BCRs. If at any time after the date of this DPA, McAfee elects to use BCRs, McAfee shall transfer Personal Data in accordance with its BCRs. The Customer will be regarded as the Data Exporter and McAfee will be regarded as the Data Importer. Once approved, McAfee shall maintain its BCRs throughout the term of this DPA. Should McAfee cease to abide by such BCRs, McAfee will agree (i) to only transfer Personal Data pursuant to one of the appropriate transfer mechanisms set out under Sections 44 through 50 of the GDPR, and (ii) shall provide evidence of the chosen mechanism for the transfer of any Personal Data upon written request.
BCRs. For the Covered Services identified in Addendum B, the Workday BCRs apply to the Processing of Personal Data of a Customer or Customer Affiliate established in the EEA. In this event, all provisions of the Workday BCRs are incorporated by this reference and shall be binding and enforceable for Customer according to Section 1.4 of the Workday BCRs as if they were set forth in this DPE in their entirety. If any conflict or inconsistency arises between this DPE and the Workday BCRs, the Workday BCRs shall prevail.
BCRs. If at any time after the Effective Date, McAfee elects to use BCRs, McAfee shall transfer Personal Data in accordance with its BCR, and McAfee will be regarded as the Data Exporter and the Supplier will be regarded as the Data Importer. Once approved, McAfee shall maintain such BCR’s throughout the term of the Agreement. Should McAfee cease to abide by such BCR’s, the Parties will agree not to transfer any Personal Data outside the appropriate mechanisms provided under Sections 44 through 50 of the GDPR. EXHIBIT A – Technical and Organizational Measures The technical and organisational measures detailed under xxxxx://xxx.xxxxxx.xxx/content/dam/consumer/en- us/docs/legal/supplier-security-requirements.pdf are deemed incorporated herein, and summarizes the technical, organisational and physical security measures implemented by the Supplier. EXHIBIT B – Data Transfer Impact Assessment Questionnaire The Data Transfer Impact Assessment Questionnaire completed during Supplier’s on-boarding process is deemed incorporated herein. This Exhibit B forms part of the DPSA. Capitalized terms not defined in this Exhibit B have the meaning set forth in the DPSA.
BCRs. If at any time after the Effective Date, McAfee Enterprise elects to use BCRs, McAfee Enterprise shall transfer Personal Data in accordance with its BCR, and McAfee Enterprise will be regarded as the Data Exporter and the Supplier will be regarded as the Data Importer. Once approved, McAfee Enterprise shall maintain such BCR’s throughout the term of the Agreement. Should McAfee Enterprise cease to abide by such BCR’s, the Parties will agree not to transfer any Personal Data outside the appropriate mechanisms provided under Sections 44 through 50 of the GDPR. Signature: Schedule 1 Appendices to the Standard Contractual Clauses: Module 2 Appendix 1 of Schedule 1 - Description of the Parties (Module 2) This Appendix forms part of the Transfer Clauses and must be completed and signed by the Parties. The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix. Data exporter The Data Exporter is Musarubra Ireland Limited and its Affiliates worldwide, a global provider of security products and services. Data importer The Data Importer is the Supplier on behalf of itself and its Affiliates worldwide (“Data Importer”). The Data Importer provides products and/or services to the Data Exporter in relation to the Agreement, in the course of which it processes certain personal data as a processor. Appendix 2 of Schedule 1 - Description of the Transfers (Module 2) Data subjects The personal data transferred concern the following categories of data subjects (please specify): ☒ Current, former, prospective employees. ☒ Current, former, prospective employees and their dependents. ☒ where applicable Employees of Corporate customers ☒ where applicable McAfee consumer customers and former consumer customers ☒ Customer contacts
BCRs. Processing in compliance with Binding Corporate Rules (“BCRs”) in accordance with Data Protection Laws; or
BCRs. If at any time after the Effective Date, McAfee Enterprise elects to use BCRs, McAfee Enterprise shall transfer Personal Data in accordance with its BCR, and McAfee Enterprise will be regarded as the Data Exporter and the Supplier will be regarded as the Data Importer. Once approved, McAfee Enterprise shall maintain such BCR’s throughout the term of the Agreement. Should McAfee Enterprise cease to abide by such BCR’s, the Parties will agree not to transfer any Personal Data outside the appropriate mechanisms provided under Sections 44 through 50 of the GDPR. EXHIBIT A – Technical and Organizational Measures This Exhibit forms part of the DPSA and summarizes the technical, organisational and physical security measures implemented by the parties. In addition to any data security requirements set forth in the Services Agreement, Supplier shall comply with the following, unless otherwise indicated below and approved in writing by McAfee Enterprise.
