{"component": "clause", "props": {"groups": [{"snippet": "In this clause:", "snippet_links": [{"key": "in-this-clause", "type": "clause", "offset": [0, 14]}], "samples": [{"hash": "eGqqXgF6VgA", "uri": "/contracts/eGqqXgF6VgA#data-processing", "label": "Grant Agreement", "score": 36.3730964661, "published": true}, {"hash": "2lWi1ZNbwP8", "uri": "/contracts/2lWi1ZNbwP8#data-processing", "label": "Supply Agreement", "score": 35.652885437, "published": true}, {"hash": "72EFgVI2GHN", "uri": "/contracts/72EFgVI2GHN#data-processing", "label": "Supply Agreement", "score": 35.6488800049, "published": true}], "size": 116, "hash": "de5a17372731064e4a606e4073883325", "id": 1}, {"snippet": "The Data Processor agrees to Process the Personal Data to which this Addendum applies in accordance with the terms and conditions set out in this Addendum, and in particular the Data Processor agrees:\n3.1. not to Process the Personal Data for any purpose other than the specific purpose of performing the Services set forth in this Addendum. The Data Processor also agrees it will not sell or rent the Personal Data for any purpose;\n3.2. to Process the Personal Data only on behalf of the Data Controller and at all times in compliance with the Data Controller\u2019s Instructions based on this Addendum. This Addendum and the Service Agreement are Data Controller\u2019s complete and final documented Instructions at the time of execution of the Service Agreement to the Data Processor for the Processing of Personal Data. Any additional or alternate Instructions must be agreed upon separately. Instructions orally given shall be promptly confirmed in writing by the Data Controller. If the Data Processor cannot provide such compliance for whatever reasons, it agrees to promptly notify the Data Controller of its inability to comply, unless laws applicable to the Data Processor prohibit such information on important grounds of public interest. Where the Data Processor believes that compliance with any Instructions by the Data Controller would result in a violation of Data Protection Laws and Regulations, the Data Processor shall notify the Data Controller thereof in writing without delay;\n3.3. that within the Data Processor\u2019s area of responsibility, the Data Processor shall structure its internal corporate organization to ensure compliance with the specific requirements of the protection of Personal Data. The Data Processor shall take appropriate technical and organizational measures to adequately protect Personal Data Processed on behalf of the Data Controller against misuse and loss in accordance with the requirements of Data Protection Laws and Regulations. An overview of the technical and organizational measures agreed at the time of execution of this Addendum between the Parties has been attached as Schedule 2 to this Addendum. The Data Processor regularly monitors compliance with these measures. The Data Processor may change the technical and organizational measures implemented to adequately protect the Data Controller\u2018s Personal Data against misuse and loss as long as such changes will not materially decrease the overall security of the Services during the subscription term;\n3.4. that persons entrusted with the Processing of the Data Controller\u2019s Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;\n3.5. not to divulge the Personal Data whether directly or indirectly to any person, firm or company or otherwise without the express prior written consent of the Data Controller except to those of the Data Processor\u2019s partners, officers, directors, employees, accountants, attorneys, independent contractors, temporary employees, affiliates, agents or any other representatives that may from time to time be employed, retained by, working for, or acting on behalf of, the Data Processor with a bona fide need to have access to such Personal Data (collectively, \u201cRepresentatives\u201d) and Subprocessors who are engaged in the Processing of the Personal Data and are subject to the obligations referred to in clause 3.3, or except as may be required by any law or regulation applicable to the Data Processor, its Representatives or Subprocessors;\n3.6. that it will notify the Data Controller in writing and without undue delay about:", "snippet_links": [{"key": "data-processor", "type": "definition", "offset": [4, 18]}, {"key": "agrees-to", "type": "clause", "offset": [19, 28]}, {"key": "in-accordance-with", "type": "clause", "offset": [86, 104]}, {"key": "the-terms-and-conditions", "type": "clause", "offset": [105, 129]}, {"key": "set-out", "type": "definition", "offset": [130, 137]}, {"key": "in-this-addendum", "type": "clause", "offset": [138, 154]}, {"key": "in-particular", "type": "clause", "offset": [160, 