Measures”). Zscaler is certified under ISO 27001 and System and Organization Controls (SOC) 2, Type II standards and is audited annually by a third party to ensure its ongoing compliance with these certifications. Zscaler regularly tests, assesses and evaluates the effectiveness of the Security Measures. Upon written request, Xxxxxxx agrees to provide Customer with a copy of its most recent ISO 27001 certificate and/or SOC 2, Type II report. Zscaler will not materially decrease the Security Measures during the Subscription Term. Zscaler will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and subcontractors/sub-processors to the extent applicable to their scope of performance. 4.6.3 Zscaler reserves the right to suspend Customer’s access to or download of Products in the event Customer’s use of the Products represents an imminent threat to Zscaler’s network, or if directed by a court or competent authority. In such cases, Zscaler will (i) suspend such Products only to the extent reasonably necessary to prevent any harm to Zscaler’s network (for example, blocking offending source IP addresses); (ii) use its reasonable efforts to promptly contact Customer and give Customer the opportunity to promptly change the configuration of its server(s) accordingly and/or work with Customer to promptly resolve the issues causing the suspension of such Products; and (iii) reinstate any suspended Products immediately after any issue is abated.

Zscaler Guidelines and Responsibilities. 4.6.1 4.4.1 Zscaler shall process, use, and/or access Customer Data only for the purpose of providing the Products to Customer. Zscaler may process and store Customer Data in the European Economic Area (the “EEA”), the United States and in other countries and territories; however, Customer may choose during the deployment process to store its Customer Logs in either (1) the United States or (2) the European Union and Switzerland. To provide the Products to Customerfacilitate its global operations, Zscaler may transfer and access Customer Data from locations where Authorized Users access and use around the Products and/or where world, including from other countries in which Zscaler provides and supports the Products. During the deployment process, Customer may choose to have its transaction logs stored in (1) the United States, or (2) the European Union and/or Switzerlandhas operations. Any such transfers will be done in compliance with applicable laws and regulations. Zscaler reserves the right to manage bandwidth or route traffic across the Internet in a commercially optimal way, provided such actions do not compromise Zscaler’s obligations under this Agreement. 4.6.2 4.4.2 Zscaler maintains reasonable and appropriate physical, organizational, administrative, and technical safeguards designed to protect Customer Data from loss, misuses, unauthorized access, disclosure, alteration, and destruction (“Security Measures”). Zscaler is certified under ISO 27001 and System and Organization Controls (SOC) 2, Type II standards and is audited annually by a third party to ensure its ongoing compliance with these certifications. Zscaler regularly tests, assesses and evaluates the effectiveness of the Security Measures. Upon written request, Xxxxxxx agrees to provide Customer with a copy of its most recent ISO 27001 certificate and/or SOC 2, Type II report. Zscaler will not materially decrease the Security Measures during the Subscription Term. Zscaler will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and subcontractors/sub-sub- processors to the extent applicable to their scope of performance. 4.6.3 4.4.3 Zscaler reserves the right to suspend Customer’s access to or download of Products in the event Customer’s use of the Products represents an imminent threat to Zscaler’s network, or if directed by a court or competent authority. In such cases, Zscaler will (i) suspend such Products only to the extent reasonably necessary to prevent any harm to Zscaler’s network (for example, blocking offending source IP addresses); (ii) use its reasonable efforts to promptly contact Customer and give Customer the opportunity to promptly change the configuration of its server(s) accordingly and/or work with Customer to promptly resolve the issues causing the suspension of such Products; and (iii) reinstate any suspended Products immediately after any issue is abated.,