Data Protection. If Customer processes personal data for and on behalf of Supplier in connection with the provision of Goods/Services, it shall comply with relevant legislation, in particular Austria’s Data Protection Act [DSG] (as amended from time to time) and the EU General Data Protection Regulation. Accordingly, Customer shall enter into a controller/processor contract as defined in Art. 28 of the General Data Protection Regulation. Furthermore, if data are transferred – to Customer or its subcontractors – to a recipient domiciled in a country outside the European Economic Area and this is absolutely necessary for the performance, Customer is obligated to conclude EU standard contract clauses or equivalent contract templates issued by the European Commission as appropriate safeguards as defined in Art. 46 Paragraph 2 lit. c and d of the General Data Protection Regulation.
Data Protection. If Supplier processes Personal Information of behalf of Amgen, Supplier shall comply with Amgen’s Privacy and Data Protection Schedule. Supplier shall not provide the Amgen Group with any personal information, unless otherwise agreed in advance in writing by Amgen.
Data Protection. 19.1 For the purposes of this condition 19, Data Protection Laws means all data protection laws, regulatory requirements, guidance and codes of practice, including Regulation (EU) 2016/679 ("GDPR"), UK General Data Protection Regulation (“UK GDPR”), the Privacy and Electronic Communications (EC Directive) Regulations 2003 ("PECR") and the Data Protection Act 2018, PRC laws, regulations and national standards on data protection, and other laws and regulations as applicable and as amended and/or replaced from time to time, and the terms Controller, Data Processor, Personal Data and Processed shall have the definitions given to such terms in the GDPR.
19.2 Unless condition 19.3 below applies, or otherwise explicitly agreed in writing between the parties, you shall be deemed to be a Controller in respect of any Personal Data processed by you in connection with the Contract. You shall comply with the requirements of the Data Protection Laws applicable to Controllers in connection with the Contract and shall not knowingly do anything or permit anything to be done which might lead to a breach by the other party of the Data Protection Laws.
19.3 If you are acting as a Processor, you agree that the provisions set out in Appendix A shall govern the processing.
19.4 If you are transferring Personal Data internationally outside of China, you must obtain prior permission from us. Where directed you must enter into the 'Standard Contract for Outbound Cross-border Transfer of Personal Information' as defined by PRC PIPL.
Data Protection. 30.1 Personal data, whether sensitive or otherwise, disclosed to DTC from time to time will be recorded in a database and processed according to the requirements of DTC for the purposes of providing the services contemplated in this agreement, for consultancy and advisory services, direct marketing (such as informing you by mail, telephone, fax, e-mail or other means, about other products and services supplied by DTC and any subsidiaries, associates, agents or clients thereof and by other carefully selected third parties) and/or any other purpose that may be necessary for the execution of your instructions to DTC from time to time. Should the Customer not wish to have such personal data processed for direct marketing purposes, Customer is requested to advise DTC . accordingly in writing. The Customer is hereby giving his explicit consent to the processing of personal data as contemplated in and for the purposes provided for in this Clause.
Data Protection. Each Party shall process personal data under these GTC only in compliance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Directive – “