173]}, {"key": "purpose-of", "type": "clause", "offset": [279, 289]}, {"key": "performing-the-services", "type": "clause", "offset": [290, 313]}, {"key": "sell-or-rent", "type": "clause", "offset": [385, 397]}, {"key": "on-behalf-of", "type": "definition", "offset": [472, 484]}, {"key": "the-data-controller", "type": "definition", "offset": [485, 504]}, {"key": "at-all-times", "type": "definition", "offset": [509, 521]}, {"key": "compliance-with-the", "type": "clause", "offset": [525, 544]}, {"key": "based-on", "type": "clause", "offset": [576, 584]}, {"key": "service-agreement", "type": "definition", "offset": [622, 639]}, {"key": "complete-and-final", "type": "definition", "offset": [662, 680]}, {"key": "documented-instructions", "type": "definition", "offset": [681, 704]}, {"key": "time-of-execution", "type": "clause", "offset": [712, 729]}, {"key": "agreement-to", "type": "definition", "offset": [745, 757]}, {"key": "the-processing-of-personal-data", "type": "clause", "offset": [781, 812]}, {"key": "confirmed-in-writing", "type": "definition", "offset": [931, 951]}, {"key": "notify-the", "type": "clause", "offset": [1073, 1083]}, {"key": "inability-to-comply", "type": "clause", "offset": [1107, 1126]}, {"key": "applicable-to", "type": "definition", "offset": [1140, 1153]}, {"key": "information-on", "type": "clause", "offset": [1187, 1201]}, {"key": "public-interest", "type": "definition", "offset": [1223, 1238]}, {"key": "data-protection-laws-and-regulations", "type": "definition", "offset": [1366, 1402]}, {"key": "without-delay", "type": "definition", "offset": [1475, 1488]}, {"key": "area-of-responsibility", "type": "clause", "offset": [1528, 1550]}, {"key": "corporate-organization", "type": "clause", "offset": [1600, 1622]}, {"key": "ensure-compliance", "type": "clause", "offset": [1626, 1643]}, {"key": "requirements-of-the", "type": "clause", "offset": [1662, 1681]}, {"key": "protection-of-personal-data", "type": "clause", "offset": [1682, 1709]}, {"key": "measures-to", "type": "clause", "offset": [1782, 1793]}, {"key": "personal-data-processed", "type": "clause", "offset": [1813, 1836]}, {"key": "the-requirements", "type": "clause", "offset": [1913, 1929]}, {"key": "an-overview", "type": "clause", "offset": [1971, 1982]}, {"key": "the-technical", "type": "clause", "offset": [1986, 1999]}, {"key": "execution-of-this-addendum", "type": "clause", "offset": [2050, 2076]}, {"key": "between-the-parties", "type": "clause", "offset": [2077, 2096]}, {"key": "schedule-2", "type": "definition", "offset": [2118, 2128]}, {"key": "services-during", "type": "clause", "offset": [2464, 2479]}, {"key": "subscription-term", "type": "clause", "offset": [2484, 2501]}, {"key": "an-appropriate", "type": "clause", "offset": [2648, 2662]}, {"key": "obligation-of-confidentiality", "type": "clause", "offset": [2673, 2702]}, {"key": "directly-or-indirectly", "type": "clause", "offset": [2750, 2772]}, {"key": "any-person", "type": "definition", "offset": [2776, 2786]}, {"key": "firm-or-company", "type": "definition", "offset": [2788, 2803]}, {"key": "consent-of-the", "type": "clause", "offset": [2851, 2865]}, {"key": "independent-contractors", "type": "definition", "offset": [2988, 3011]}, {"key": "temporary-employees", "type": "definition", "offset": [3013, 3032]}, {"key": "other-representatives", "type": "definition", "offset": [3060, 3081]}, {"key": "from-time-to-time", "type": "clause", "offset": [3091, 3108]}, {"key": "bona-fide", "type": "definition", "offset": [3198, 3207]}, {"key": "access-to", "type": "clause", "offset": [3221, 3230]}, {"key": "engaged-in", "type": "definition", "offset": [3310, 3320]}, {"key": "processing-of-the-personal-data", "type": "clause", "offset": [3325, 3356]}, {"key": "the-obligations", "type": "clause", "offset": [3376, 3391]}, {"key": "in-clause", "type": "clause", "offset": [3404, 3413]}, {"key": "required-by", "type": "definition", "offset": [3439, 3450]}, {"key": "law-or-regulation", "type": "clause", "offset": [3455, 3472]}, {"key": "without-undue-delay", "type": "definition", "offset": [3605, 3624]}], "samples": [{"hash": "gbHSCmXEjfL", "uri": "/contracts/gbHSCmXEjfL#data-processing", "label": "Data Processing Addendum", "score": 31.6110515594, "published": true}, {"hash": "8skdFq9SW8Z", "uri": "/contracts/8skdFq9SW8Z#data-processing", "label": "Data Processing Agreement", "score": 31.3127498627, "published": true}, {"hash": "lE2gyZGbkXa", "uri": "/contracts/lE2gyZGbkXa#data-processing", "label": "Data Processing Agreement", "score": 31.2804718018, "published": true}], "size": 22, "hash": "acee541d682b608545568c2ec3d0f003", "id": 7}, {"snippet": "Red Cross operates the LMS as a nationwide system of course certification. It does not operate the LMS as a service to, or as an agent