GDPR Obligations Clause Samples
The GDPR Obligations clause sets out the responsibilities of the parties to comply with the General Data Protection Regulation (GDPR) when handling personal data. It typically requires both parties to implement appropriate technical and organizational measures to protect personal data, ensure lawful processing, and respond to data subject requests. This clause is essential for ensuring that all data processing activities within the contract adhere to legal requirements, thereby reducing the risk of regulatory penalties and safeguarding individuals' privacy rights.
GDPR Obligations. The College will regularly review this agreement and reserves the right to amend it in line with new guidance and to reflect changes in processing requirements.
GDPR Obligations. 9.1. Business Contact Information is business-related contact information disclosed by You to Responsiv, including names, job titles, business addresses, telephone numbers and email addresses of Licensee’s employees and contractors.
9.2. Business Contact Personnel are Your employees and contractors to whom the Business Contact Information relates.
9.3. You authorise Responsiv to process and use Business Contact Information within Responsiv and its partners to support You including the provision of support services, and for the purpose of furthering the business relationship between You and Responsiv, including, without limitation, contacting Business Contact Personnel (by email or otherwise) and marketing Responsiv products and services (the ″Specified Purpose″).
9.4. Responsiv agrees that all Business Contact Information will be processed in accordance with the GDPR and will be used only for the Specified Purpose.
9.5. To the extent required by the GDPR, You represent that You have obtained (or will obtain) any consents from (and has issued (or will issue) any notices to) the Business Contact Personnel as are necessary in order to enable Responsiv to process and use the Business Contact Information for the Specified Purpose.
9.6. You authorise Responsiv to transfer Business Contact Information outside the European Economic Area, provided that the transfer is made on contractual terms approved by the Data Protection Authority or the transfer is otherwise permitted under the Data Protection & Electronic Communications Legislation.
9.7. For purposes of this Item ″Personal Data″ has the meaning set out in the Data Protection Law and relates only to personal data, or any part of such personal data, in respect of which the Licensee is the Data Controller and in relation to which Responsiv is providing services under this Contract. In the context of GDPR the term means any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. The following provisions apply in the event that one party makes Personal Data available to the other:
9.7.1. Neither party will request Personal Data beyond what is necessary to ...
GDPR Obligations