Sub-processing Sample Clauses

Sub-processing. 11.1 The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the sub-processor which imposes the same obligations on the sub- processor as are imposed on the data importer under the Clauses. Where the sub-processor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the sub-processor’s obligations under such agreement. 11.2 The prior written contract between the data importer and the sub-processor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the sub-processor shall be limited to its own processing operations under the Clauses. 11.3 The provisions relating to data protection aspects for sub-processing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established, namely ........................................ 11.4 The data exporter shall keep a list of sub-processing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5(j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority.

Sub-processing. 10.1 In respect of any Processing of Personal Data performed by a third party on behalf of a Party, that Party shall: (a) carry out adequate due diligence on such third party to ensure that it is capable of providing the level of protection for the Personal Data as is required by the contract, and provide evidence of such due diligence to the other Party where reasonably requested; and (b) ensure that a suitable agreement is in place with the third party as required under applicable Data Protection Legislation.

Sub-processing. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the sub-processor which imposes the same obligations on the sub-processor as are imposed on the data importer under the Clauses. Where the sub-processor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the sub-processor’s obligations under such agreement.

Sub-processing. (a) The Controller hereby authorizes the appointment and use of Sub-processor(s) engaged by the Processor for the provision of the Services. The Controller approves the Sub-processor(s) set out in Annex 5. (b) The Controller acknowledges and agrees that: (i) Wolters Kluwer Group may be retained as Sub- processors; and (ii) the Processor and Wolters Kluwer Group respectively may engage third-party Sub- processors (and permit each Sub-Processor appointed under this clause 5 to appoint sub-processors) in connection with the provision of the Services. (c) In case the Processor intends to engage new or additional Sub-processors, the Controller hereby provides general written authorization for the Processor to do so, provided that the Processor shall inform the Controller of any intended changes concerning the addition or replacement of any Sub-processor ("Sub-processor Notice") such notice to be provided through Finsit or on the GDPR page at xxxxx://xxx.xxx.xx.xx/softwaresupport/2015/home.asp or any dedicated websites of Processor from time to time (“Sub-processor List Website”). The Controller is responsible for visiting the Sub-processor List Website from time to time. If the Controller has a reasonable basis to object to the use of any such new or additional Sub-processor, the Controller shall notify the Processor promptly in writing within 14 days after publication of the Sub-processor Notice. In the event the Controller objects to a new or additional Sub-processor, and that objection is not unreasonable, the Processor will use reasonable efforts to make available to the Controller a change in the Services or recommend a commercially reasonable change to the Controller’s configuration or use of the Services to avoid Processing of Personal Data by the objected-to new or additional Sub-processor without unreasonably burdening the Controller. If the Processor is unable to make available such change within a reasonable period of time, which shall not exceed ninety (90) days, the Controller may terminate (notwithstanding any contrary provision in the Services Agreement and without liability to the Controller) the affected part of the Services Agreement with respect only to those Services which cannot be provided by the Processor without the use of the objected-to new or additional Sub-processor by providing written notice to the Processor. (d) The Processor and/or Wolters Kluwer Group shall impose the same data protection obligations as set out in this DPA on an...

Sub-processing. 5.1. Controller authorizes Processor and each Processor Affiliate to appoint (and permit each Sub Processor appointed in accordance with this Section 5 to appoint) Sub Processors in accordance with this Section 5 and any restrictions in the Agreement. 5.2. Processor and each Processor Affiliate may continue to use those Sub Processors already engaged by Processor or any Processor Affiliate as of the date of this DPA, including for the purpose of cloud hosting services by reputable Sub Processors, to the extent necessary to perform Processor's obligations under the Agreement, as well as any Sub Processors whom Controller requested Processor to use. 5.3. Processor may appoint new Sub Processors and shall give notice of the appointment of any new Sub Processor (for instance by e-mail), whether by general or specific reference to such Sub Processor (e.g., by name or type of service), including relevant details of the Processing to be undertaken by the new Sub Processor. If, within seven (7) days of such notice, Controller notifies Processor in writing of any objections (on reasonable grounds) to the proposed appointment, Processor shall not appoint for the processing of Controller Personal Data the proposed Sub Processor until reasonable steps have been taken to address the objections raised by Controller, and Controller has been provided with a reasonable written explanation of the steps taken. Where such steps are not sufficient to relieve Controller’s reasonable objections then Controller or Processor may, by written notice to the other Party, with immediate effect, terminate the Agreement to the extent that it relates to the Services which require the use of the proposed Sub Processor without bearing liability for such termination. 5.4. With respect to each new Sub Processor, Processor shall: 5.4.1. before the Sub Processor first Processes Controller Personal Data, take reasonable steps (for instance by way of reviewing privacy policies as appropriate) to ensure that the Sub Processor is committed to provide the level of protection for Controller Personal Data required by the Agreement; and 5.4.2. ensure that the arrangement between the Processor and the Sub Processor is governed by a written contract, including terms which offer materially similar level of protection for Controller Personal Data as those set out in this DPA that meet the requirements of Applicable Laws.