or for the benefit of, LTP. Insofar as Red Cross collects, processes, transmits, stores, or otherwise manages data, including personal data, contained in Course Records, it will not be doing so for, or on behalf of, or as a service to, LTP. Red Cross retains all rights in and to the LMS and any Course Records uploaded by LTP into the LMS.", "snippet_links": [{"key": "nationwide-system", "type": "definition", "offset": [32, 49]}, {"key": "course-certification", "type": "clause", "offset": [53, 73]}, {"key": "as-a-service", "type": "definition", "offset": [103, 115]}, {"key": "an-agent", "type": "clause", "offset": [126, 134]}, {"key": "for-the-benefit-of", "type": "definition", "offset": [138, 156]}, {"key": "personal-data", "type": "definition", "offset": [261, 274]}, {"key": "contained-in", "type": "definition", "offset": [276, 288]}, {"key": "course-records", "type": "clause", "offset": [289, 303]}, {"key": "on-behalf-of", "type": "definition", "offset": [337, 349]}, {"key": "all-rights", "type": "clause", "offset": [394, 404]}], "samples": [{"hash": "3oQRqMmY7oh", "uri": "/contracts/3oQRqMmY7oh#data-processing", "label": "Licensed Training Provider Agreement", "score": 36.2630500793, "published": true}, {"hash": "6KSPLPaynPV", "uri": "/contracts/6KSPLPaynPV#data-processing", "label": "Licensed Training Provider Agreement", "score": 35.3109588623, "published": true}, {"hash": "1j3zyEaxgmw", "uri": "/contracts/1j3zyEaxgmw#data-processing", "label": "Licensed Training Provider Agreement", "score": 35.2863197327, "published": true}], "size": 16, "hash": "b531643b5a79322866e502d5c1293b51", "id": 10}, {"snippet": "The Dell APEX Data Processing Addendum, including all updates during the Subscription Term, (\u201cADPA\u201d) describes the parties\u2019 respective roles for the processing and control of Personal Data that You may provide to Dell as part of the APEX Service. Dell will act as Your authorized data processor in respect of the data processing activities related to the APEX Service, as specified in the Agreement, the ADPA and the Service Offering Description. You are responsible for providing any necessary legal notices to Your personnel and/or End Users and obtaining any legally required consents related to Your use, collection, disclosure, sharing, cross border data transfer, and processing of Personal Data.", "snippet_links": [{"key": "data-processing-addendum", "type": "definition", "offset": [14, 38]}, {"key": "subscription-term", "type": "clause", "offset": [73, 90]}, {"key": "the-parties", "type": "definition", "offset": [111, 122]}, {"key": "respective-roles", "type": "clause", "offset": [124, 140]}, {"key": "processing-and-control-of-personal-data", "type": "clause", "offset": [149, 188]}, {"key": "provide-to", "type": "clause", "offset": [202, 212]}, {"key": "the-apex-service", "type": "clause", "offset": [229, 245]}, {"key": "data-processor", "type": "definition", "offset": [280, 294]}, {"key": "in-respect-of", "type": "definition", "offset": [295, 308]}, {"key": "activities-related-to", "type": "clause", "offset": [329, 350]}, {"key": "as-specified", "type": "clause", "offset": [369, 381]}, {"key": "in-the-agreement", "type": "clause", "offset": [382, 398]}, {"key": "service-offering-description", "type": "definition", "offset": [417, 445]}, {"key": "responsible-for", "type": "clause", "offset": [455, 470]}, {"key": "notices-to", "type": "clause", "offset": [501, 511]}, {"key": "your-personnel", "type": "clause", "offset": [512, 526]}, {"key": "end-users", "type": "clause", "offset": [534, 543]}, {"key": "required-consents", "type": "clause", "offset": [570, 587]}, {"key": "cross-border", "type": "definition", "offset": [642, 654]}, {"key": "data-transfer", "type": "clause", "offset": [655, 668]}, {"key": "processing-of-personal-data", "type": "clause", "offset": [674, 701]}], "samples": [{"hash": "3cjp50tW3Yz", "uri": "/contracts/3cjp50tW3Yz#data-processing", "label": "Apex Agreement", "score": 26.9383983612, "published": true}, {"hash": "lsZxYtiaVbR", "uri": "/contracts/lsZxYtiaVbR#data-processing", "label": "Apex Agreement", "score": 26.9096508026, "published": true}, {"hash": "lS7BECsJBbg", "uri": "/contracts/lS7BECsJBbg#data-processing", "label": "Apex Agreement", "score": 26.9096508026, "published": true}], "size": 20, "hash": "b541d29286dafe323aa45ec2e0b71680", "id": 9}, {"snippet": "1. Each Party shall permit a financial service supplier of another Party to transfer information in electronic or other form, into and out of its territory, for data processing where such processing is required in the ordinary course of business of such financial service supplier.