International Processing. 8.1. Conditions for International Processing SAP shall be entitled to process Personal Data, including by using Subprocessors, in accordance with this DPA outside the country in which the Customer is located as permitted under Data Protection Law.
8.2. Applicability of the Standard Contractual Clauses (2010)
8.2.1. Where, for the period up to and including 26 September 2021, Personal Data of a Controller that is subject to GDPR is processed in a Third Country, or where Personal Data of a Swiss or United Kingdom based Controller or another Controller is processed in a Third Country and such international processing requires an adequacy means under the laws of the country of the Controller and the required adequacy means can be met by entering into Standard Contractual Clauses (2010), then:
a) SAP and Customer enter into the Standard Contractual Clauses (2010);
b) Customer joins the Standard Contractual Clauses (2010) entered into by SAP or SAP SE and the Subprocessor as an independent owner of rights and obligations; or
c) other Controllers whose use of the Cloud Services has been authorized by Customer under the Agreement may also enter into Standard Contractual Clauses (2010) with SAP or the relevant Subprocessors in the same manner as Customer in accordance with Section 8.2.1 a) and b) above. In such case, Customer will enter into the Standard Contractual Clauses (2010) on behalf of the other Controllers.
8.2.2. The Standard Contractual Clauses (2010) shall be governed by the law of the country in which the relevant Controller is established.
8.2.3. Where applicable Data Protection Law adopts the New Standard Contractual Clauses as meeting any required adequacy means as an alternative or update to the Standard Contractual Clauses (2010) then the New Standard Contractual Clauses shall apply in accordance with Section 8.3.
International Processing. 8.1. Conditions for International Processing SAP shall be entitled to process Personal Data, including by using Subprocessors, in accordance with this DPA outside the country in which the Customer is located as permitted under Data Protection Law.
International Processing. Customer acknowledges and agrees that Vendor may Process Personal Data on a global basis as necessary to provide the Products in accordance with the Agreement. Vendor shall ensure such transfers are made in compliance with the requirements of applicable Data Protection Laws.
International Processing. Notwithstanding Section 8 of the DPA, SAP confirms that when Customer Data is processed by SAP outside the State of Israel, the EU or the EEA or UK, SAP complies with the approved transfer mechanisms under the Protection of Privacy (Transfer of Data to Databases Abroad) Regulations, 5761-2001. Customer shall ensure that all necessary notices are provided to Data Subjects, and unless another legal bases set forth in the relevant data protection laws supports the lawfulness of the processing, that any necessary Data Subject consents to the processing are obtained, and that a record of such consent is maintained. Should such consent be revoked by a Data Subject, Customer shall communicate the fact of such revocation to SAP, and SAP shall act pursuant to Customer's instructions as seems appropriate.
International Processing. (a) Cross Border Transfers. Customer Personal Data that Riverbed Processes on Customer’s behalf may be transferred to, and stored and Processed in, the United States or any other country in which the Riverbed Group or its Subprocessors maintain facilities. Customer appoints Riverbed to perform any such transfer of Customer Personal Data to any such country and to store and Process Personal Data in order to provide the Services as permitted under Applicable Data Protection Law.
International Processing. 8.1. Conditions for International Processing SAP shall be entitled to process Personal Data, including by using Subprocessors, in accordance with this DPA outside the country in which the Customer is located as permitted under Data Protection Law.
8.2. Applicability of New Standard Contractual Clauses
8.2.1. The following shall solely apply in respect of New SCC Relevant Transfers:
8.2.1.1. Where SAP is not located in a Third Country and acts as a data exporter, SAP (or SAP SE on its behalf) has entered in to the New Standard Contractual Clauses with each Subprocessor as the data importer. Module 3 (Processor to Processor) of the New Standard Contractual Clauses shall apply to such New SCC Relevant Transfers.
8.2.1.2. Where SAP is located in a Third Country: SAP and Customer hereby enter into the New Standard Contractual Clauses with Customer as the data exporter and SAP as the data importer which shall apply as follows:
a) Module 2 (Controller to Processor) shall apply where Customer is a Controller; and
b) Module 3 (Processor to Processor) shall apply where Customer is a Processor. Where Customer acts as Processor under Module 3 (Processor to Processor) of the New Standard Contractual Clauses, SAP acknowledges that Customer acts as Processor under the instructions of its Controller(s).
8.2.2. Other Controllers or Processors whose use of the Cloud Services has been authorized by Customer under the Agreement may also enter into the New Standard Contractual Clauses with SAP in the same manner as Customer in accordance with Section 8.2.1.28.2.1.2 above. In such case, Customer enters into the New Standard Contractual Clauses on behalf of the other Controllers or Processors.
