Uber Personal Data definition
Examples of Uber Personal Data in a sentence
Provider will not permit any Sub-processor to Process Uber Personal Data, unless Provider and the Sub-processor have entered into an agreement that imposes obligations on the Sub-processor that are no less restrictive and at least equally protective of Uber Personal Data than those imposed on Provider under this Agreement.
Upon reasonable advance written notice, Uber may (not more than once per year) during normal business hours and at its own expense, audit Provider’s facilities, networks, systems, procedures, Processing and maintenance of Uber Personal Data, and compliance with this Agreement.
In connection with its performance of the Services, Provider will Process the Uber Personal Data relating to the Uber Data Subjects described in Annex 1, which may be amended by the Parties in writing from time to time.
Provider will maintain appropriate measures to protect the integrity, security and confidentiality of all Uber Personal Data against any anticipated threats or hazards, and/or unauthorized access to or use of such data, which measures shall include at a minimum those set forth in Annex 2 to this Agreement.
In connection with its Processing of Uber Personal Data, Provider shall at all times comply with Uber’s written instructions pursuant the Main Agreement(s) and all applicable laws, rules and regulations, including but not limited to, all applicable Data Protection Law.
In the event that the Services require cross-border transfer of Uber Personal Data, to the extent required by applicable law, the Parties hereby incorporate, and Provider agrees to comply with, the Standard Contractual Clauses approved by the European Commission for data transfers, or other methods of transfer authorized under applicable laws.
Provider shall reasonably cooperate with such audit by providing access to knowledgeable personnel, physical premises as applicable, documentation, infrastructure, and any application software that Processes Uber Confidential Information and/or Uber Personal Data or otherwise has access to Uber’s networks and systems.
Provider is responsible for ensuring the compliance of Sub-processors with applicable Data Protection Law in connection with the Processing of Uber Personal Data.
Provider shall inform Uber as soon as possible if it receives a request or demand from a governmental or regulatory body with authority over Provider or Uber relating to Provider’s Processing of Uber Personal Data, and shall reasonably cooperate with Uber in connection with any response to such investigation or audit.
Provider shall notify Uber within seventy-two (72) hours of discovery of an actual unauthorized access to, acquisition or disclosure of Uber Personal Data, or other actual breach of security or confidentiality with respect to Uber Personal Data in Provider’s or its representatives’ control or possession (a “Data Security Incident”).