\n2. Each Party shall adopt adequate safeguards for the protection of the right to privacy and the freedom from interference with the privacy, family, home or correspondence of individuals, in particular with regard to the transfer of personal data.", "snippet_links": [{"key": "each-party", "type": "clause", "offset": [3, 13]}, {"key": "another-party", "type": "definition", "offset": [59, 72]}, {"key": "transfer-information", "type": "definition", "offset": [76, 96]}, {"key": "in-the-ordinary-course-of-business", "type": "definition", "offset": [211, 245]}, {"key": "adequate-safeguards", "type": "clause", "offset": [308, 327]}, {"key": "privacy-and", "type": "definition", "offset": [363, 374]}, {"key": "in-particular", "type": "clause", "offset": [470, 483]}, {"key": "with-regard-to", "type": "clause", "offset": [484, 498]}, {"key": "the-transfer-of-personal-data", "type": "clause", "offset": [499, 528]}], "samples": [{"hash": "h0rUxcRB8Gr", "uri": "/contracts/h0rUxcRB8Gr#data-processing", "label": "Trade Agreement", "score": 26.8206710815, "published": true}, {"hash": "79wJMyMEs9L", "uri": "/contracts/79wJMyMEs9L#data-processing", "label": "Trade Agreement", "score": 26.8206710815, "published": true}, {"hash": "kH4H0KAKggR", "uri": "/contracts/kH4H0KAKggR#data-processing", "label": "Trade Agreement", "score": 26.6125946045, "published": true}], "size": 22, "hash": "7a9d44fc7ecb4f6462ed8589f2f4af0e", "id": 8}, {"snippet": "The APEX Partner Data Processing Addendum, including all updates during the Subscription Term (\u201cPartner DPA\u201d) describes the parties\u2019 respective roles for the processing and control of Personal Data the parties may exchange in the performance of this Agreement. You and Dell will act as independent controllers in respect of the data processing activities related to the data exchanged between the parties. You are responsible for providing any necessary legal notices to your personnel and/or purchasers, Customers, or End Users and obtaining any legally required consents related to Your use, collection, disclosure, sharing, cross border data transfer and processing of Personal Data.", "snippet_links": [{"key": "data-processing-addendum", "type": "definition", "offset": [17, 41]}, {"key": "subscription-term", "type": "clause", "offset": [76, 93]}, {"key": "respective-roles", "type": "clause", "offset": [133, 149]}, {"key": "processing-and-control-of-personal-data", "type": "clause", "offset": [158, 197]}, {"key": "performance-of-this-agreement", "type": "clause", "offset": [230, 259]}, {"key": "independent-controllers", "type": "clause", "offset": [286, 309]}, {"key": "in-respect-of", "type": "definition", "offset": [310, 323]}, {"key": "activities-related-to", "type": "clause", "offset": [344, 365]}, {"key": "between-the-parties", "type": "clause", "offset": [385, 404]}, {"key": "responsible-for", "type": "clause", "offset": [414, 429]}, {"key": "notices-to", "type": "clause", "offset": [460, 470]}, {"key": "your-personnel", "type": "clause", "offset": [471, 485]}, {"key": "end-users", "type": "clause", "offset": [519, 528]}, {"key": "required-consents", "type": "clause", "offset": [555, 572]}, {"key": "cross-border", "type": "definition", "offset": [627, 639]}, {"key": "data-transfer", "type": "clause", "offset": [640, 653]}, {"key": "processing-of-personal-data", "type": "clause", "offset": [658, 685]}], "samples": [{"hash": "tj68ft5ivt", "uri": "/contracts/tj68ft5ivt#data-processing", "label": "Reseller Agreement", "score": 27.4681720734, "published": true}, {"hash": "dcB1bxhJL9Y", "uri": "/contracts/dcB1bxhJL9Y#data-processing", "label": "Reseller Agreement", "score": 27.4681720734, "published": true}, {"hash": "5rTW3B54sBO", "uri": "/contracts/5rTW3B54sBO#data-processing", "label": "Reseller Agreement", "score": 27.4681720734, "published": true}], "size": 61, "hash": "9b38e4952e64255054d5576e9f238483", "id": 2}, {"snippet": "12.1 In this Clause 12, \u201cpersonal data\u201d, \u201cdata subject\u201d, \u201cdata controller\u201d, \u201cdata processor\u201d, and \u201cpersonal data breach\u201d shall have the meaning defined in the Data Protection Legislation.\n12.2 The Parties hereby agree that they shall both comply with all applicable data protection requirements set out in the Data Protection Legislation. This Clause 12 shall not relieve either Party of any obligations set out in the Data Protection Legislation and does not remove or replace any of those obligations.\n12.3 For the purposes of the Data Protection Legislation and for this Clause 12, the Service Provider is the \u201cData Processor\u201d and the Client is the \u201cData Controller\u201d.\n12.4 The Data Controller shall ensure that it has in place all necessary consents and notices required to enable the lawful transfer of personal data to the Data Processor for the purposes described in this Agreement.