Cross-Border Transfers Sample Clauses
POPULAR SAMPLE Copied 9 times
Cross-Border Transfers. If HTM Personal Data subject to the European Data Protection Laws is transferred outside of the European Economic Area, Switzerland or any European Commission approved country, then Customer hereby agrees to and hereby enters into the Controller to Controller Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses (Module One)) (“C2C SCCs”) with HTM, and the following terms shall apply: (A) HTM will be the “data exporter” and Customer will be the “data importer”; (B) the optional Clause 7 docking clause will not apply; (C) in Clause 11, the optional language will not apply; (D) in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law for personal data transferred out of the European Economic Area or Swiss law for personal data transferred out of Switzerland; (E) in Clause 18(b), disputes will be resolved before the courts of Ireland for personal data transferred out of the European Economic Area or Switzerland for personal data transferred out of Switzerland; (F) Annex I will be deemed completed with the information set out in Schedule 1 of this DPA Addendum, with HTM as the data exporter and Customer as the data importer; and (G) Annex II will be deemed completed with the information set out in Schedule 2 of the DPA. For purposes of any transfers of personal data also subject to the Swiss FADP, the C2C SCC shall apply with the following amendments:
(A) References to “Regulation (EU) 2016/679” or “that Regulation” are to be interpreted as references to the Swiss FADP;
(B) References to “Regulation (EU) 2018/1725” are removed; (C) References to “Union”, “EU”, and “EU Member State” shall be interpreted to mean Switzerland; (D) Clause 13 (a) and Part C of Annex I are not used and the competent supervisory authority is the Federal Data Protection and Information Commissioner (the “FDPIC”);
(E) Clause 17 is replaced to state that “These Clauses are governed by the laws of Switzerland”; (F) Clause 18 is replaced to state: “Any dispute arising from these Clauses relating to the Swiss FADP shall be resolved by the courts of Switzerland. A data subject may bring legal proceedings against the data exporter and/or data importer before the courts in the Canton of Zug. The parties agree to submit themselves to the jurisdiction of such courts.” If HTM Personal Data subject to UK Data Protection Laws is transferred outside of the UK, the International Data Transfer Addendum to the...
Cross-Border Transfers. The parties acknowledge that operation of the SAAS Product in the ordinary course of usage is likely to require international transfers of Customer Personal Data and the Customer hereby agrees to such transfers. The parties hereby agree to the Standard Contractual Clauses available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇.▇▇▇/mmco/standard-contractual-clauses/ which are hereby incorporated into and made part of this Agreement and shall apply solely with regard to those cross-border transfers of Customer Personal Data which are required to be covered by Standard Contractual Clauses. The parties hereby acknowledge and agree that for purposes of the Standard Contractual Clauses, Customer shall be deemed to be the “Controller” and Memcyco shall be deemed to be the “Processor.”
Cross-Border Transfers. Consistent with the terms of this DPA, Nectar HR will at all times provide an adequate level of protection for the Personal Data, wherever processed, in accordance with the requirements of applicable Data Protection Laws. To the extent that transfers of Personal Data occur under this DPA in connection with the Services, and such transfers are not to an Adequate Country, the parties agree that such transfers shall be subject to the Standard Contractual Clauses, conditioned on Nectar HR complying with (and requiring any Subcontractor to comply with) the Standard Contractual Clauses, which are incorporated by reference and form as an integral part of this DPA (see Schedule II attached hereto). For the purposes of the descriptions in the Standard Contractual Clauses and only as between Nectar HR and Client, Nectar HR agrees that it is a “data importer” and Client is the “data exporter” under the Standard Contractual Clauses. The parties acknowledge and agree that, given the types and categories of Personal Data processed by Nectar HR, any Transfer Impact Assessment (TIA) will only be undertaken by Nectar HR if, after a case-specific analysis of Client, Nectar HR determines such TIA is reasonable and appropriate in accordance with applicable Data Protection laws.
Cross-Border Transfers. 7.1 Save as expressed in paragraph 7.1, if Customer Data originates in the EEA or the UK, Darktrace will not transfer such Customer Data to a Third Country, without the prior written consent of Customer and not without procuring provision of adequate safeguards (as defined by relevant Authority from time to time) in accordance with applicable Data Protection Laws.
7.2 Customer Data may be hosted by the Cloud Provider in the Hosted Location specified in the Product Order Form. Customer acknowledges and consents to the processing of Customer Data outside of the EEA and UK, solely and to the extent necessary for Darktrace to provide the Services and for which purposes the relevant Standard Contractual Clauses shall apply.
7.3 When Customer is acting as a controller and transfers Customer Data originating in the:
(a) EEA, to a Processor located in a Third Country, the EU Controller‐to‐Processor Clauses will apply; and
(b) UK, to a Processor located in a Third Country, Information Commissioner’s Office of the United Kingdom’s International Data Transfer Addendum will apply.
7.4 When Darktrace, its affiliates, or any other identified or unidentified third party is acting as a Processor and transfers Customer Data originating in the:
(a) EEA, to a Processor located in a Third Country, the EU Processor‐to‐Processor Clauses will apply; and
(b) UK, to a Processor located in a Third Country, the Information Commissioner’s Office of the United Kingdom’s International Data Transfer Addendum will apply.