Sub-processing. 6.1 Each Subscriber Group Member authorizes iCIMS and each iCIMS Affiliate to appoint (and permit each Sub- Processor appointed in accordance with this Section 6 to appoint) Sub-Processors in accordance with this Section 6 and any restrictions in the Subscription Agreement. 6.2 iCIMS and each iCIMS Affiliate may continue to use those Sub-Processors already engaged by iCIMS or any iCIMS Affiliate as at the date of this Addendum, subject to iCIMS and each iCIMS Affiliate in each case as soon as practicable meeting the obligations set out in Section 6.4. The list of Sub-Processors used to provide the Subscription and their country or location of Processing may be accessed at xxxxx://xxxxx.xxxx/GDPR- subprocessors. iCIMS provides a mechanism which may be accessed at xxxxx://xxx.xxxxx.xxx/gc for Subscriber to subscribe to receive email notice when iCIMS intends to add or replace a Sub-Processor, and if Subscriber subscribes, iCIMS shall provide notification to Subscriber of such changes. 6.3 Subscriber may object to iCIMS’ proposed Sub-Processor changes by notifying iCIMS within thirty (30) days of iCIMS’ notice in accordance with the mechanism set forth in Section 6.2 (the “Objection Period”) if Subscriber reasonably determines such Sub-Processor is unable to Process Subscriber Personal Data in accordance with the terms of this Addendum. Such notice shall explain the Subscriber’s good-faith, reasonable grounds for the objection. If iCIMS receives a Sub-Processor objection notice from Subscriber within the Objection Period: 6.3.1 iCIMS shall work with Subscriber in good faith to make available a reasonable change in the provision of the Subscription or recommend a reasonable change to Subscriber’s configuration or use of the Subscription which avoids the use of the proposed Sub-Processor; and where such a change cannot be made within thirty (30) days from iCIMS’ receipt of Subscriber's objection notice, notwithstanding anything in the Subscription Agreement, Subscriber may by written notice to iCIMS within such 30-day period, with immediate effect, terminate the applicable Order Form(s) with respect only to those Subscriptions (i.e., product offering, portal, module, line item) which cannot be provided by iCIMS without the use of the objected-to new Sub-Processor (the “Terminated Service Portion”). iCIMS will refund to Subscriber any prepaid fees covering the remainder of the Subscription Period for the Terminated Service Portion following the effective date of...

Sub-processing. 9.1. Customer agrees that MailerLite may engage Sub-Processors to Process Customer Data on Customer's behalf. The Sub-Processors currently engaged by MailerLite and authorized by Customer are listed in the Annex.

Sub-processing. The Service rests on the infrastructure services of Amazon (AWS) who acts as a sub-pro- cessor under the Provider’s control. A GDPR compliant data processing addendum is incorporated in the agree- ment between AWS and the Provider. The Provider will inform You of any changes of sub-processors.

Sub-processing. 13.1 ‘Sub-Processing’, in the meaning of this Agreement, does not include ancillary services, such as telecommunication services, postal / transport services, maintenance and user support services or the disposal of data carriers, as well as other measures to ensure the confidentiality, availability, integrity and resilience of the hardware and software of data Processing equipment. The Processor shall, however, be obliged to make appropriate and legally binding contractual arrangements and take appropriate inspection measures to ensure the data protection and the data security of the Controller's data, even in the case of outsourced ancillary services to Sub-Processors. 13.2 The Controller agrees to the commissioning of the following sub-processors on the condition of a contractual agreement in accordance with applicable data protection laws: Sub-Processor Address / country Service Amazon Web Services Ireland Secure Cloud Service Platform for Database Storage 13.3 Outsourcing to further Sub-Processors or changing any existing Sub-Processors is permissible if the Processor informs the Controller of the identity of the Sub- Processor and the scope of the planned Sub-Processing in writing or in text form and the Controller does not object to the planned Sub-Processing in writing or in text form within ten (10) business days as from giving notice by the Processor. The Controller shall not unreasonably object to the planned Sub- Processing. In addition, the following provisions apply: (a) the transfer of Personal Data to the Sub-Processor and the Sub-Processor’s commencement of the data Processing shall only be undertaken after compliance with all requirements has been achieved; (b) if the Sub-Processor provides the agreed service outside the EU/EEA, the Processor shall ensure compliance with Applicable Laws; and (c) the Processor shall impose on the Sub-Processor the same data protection obligations as set out in this Agreement, in particular with regard to the provision of sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the Processing will meet the requirements of the Applicable Law. 13.4 With respect to each Sub-Processor, the Processor will before the Sub- Processor first Processes any data of the Controller, carry out adequate due diligence to ensure that the Sub-Processor is capable of providing the level of protection for the Personal Data required by this Agreement and shall ensure that the agr...

Sub-processing. 7.1. Controller authorizes Processor to appoint (and permits each Sub Processor appointed in accordance with this Section 7 to appoint) Sub Processors in accordance with this Section 7. 7.2. Processor may continue to use those Sub Processors already engaged by Processor as identified to Controller as of the date of this DPA. 7.3. Processor may appoint new Sub Processors and shall give notice of any such appointment to Controller. If, within seven (7) days of such notice, Controller notifies Processor in writing of any reasonable objections to the proposed appointment, Processor shall not appoint the proposed Sub Processor for the Processing of Controller Personal Data until reasonable steps have been taken to address the objections raised by Controller and Controller has been provided with a reasonable written explanation of the steps taken. Where such steps are not sufficient to relieve Controller's reasonable objections, each of Controller or Processor may, by written notice to the other party and with immediate effect, terminate the Agreement to the extent that it relates to the Services requiring the use of the proposed Sub Processor. In such event, the terminating party shall not bear any liability for such termination. 7.4. With respect to each new Sub Processor, Processor shall: 7.4.1. Prior to the Processing of Controller Personal Data by Sub Processor, take reasonable steps (for instance by way of reviewing privacy policies as appropriate) to ensure that Sub Processor is committed and able to provide the level of protection for Controller Personal Data required by this DPA; and 7.4.2. ensure that the arrangement between the Processor and the Sub Processor is governed by a written contract, including terms that offer a materially similar level of protection for Controller Personal Data as those set out in this DPA and meet the requirements of Applicable Law. 7.5. Processor shall remain fully liable to the Controller for the performance of any Sub Processor's obligations.