\n12.5 The Data Processor shall, with respect to any personal data processed by it in relation to its performance of any of its obligations under this Agreement:\n12.5.1 Process the personal data only on the written instructions of the Data Controller unless the Data Processor is otherwise required to process such personal data by law. The Data Processor shall promptly notify the Data Controller of such processing unless prohibited from doing so by law;\n12.5.2 Ensure that it has in place suitable technical and organisational measures (as approved by the Data Controller) to protect the personal data from unauthorised or unlawful processing, accidental loss, damage or destruction. Such measures shall be proportionate to the potential harm resulting from such events, taking into account the current state of the art in technology and the cost of implementing those measures.;\n12.5.3 Ensure that any and all staff with access to the personal data (whether for processing purposes or otherwise) are contractually obliged to keep that personal data confidential;\n12.5.4 Not transfer any personal data outside of the UK without the prior written consent of the Data Controller and only if the following conditions are satisfied:\n12.5.4.1 The Data Controller and/or the Data Processor has/have provided suitable safeguards for the transfer of personal data;\n12.5.4.2 Affected data subjects have enforceable rights and effective legal remedies;\n12.5.4.3 The Data Processor complies with its obligations under the Data Protection Legislation, providing an adequate level of protection to any and all personal data so transferred; and\n12.5.4.4 The Data Processor complies with all reasonable instructions given in advance by the Data Controller with respect to the processing of the personal data.\n12.5.5 Assist the Data Controller at the Data Controller\u2019s cost, in responding to any and all requests from data subjects and in ensuring its compliance with the Data Protection Legislation with respect to security, breach notifications, impact assessments, and consultations with supervisory authorities or regulators (including, but not limited to, the Information Commissioner\u2019s Office);\n12.5.6 Notify the Data Controller without undue delay of a personal data breach;\n12.5.7 On the Data Controller\u2019s written instruction, delete (or otherwise dispose of) or return all personal data and any and all copies thereof to the Data Controller on termination of this Agreement unless it is required to retain any of the personal data by law; and\n12.5.8 Maintain complete and accurate records of all processing activities and technical and organisational measures implemented necessary to demonstrate compliance with this Clause 12 and to allow for audits by the Data Controller and/or any party designated by the Data Controller.\n12.7 The Data Processor shall not sub-contract any of its obligations to a sub- contractor with respect to the processing of personal data under this Clause 13 without the prior written consent of the Data Controller (such consent not to be unreasonably withheld). In the event that the Data Processor appoints a sub-contractor, the Data Processor shall:\n12.7.1 Enter into a written agreement with the sub-contractor, which shall impose upon the sub-contractor the same obligations as are imposed upon the Data Processor by this Clause 13 and which shall permit both the Data Processor and the Data Controller to enforce those obligations; and\n12.7.2 Ensure that the sub-contractor complies fully with its obligations under that agreement and the Data Protection Legislation.\n12.8 Either Party may, at any time, and on at least 30 calendar days\u2019 notice, alter this Clause 13, replacing it with any applicable data processing clauses or similar terms that form part of an applicable certification scheme. Such terms shall apply when replaced by attachment to this Agreement.", "snippet_links": [{"key": "clause-12", "type": "clause", "offset": [13, 22]}, {"key": "data-processor", "type": "definition", "offset": [77, 91]}, {"key": "personal-data-breach", "type": "definition", "offset": [99, 119]}, {"key": "the-parties", "type": "definition", "offset": [193, 204]}, {"key": "comply-with", "type": "definition", "offset": [239, 250]}, {"key": "applicable-data-protection-requirements", "type": "definition", "offset": [255, 294]}, {"key": "set-out", "type": "definition", "offset": [295, 302]}, {"key": "either-party", "type": "definition", "offset": [372, 384]}, {"key": "purposes-of-the", "type": "clause", "offset": [517, 532]}, {"key": "the-service-provider", "type": "definition", "offset": [585, 605]}, {"key": "the-client", "type": "definition", "offset": [634, 644]}, {"key": "the-data-controller", "type": "definition", "offset": [676, 