Common use of Customer Audits Clause in Contracts

Customer Audits. Acquia offers its Services in the cloud in a one-to-many business model that relies on standardization of best practices and industry standards for the benefit of its Customers and which is utilizing third-party providers and Sub-processors. As a result, onsite audits by Customers pose security and privacy risks to Acquia, other Acquia Customers and Acquia Sub-processors. Moreover, some Sub-processors such as Amazon Web Services (“AWS”) do not allow for physical audits of their data centers, but instead provide third party audits and certifications. It is for these reasons, among others, that Acquia’s security program consists of the audits, certifications and available documentation detailed in Section 13 “Acquia Certifications and Standards by Product Offering” above as part of balancing transparency regarding the security and privacy safeguards that Acquia has implemented, while also satisfying security and privacy requirements as part of security and privacy obligations to Acquia Customers, and its Sub-processors, including AWS. Therefore, Customer agrees to exercise its right to conduct an audit or inspection of Acquia’s processing of personal data within Customer Data by instructing Acquia to carry out audits as described above in Section 13 “Acquia Certifications and Standards by Product Offering” above using its current processes and timing. If Customer wishes to change this instruction regarding the audit or inspection, then Customer shall send such request by written notice to Acquia, and the parties agree to jointly discuss how to implement the changed instruction.