Common use of Data Protection Roles Clause in Contracts

Data Protection Roles. During the term of this Agreement, and in relation to any personal data you share with us, we agree that you will be the data controller and we will be the data processor. For the purposes of this Agreement, the scope, nature and purpose of processing of personal data by us is in relation to the processing of personal data of your clients/customers whilst providing our Services to you. Data Processing Consents. You will ensure that you have all necessary appropriate consents and notices in place to enable the lawful transfer of any personal data to us, for the duration and purposes of this Agreement. You will indemnify us in full for all liabilities, costs, expenses, damages and losses suffered or incurred by us arising out of or in connection with your breach of this clause. Data Processing Obligations. We will, in relation to any personal data processed in connection with the performance of our Services under this Agreement: process that personal data only in accordance with your instructions; ensure that we have in place appropriate technical and organisational measures to protect against unathorised or unlawful processing of personal data and against loss or destruction of personal data, appropriate to the harm that might result having regard to the state of technological development and the cost of implementing any such measures; ensure that all personnel who have access to and/or process personal data are obliged to keep the personal data confidential, safe and secure; not transfer any personal data outside of the UK unless we have provided appropriate safeguards are in place in relation to the transfer and that we have complied with our obligations under the relevant data protection legislation by providing an adequate level of protection to any personal data that is transferred; assist you, ay your cost, in responding to any request from a data subject and in ensuring compliance with our obligations under the data protection legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators; notify you, as soon as reasonably possible, on becoming aware of a personal data breach of any of your or your clients personal data; on your written request, delete or return any personal data we hold about you or your clients; and maintain complete and accurate records and information to demonstrate our compliance with this data protection clause.