695]}, {"key": "in-place", "type": "definition", "offset": [721, 729]}, {"key": "notices-required", "type": "clause", "offset": [757, 773]}, {"key": "in-this-agreement", "type": "definition", "offset": [870, 887]}, {"key": "with-respect-to", "type": "clause", "offset": [920, 935]}, {"key": "personal-data-processed", "type": "clause", "offset": [940, 963]}, {"key": "in-relation-to", "type": "clause", "offset": [970, 984]}, {"key": "obligations-under-this-agreement", "type": "clause", "offset": [1015, 1047]}, {"key": "written-instructions", "type": "definition", "offset": [1094, 1114]}, {"key": "notify-the", "type": "clause", "offset": [1258, 1268]}, {"key": "technical-and-organisational-measures", "type": "clause", "offset": [1388, 1425]}, {"key": "approved-by", "type": "definition", "offset": [1430, 1441]}, {"key": "accidental-loss", "type": "definition", "offset": [1534, 1549]}, {"key": "damage-or-destruction", "type": "definition", "offset": [1551, 1572]}, {"key": "potential-harm", "type": "definition", "offset": [1618, 1632]}, {"key": "resulting-from", "type": "definition", "offset": [1633, 1647]}, {"key": "state-of-the-art", "type": "clause", "offset": [1693, 1709]}, {"key": "cost-of", "type": "definition", "offset": [1732, 1739]}, {"key": "all-staff", "type": "clause", "offset": [1797, 1806]}, {"key": "access-to-the", "type": "clause", "offset": [1812, 1825]}, {"key": "processing-purposes", "type": "definition", "offset": [1853, 1872]}, {"key": "consent-of-the", "type": "clause", "offset": [2036, 2050]}, {"key": "the-transfer-of-personal-data", "type": "clause", "offset": [2216, 2245]}, {"key": "legal-remedies", "type": "clause", "offset": [2317, 2331]}, {"key": "obligations-under-the", "type": "clause", "offset": [2379, 2400]}, {"key": "level-of-protection", "type": "clause", "offset": [2452, 2471]}, {"key": "all-personal-data", "type": "definition", "offset": [2483, 2500]}, {"key": "in-advance", "type": "clause", "offset": [2597, 2607]}, {"key": "processing-of-the-personal-data", "type": "clause", "offset": [2651, 2682]}, {"key": "assist-the", "type": "clause", "offset": [2691, 2701]}, {"key": "responding-to", "type": "clause", "offset": [2752, 2765]}, {"key": "requests-from-data-subjects", "type": "clause", "offset": [2778, 2805]}, {"key": "compliance-with-the-data-protection-legislation", "type": "clause", "offset": [2826, 2873]}, {"key": "breach-notifications", "type": "clause", "offset": [2900, 2920]}, {"key": "impact-assessments", "type": "clause", "offset": [2922, 2940]}, {"key": "supervisory-authorities", "type": "clause", "offset": [2965, 2988]}, {"key": "not-limited", "type": "clause", "offset": [3019, 3030]}, {"key": "information-commissioner", "type": "clause", "offset": [3039, 3063]}, {"key": "without-undue-delay", "type": "definition", "offset": [3109, 3128]}, {"key": "a-personal", "type": "clause", "offset": [3132, 3142]}, {"key": "otherwise-dispose-of", "type": "definition", "offset": [3220, 3240]}, {"key": "on-termination-of-this-agreement", "type": "clause", "offset": [3324, 3356]}, {"key": "complete-and-accurate-records", "type": "clause", "offset": [3442, 3471]}, {"key": "processing-activities", "type": "definition", "offset": [3479, 3500]}, {"key": "demonstrate-compliance", "type": "clause", "offset": [3568, 3590]}, {"key": "the-processing-of-personal-data", "type": "clause", "offset": [3817, 3848]}, {"key": "clause-13", "type": "clause", "offset": [3860, 3869]}, {"key": "consent-not-to-be-unreasonably-withheld", "type": "clause", "offset": [3933, 3972]}, {"key": "in-the-event", "type": "clause", "offset": [3975, 3987]}, {"key": "written-agreement", "type": "definition", "offset": [4085, 4102]}, {"key": "the-sub", "type": "clause", "offset": [4108, 4115]}, {"key": "at-any-time", "type": "clause", "offset": [4509, 4520]}, {"key": "calendar-days", "type": "clause", "offset": [4541, 4554]}, {"key": "similar-terms", "type": "clause", "offset": [4646, 4659]}, {"key": "certification-scheme", "type": "clause", "offset": [4692, 4712]}, {"key": "to-this-agreement", "type": "clause", "offset": [4765, 4782]}], "samples": [{"hash": "cmzODEntz19", "uri": "/contracts/cmzODEntz19#data-processing", "label": "Standard Service Agreement", "score": 32.153049469, "published": true}, {"hash": "8ttNwzA3aSg", "uri": "/contracts/8ttNwzA3aSg#data-processing", "label": "Standard Service Agreement", "score": 32.0271339417, "published": true}, {"hash": "eUO1NBFSrt7", "uri": "/contracts/eUO1NBFSrt7#data-processing", "label": "Standard Service Agreement", "score": 31.5042953491, "published": true}], "size": 25, "hash": "5531db0c14e46686b8511959ad57f9b8", "id": 6}, {"snippet": "The terms of the data processing addendum (\u201cDPA\u201d) shall apply to the provision of IFS Support Services in respect of the processing of Personal Data (as defined in the DPA) and in which case Customer shall be the controller and IFS shall be the processor. The DPA shall be incorporated into the Agreement provided, and from the date that, Customer sends to \u2587\u2587\u2587\u2587\u2587\u2587\u2587@\u2587\u2587\u2587.