Common use of Processing description Clause in Contracts

Processing description. Subject matter and purpose Subject to the terms of the MSA, Secureworks provides information security services for the Customer and processes the Personal Data for the purpose of providing such services as set out in applicable Service Orders, SOWs, SLAs, Service descriptions or otherwise Duration of processing Secureworks will retain and process the Personal Data for the term of the MSA and in accordance with the provisions of this DPA regarding the return or deletion of the Personal Data Data subjects The Personal Data transferred may concern the following categories of data subjects: past, present and prospective (i) employees and partners, (ii) clients and individuals who use and access Customer information technology systems for which Secureworks provides services, (iii) advisors, consultants, contractors, subcontractors and agents; and (iv) complainants, correspondents and enquirers. Type of personal data For MSS Services: Personal Data may be contained: 1. within the security logs or alerts which may include information related to IT resources access, such as user name, identification number, location, IP address, MAC address or other device identifier, resource accessed, time of access and device name; 2. within context related to the security logs or alert which may include malicious files, network fragment, process details, domain name, network connections; and 3. within the user account created to access Secureworks MSS resources (e.g. Portal access). For SRC (Consulting) Services: Personal Data which may be processed by Secureworks if necessary for the provision of the Consulting Services may include any or all of the following: 1. contact details (which may include name, address, e-mail address, phone and fax contact details and associated local time zone information); 2. employment details (which may include company name, job title, grade, demographic and location data); 3. IT systems information (which may include user ID and password, computer name, domain name, IP address, and software usage pattern tracking information i.e. cookies); 4. data subject's e-mail content and transmission data which is available on an incidental basis for the provision of information technology consultancy, support and services (incidental access may include accessing the content of e-mail communications and data relating to the sending, routing and delivery of e-mails); 5. details of goods or services provided to or for the benefit of data subjects; 6. financial details (e.g. credit, payment and bank details) 7. special categories of data (if appropriate) which may involve the incidental processing of personal data which may reveal: racial or ethnic origin; political opinions; religious or philosophical beliefs; trade-union membership; genetic data and biometric data for the purpose of uniquely identifying a natural person; data concerning health (including physical or mental health or condition); sexual life or sexual orientation; criminal offences or alleged offences and any related court proceedings; social security files.

Processing description. Subject matter and purpose Subject to the terms of the MSA, Secureworks provides information security services for the Customer and processes the Personal Data for the purpose of providing such services as set out in applicable Service Orders, SOWs, SLAs, Service descriptions or otherwise Duration of processing Secureworks will retain and process the Personal Data for the term of the MSA and in accordance with the provisions of this DPA regarding the return or deletion of the Personal Data Data subjects The Personal Data transferred may concern the following categories of data subjects: past, present and prospective (i) employees and partners, (ii) clients and individuals who use and access Customer information technology systems for which Secureworks provides services, (iii) advisors, consultants, contractors, subcontractors and agents; and (iv) complainants, correspondents and enquirers. services Type of personal data For MSS ServicesMSS: any Personal Data may be contained: 1. ) within the security logs or alerts which may include information related to IT resources access, such as user name, identification number, location, IP address, MAC address or other device identifier, resource accessed, time of access and device name; 2. ) within context related to the security logs or alert which may include malicious files, network fragment, process details, domain name, network connections; and 3. ) within the user account created to access Secureworks MSS resources (e.g. Portal access). .) For SRC (Consulting) Services: Personal Data which may be processed by Secureworks if necessary for the provision of the Consulting Services may include any or all of the following: 1. − contact details (which may include name, address, e-mail address, phone and fax contact details and associated local time zone information); 2. − employment details (which may include company name, job title, grade, demographic and location data); 3. − IT systems information (which may include user ID and password, computer name, domain name, IP address, and software usage pattern tracking information i.e. cookies); 4. − data subject's e-mail content and transmission data which is available on an incidental basis for the provision of information technology consultancy, support and services (incidental access may include accessing the content of e-mail communications and data relating to the sending, routing and delivery of e-mails); 5. − details of goods or services provided to or for the benefit of data subjects; 6. − financial details (e.g. credit, payment and bank details) 7. − special categories of data (if appropriate) which may involve the incidental processing of include personal data which may reveal: reveals racial or ethnic origin; , political opinions; , religious or philosophical beliefs; trade-, trade union membership; genetic data opinions, memberships or activities, social security files, and biometric data for the purpose of uniquely identifying a natural person; data concerning health (including physical or mental health or condition); , sexual life or sexual orientation; and information regarding criminal offences or alleged offences and any related court proceedings; social security files.

Processing description. Subject matter and purpose Subject to the terms of the MSA, Secureworks provides information security services for the Customer and processes the Personal Data for the purpose of providing such services as set out in applicable Service Orders, SOWs, SLAs, Service descriptions or otherwise Duration of processing Secureworks will retain and process the Personal Data for the term of the MSA and in accordance with the provisions of this DPA regarding the return or deletion of the Personal Data Data subjects The Personal Data transferred may concern the following categories of data subjects: past, present and prospective (i) employees and partners, (ii) clients and individuals who use and access Customer information technology systems for which Secureworks provides services, (iii) advisors, consultants, contractors, subcontractors and agents; and (iv) complainants, correspondents and enquirers. services Type of personal data For MSS ServicesMSS: any Personal Data may be contained: 1. ) within the security logs or alerts which may include information related to IT resources access, such as user name, identification number, location, IP address, MAC address or other device identifier, resource accessed, time of access and device name; 2. ) within context related to the security logs or alert which may include malicious files, network fragment, process details, domain name, network connections; and 3. ) within the user account created to access Secureworks MSS resources (e.g. Portal access). For SRC (Consulting) Services: Personal Data which may be processed by Secureworks if necessary for the provision of the Consulting Services may include any or all of the following: 1. − contact details (which may include name, address, e-mail address, phone and fax contact details and associated local time zone information); 2. − employment details (which may include company name, job title, grade, demographic and location data); 3. − IT systems information (which may include user ID and password, computer name, domain name, IP address, and software usage pattern tracking information i.e. cookies); 4. − data subject's e-mail content and transmission data which is available on an incidental basis for the provision of information technology consultancy, support and services (incidental access may include accessing the content of e-mail communications and data relating to the sending, routing and delivery of e-mails); 5. − details of goods or services provided to or for the benefit of data subjects; 6. − financial details (e.g. credit, payment and bank details) 7. − special categories of data (if appropriate) which may involve the incidental processing of include personal data which may reveal: reveals racial or ethnic origin; , political opinions; , religious or philosophical beliefs; trade-, trade union membership; genetic data opinions, memberships or activities, social security files, and biometric data for the purpose of uniquely identifying a natural person; data concerning health (including physical or mental health or condition); , sexual life or sexual orientation; and information regarding criminal offences or alleged offences and any related court proceedings; social security files.