7.5 The Parties agree that Darktrace, may at its sole discretion, update and or entirely replace paragraphs 7.3(b) and 7.4(b) of this DPA, which concern transfers of Customer Data originating from the UK to a Third Country, if the Information Commissioner's Office provides an alternative or replacement recognized compliance standard for such transfers in accordance with the UK GDPR, to that already stated in this DPA. Darktrace will provide notice of such change in writing to Customer.
Cross-Border Transfers. In connection with the performance of these Terms and Conditions, CribMaster may transfer Personal Information to various locations. CribMaster will protect Personal Information in accordance with these Terms and Conditions regardless of the jurisdiction in which it is located. If required by applicable law, the parties will enter into EU Standard Contractual Clauses (Controller to Processor) or other similar agreements to facilitate transfer of Personal Information cross border.
Cross-Border Transfers. 9.1. Customer hereby authorizes Processor to transfer personal data to Processor's Affiliates in the United States to the extent such affiliates are certified to the EU-U.S. Privacy Shield Framework. Except as set forth in the previous sentence, Processor shall not transfer any personal data to a country outside of the European Economic Area without an adequate level of protection without express written approval from Customer, unless otherwise required to do so by European Law to which Processor is subject. In the event that European Law may require Processor to transfer personal data to such a country other than as authorized by Customer, Processor shall notify Customer of such European Law requirement before transferring personal data, unless such European Law prohibits such information on important grounds of public interest.
9.2. To the extent that Customer or Processor are relying on a specific statutory mechanism recognized under EU Data Protection Laws to lawfully transfer personal data to a country outside of the European Economic Area and such mechanism is subsequently modified, revoked or held in a court of competent jurisdiction to be invalid, Customer and Processor agree to cooperate in good faith to promptly terminate the transfer or to pursue a suitable alternate mechanism that can lawfully support the transfer.
Cross-Border Transfers. Vendor will ensure that Personal Information is not physically transferred to, accessed by, or otherwise processed by its employees or personnel in any country other than the E.E.A. unless agreed to in writing by Customer. At Customer’s request, Vendor and any of its affiliates or subcontractors will enter into an appropriate data processing agreement that incorporates the European Commission Standard Contractual Clauses between Controllers and Processors, or any similar agreement relating to other countries with Customer to allow Customer’s international offices to transfer Personal Information to Vendor and any of its affiliates or subcontractors.
Cross-Border Transfers. Where Personal Data originates from the European Economic Area and is transferred to the United States, SailPoint will act in compliance with the EU-U.S. Privacy Shield Framework. Where Personal Data originates from Switzerland and is transferred to the United States, SailPoint will act in compliance with the U.S.- Swiss Safe Harbor Framework. SailPoint has self-certified to the EU-U.S. Privacy Shield Framework and theU.S.- Swiss Safe Harbor Framework and will maintain such certification throughout the term of this Agreement.
Cross-Border Transfers. 2.3.1 The Partner hereby acknowledges and accepts that the Akamai platform is made up of servers owned and operated by Akamai and/or its Affiliates globally and that Akamai processes Agreement Personal Data not only in the applicable jurisdiction(s) where the Partner or Partner’s Clients operate, but also transfers Agreement Personal Data outside of such jurisdictions, dependent upon the location of the Partner’s or the Client’s end user and the Akamai servers serving those connections. Such cross-border transfers shall take place in accordance with applicable Data Protection Laws, including, without limitation, completing any required prior assessments. A list of all countries in which Akamai operates servers, including a list of all Akamai Affiliates that own such servers, as may be updated from time to time, is available in Akamai’s Privacy Trust Centre at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇.▇▇▇/us/en/multimedia/documents/akamai/points-of-presence-countries.pdf.
2.3.2 To the extent that Agreement Personal Data is subject to a cross-border transfer to a non-EU member country that does not have an EU adequacy determination, at least one of the Cross-Border Transfer Mechanism(s) listed below shall apply in the order of preference listed in the event that more than one mechanism applies:
(a) Binding Corporate Rules -- To the extent Akamai has adopted Binding Corporate Rules, it shall maintain such Binding Corporate Rules and promptly notify the Partner in the event that the Binding Corporate Rules are no longer a valid transfer mechanism between the parties.
Cross-Border Transfers. The following text is added to the Agreement: “Client (for itself and its relevant Affiliates), as data exporter, and ON24 and its relevant Affiliates, each as a data importer, hereby execute the Standard Contractual Clauses attached hereto as Exhibit A (the “SCCs”). The SCCs shall apply to any personal data processed by ON24 on behalf of Client pursuant to the Agreement (“Client personal data” hereunder), and shall take effect (a) in the event such Client personal data is transferred to, by or between ON24 and its Affiliates or Subprocessors, and (b) to the extent such transfer would be prohibited by the applicable data protection laws of the European Economic Area, the United Kingdom, and Switzerland (as amended). The parties agree that the SCCs hereby replace ON24’s obligations pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, with respect to any Client personal data transferred to the United States. With respect to the Client Personal Data subject to Data Protection Laws other than the GDPR and data protection laws of the United Kingdom, in the Standard Contractual Clauses, the terms “Member State” and “State” are replaced throughout by the word “jurisdiction,” “supervisory authority” will mean the relevant data protection regulator or other government body with authority to enforce Data Protection Laws, and references to “applicable data protection laws” and “Directive 95/46/EC” shall be replaced with the “applicable Data Protection Laws” as defined herein.”