\u2587\u2587\u2587 a copy of the DPA signed by Customer in accordance with the instructions therein.", "snippet_links": [{"key": "data-processing-addendum", "type": "definition", "offset": [17, 41]}, {"key": "provision-of", "type": "clause", "offset": [69, 81]}, {"key": "ifs-support-services", "type": "clause", "offset": [82, 102]}, {"key": "in-respect-of", "type": "definition", "offset": [103, 116]}, {"key": "the-processing-of-personal-data", "type": "clause", "offset": [117, 148]}, {"key": "customer-shall", "type": "clause", "offset": [191, 205]}, {"key": "the-controller", "type": "clause", "offset": [209, 223]}, {"key": "the-processor", "type": "clause", "offset": [241, 254]}, {"key": "the-agreement", "type": "clause", "offset": [291, 304]}, {"key": "a-copy-of-the", "type": "clause", "offset": [373, 386]}, {"key": "by-customer", "type": "clause", "offset": [398, 409]}, {"key": "in-accordance-with", "type": "clause", "offset": [410, 428]}], "samples": [{"hash": "cjvO7tsE2Dy", "uri": "/contracts/cjvO7tsE2Dy#data-processing", "label": "End User License Agreement", "score": 35.9744644165, "published": true}, {"hash": "85T1pxPUDW1", "uri": "/contracts/85T1pxPUDW1#data-processing", "label": "End User License Agreement", "score": 35.9213104248, "published": true}, {"hash": "3SK3lPAaRzI", "uri": "/contracts/3SK3lPAaRzI#data-processing", "label": "End User License Agreement", "score": 35.9083709717, "published": true}], "size": 34, "hash": "240de5c97c34b481d2859ad9d83e751a", "id": 3}, {"snippet": "The administration and management of this Agreement may include \u2587\u2587\u2587\u2587\u2587\u2019s collection and processing of personal information. Such information includes non-sensitive information such as name, contact details, field of expertise and the content of this Agreement. This information may be transferred to trusted third parties for processing in countries located outside of that in which it was collected. Regardless of the country where this information is processed, Amgen maintains and requires its third-party processors to maintain appropriate administrative, technical and physical safeguards to protect the information. Transfers of personal information follow applicable laws and are subject to safeguards such as \u2587\u2587\u2587\u2587\u2587\u2019s Binding Corporate Rules (\u201cBCRs\u201d) or Standard Contractual Clauses. For information on Amgen\u2019s BCRs, visit \u2587\u2587\u2587\u2587://\u2587\u2587\u2587.\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587/bcr/. For information on Standard Contractual Clauses, contact \u2587\u2587\u2587\u2587\u2587\u2019s Data Protection Officer at \u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587@\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587. To exercise rights, including rights to access, correct, or request deletion of personal information (subject to certain restrictions imposed by law), contact \u2587\u2587\u2587\u2587\u2587\u2019s Data Protection Officer. To lodge a complaint about the processing of personal information, contact \u2587\u2587\u2587\u2587\u2587\u2019s Data Protection Officer or the applicable National Data Protection Authority. Supplier shall ensure that its personnel whose personal information is processed hereunder receives appropriate notice to allow for the processing of personal information consistent with this Section.", "snippet_links": [{"key": "management-of-this-agreement", "type": "clause", "offset": [23, 51]}, {"key": "collection-and", "type": "clause", "offset": [72, 86]}, {"key": "processing-of-personal-information", "type": "clause", "offset": [87, 121]}, {"key": "such-information", "type": "definition", "offset": [123, 139]}, {"key": "sensitive-information", "type": "clause", "offset": [153, 174]}, {"key": "contact-details", "type": "definition", "offset": [189, 204]}, {"key": "field-of", "type": "definition", "offset": [206, 214]}, {"key": "content-of-this-agreement", "type": "clause", "offset": [233, 258]}, {"key": "third-parties", "type": "clause", "offset": [307, 320]}, {"key": "the-country", "type": "definition", "offset": [414, 425]}, {"key": "party-processors", "type": "clause", "offset": [502, 518]}, {"key": "to-maintain", "type": "clause", "offset": [519, 530]}, {"key": "technical-and-physical-safeguards", "type": "clause", "offset": [559, 592]}, {"key": "the-information", "type": "clause", "offset": [604, 619]}, {"key": "transfers-of-personal-information", "type": "clause", "offset": [621, 