8.2.3. With respect to a New SCC Relevant Transfer, on request from a Data Subject to the Customer, Customer may make a copy of Module 2 or 3 of the New Standard Contractual Clauses entered into between Customer and SAP (including the relevant Schedules), available to Data Subjects.
International Processing. Company shall be entitled to process Personal Data, including by using Subprocessors or its Affiliates, in accordance with this Exhibit outside the country in which Customer is located as permitted under Data Protection Law. Company may process Personal Data outside the European Union provided that:
International Processing. GMS shall not process, or permit any third party to process, any Client Confidential Information or PHI outside of the United States or otherwise move such Confidential Information or PHI outside of the United States or across any national borders, except as expressly permitted by Client in this Agreement. GMS shall ensure that the processing of personal information outside of the GMS shall not access, store, or process—or permit any third party to access, store, or process—any Client Data outside of the United States or otherwise move such Client Data outside of the United States or across any national borders, except as expressly permitted by Client in this Agreement. GMS shall ensure that the processing of personal information outside of the United States, if any is permitted in this Agreement, complies with the data protection Laws applicable to the relevant jurisdictions including, where relevant, applicable European Laws relating to privacy and/or data protection which are applicable to either party, including: (a) the EU e-Privacy Directive 2002/58/EC as implemented by countries within the European Economic Area (“EEA”); (b) the EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) as implemented by countries within the EEA; and (c) other Laws that are similar, equivalent to, or successors to the Laws that are identified in (a) and (b) above. Outside of the United States and the EEA, GMS shall provide the following enhanced security elements: (i) implementation of enhanced physical security measures including the use of electronic access controls, CCTV, and intrusion detection systems; (ii) logical separation of Client Data from the data of GMS and GMS’ other customers; (iii) prohibition on functioning drives and ports by which Client Data could be copied or saved onto portable electronic media; (iv) prohibition on any local subcontracting of the processing of Client Data; and (v) prohibition on access to personal email and personal Internet access at any workstation capable of accessing Client Data. As used in this Section 8.6, the term “process” (and its corollaries) shall have the meaning set forth in applicable data protection Laws. For avoidance of doubt, to the extent set forth in a Statement of Work, GMS may use its offshore Affiliates in India, subject to prohibitions or limitations imposed by Federal, State, hospital and payor restrictions and obligations.
International Processing. This Section shall apply solely with respect to Transactions originating in jurisdictions other than the United States or Canada.
38.1. Company and International Member may, on thirty (30) days’ notice to International Provider (or such shorter notice to which International Provider may agree in its sole discretion), add countries to the list of Applicable Countries for International Member in Schedule C after the Effective Date by substituting a new Schedule C that is in writing and signed by Company and International Member.
38.2. International Member shall, where required by Laws in the processing of Transactions, issue a Value Added Tax (“VAT”) invoice and summary of Transactions. If VAT is chargeable in respect of all or any amounts paid to International Member under the Agreement, Company shall pay to International Member such VAT at the rate properly chargeable, in respect of the relevant supply of goods or services supplied by International Member.
38.3. Company and International Member further agree that they have mutually relied upon the representations of the other that the Agreement is entered for commercial or business purposes and not for personal, family or household purposes, that neither Company nor International Member is a consumer, and that each Party is engaged in their common trade. Company and International Member explicitly agree that where relevant, the provisions of the Payment Services Regulations 2017 (the “PSR”) passed by the Parliament of the United Kingdom shall be disapplied to the fullest extent allowed under law, including but not limited to the entirety of Part 6 of the PSR, together with all provisions of Part 7 of the PSR, which Company and International Member are entitled to contractually disapply. Master Services Agreement (v.1.8.21) General Terms and Conditions
38.4. For purposes of this Section 38.4, the terms “processing,” “controller” and “processor” shall have the meaning ascribed to them by the Data Protection Rules. Company is the controller, and International Member is the processor, in relation to processing of Transaction-related personal data in connection with the provision of Processing Services. The data processing activities carried out by International Member are as follows: Subject matter and duration of processing: Personal data is processed for the purpose of providing Processing Services under this Agreement during the term of this Agreement. Nature and purpose of the processing: Obtaining, record...
International Processing. We will be entitled to process Personal Data, including by using Subprocessors or Our Affiliates in accordance with this Exhibit outside the country in which You are located as permitted under Data Protection Law. We may process Personal Data outside the European Union provided that: - the country of destination is covered by an adequacy decision by the European Commission; or - the transfer is covered by appropriate guarantees such as the signature of Standard Contractual Clauses adopted by the European Commission.
