Common use of PROCESSING OF THE PERSONAL DATA Clause in Contracts

PROCESSING OF THE PERSONAL DATA. 2.1 The parties agree that the Customer is a data controller and that the Supplier is a data processor for the purposes of processing Personal Data. 2.2 Each party shall at all times in relation to processing connected with the Main Agreement comply with Data Protection Laws. 2.3 The Supplier shall only process the types of Personal Data relating to the categories of data subjects for the purposes of the Main Agreement and for the specific purposes in each case as set out in Annex 1 (Details of Processing of Personal Data) to this Addendum and shall not process, transfer, modify, amend or alter the Personal Data or disclose or permit the disclosure of the Personal Data to any third party other than in accordance with the Customer's documented instructions (whether in the Main Agreement or otherwise) unless processing is required by applicable law to which the Supplier is subject, in which case the Supplier shall to the extent permitted by such law inform the Customer of that legal requirement before processing that Personal Data. 2.4 The Supplier shall immediately inform the Customer if, in its opinion, an instruction pursuant to the Main Agreement or this Addendum infringes Data Protection Laws. 2.5 The Customer warrants to and undertakes with the Supplier that all data subjects of the Personal Data have been or will be provided with appropriate notices and information to establish and maintain for the relevant term the necessary legal grounds under Data Protection Laws for transferring the Personal Data to the Supplier to enable the Supplier to process the Personal Data in accordance with this Addendum and the Main Agreement.