654]}, {"key": "applicable-laws", "type": "definition", "offset": [662, 677]}, {"key": "subject-to", "type": "clause", "offset": [686, 696]}, {"key": "binding-corporate-rules", "type": "clause", "offset": [724, 747]}, {"key": "standard-contractual-clauses", "type": "clause", "offset": [760, 788]}, {"key": "information-on", "type": "clause", "offset": [794, 808]}, {"key": "data-protection-officer", "type": "definition", "offset": [921, 944]}, {"key": "exercise-rights", "type": "definition", "offset": [976, 991]}, {"key": "rights-to-access", "type": "clause", "offset": [1003, 1019]}, {"key": "deletion-of-personal-information", "type": "clause", "offset": [1041, 1073]}, {"key": "restrictions-imposed-by-law", "type": "clause", "offset": [1094, 1121]}, {"key": "the-processing", "type": "clause", "offset": [1192, 1206]}, {"key": "the-applicable", "type": "clause", "offset": [1275, 1289]}, {"key": "data-protection-authority", "type": "clause", "offset": [1299, 1324]}, {"key": "supplier-shall", "type": "clause", "offset": [1326, 1340]}, {"key": "notice-to", "type": "definition", "offset": [1438, 1447]}, {"key": "consistent-with", "type": "definition", "offset": [1497, 1512]}], "samples": [{"hash": "fjySDrFXrlX", "uri": "/contracts/fjySDrFXrlX#data-processing", "label": "Supplier Agreement", "score": 24.6379184723, "published": true}, {"hash": "c2VziEVcA09", "uri": "/contracts/c2VziEVcA09#data-processing", "label": "Supplier Agreement", "score": 24.6379184723, "published": true}, {"hash": "39CqcU7LRmD", "uri": "/contracts/39CqcU7LRmD#data-processing", "label": "Supplier Agreement", "score": 24.6379184723, "published": true}], "size": 25, "hash": "e2d1d112f3b196cd913978849452093c", "id": 5}, {"snippet": "16.1 In this clause:", "snippet_links": [{"key": "in-this-clause", "type": "clause", "offset": [5, 19]}], "samples": [{"hash": "gwFqdNhH9i8", "uri": "/contracts/gwFqdNhH9i8#data-processing", "label": "Service Agreement", "score": 34.8620300293, "published": true}, {"hash": "8kGpAUFMHjc", "uri": "/contracts/8kGpAUFMHjc#data-processing", "label": "Service Agreement", "score": 34.8620300293, "published": true}, {"hash": "kzbcePtokKx", "uri": "/contracts/kzbcePtokKx#data-processing", "label": "Service Agreement", "score": 34.6173324585, "published": true}], "size": 25, "hash": "d29268f6dd1926cef7883170dea0b3f7", "id": 4}], "next_curs": "ClgSUmoVc35sYXdpbnNpZGVyY29udHJhY3RzcjQLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhhkYXRhLXByb2Nlc3NpbmcjMDAwMDAwMGEMogECZW4YACAA", "clause": {"title": "Data Processing", "children": [["scope-and-roles", "Scope and Roles"], ["compliance-with-laws", "Compliance with Laws"], ["duration", "Duration"], ["purpose", "Purpose"], ["subject-matter", "Subject matter"]], "size": 1880, "parents": [["data-protection", "Data Protection"], ["miscellaneous", "Miscellaneous"], ["general", "General"], ["general-provisions", "General Provisions"], ["personal-data", "Personal Data"]], "id": "data-processing", "related": [["personal-data-processing", "Personal Data Processing", "Personal <strong>Data Processing</strong>"], ["details-of-data-processing", "Details of Data Processing", "Details of <strong>Data Processing</strong>"], ["data-processing-agreement", "Data Processing Agreement", "<strong>Data Processing</strong> Agreement"], ["data-processing-addendum", "Data Processing Addendum", "<strong>Data Processing</strong> Addendum"], ["sub-processing", "Sub-Processing", "Sub-Processing"]], "related_snippets": [], "updated": "2026-05-10T05:39:37+00:00", "also_ask": ["What are the essential data protection obligations that must be explicitly included in this clause?", "How can this clause be negotiated to allocate liability for data breaches most favorably?", "What are the most common enforceability challenges for data processing clauses in court?", "How does this clause compare to standard data processing provisions under GDPR or CCPA?", "What critical risks arise if data subprocessors are not clearly addressed in this clause?"], "drafting_tip": "Specify permitted data uses to prevent misuse, define security measures to ensure compliance, and require breach notification to enable timely response.", "explanation": "A Data Processing clause defines the rules and responsibilities for handling personal or sensitive data between parties, typically in compliance with data protection laws. It outlines how data should be collected, stored, processed, and shared, often specifying security measures, permitted uses, and obligations in the event of a data breach. This clause ensures that both parties understand their roles in safeguarding data, thereby reducing the risk of unauthorized access or misuse and helping to maintain legal compliance."}, "json": true, "cursor": ""}}