Subcontracting and Subprocessing Sample Clauses

Subcontracting and Subprocessing. 7.1. The parties may subcontract all or part of the Personal Data Processing to subcontractors provided the relevant party and the subcontractor have concluded a written processing agreement which imposes obligations that correspond to those stipulated in this Data Processing Annex.

Subcontracting and Subprocessing. In order for a Party to make use of a third party in order to perform any of its obligations under this Agreement, the other Party must approve such delegation in writing prior to such delegation taking place. The Party who will make use of this third party shall ensure that this third party has entered into a written agreement containing provisions no less protective of personal data than those of this Agreement. The Data Controller has the right to receive a copy of the relevant provisions of Data Processor’s agreement with the subcontractor or subprocessor. Any Party who wishes to make use of a third party as specified under article 3.1 will take appropriate technical and organisational measures to protect the security, confidentiality and integrity of Personal Data. If the Data Processor wishes to subcontract all or part of the processing of Study Participant Personal Data, it will first provide to Data Controller prior written notice of its intention to engage any subcontractor setting out the following information in sufficient detail: The name and address of the proposed subcontractor; The subject matter of the proposes subcontract; The countr(y)(ies) where the proposed subcontractor intends to process Study Participant Personal Data; A description of the technical and organisational measures implemented by the proposed subcontractor to protect the security, confidentiality and integrity of Study Participant Personal Data that will be processed by the proposed subcontractor; Any additional information that the Data Controller may reasonably require. The Data Processor will remain liable for all acts and omissions of the approved Subcontractors as fully as if they were the acts and omissions of the Data Processor or its Research Staff. Will be referred to as a Data Security Incident, any actual or potential: Breach of security that leads (or may lead) to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Study Participant Personal Data (or any media or carrier containing the same) held by the Data Processor; Unauthorized processing of any Study Participant Personal Data held by the Data Processor; Breach by Data Processor of the obligations of this DPA or any Applicable Data Protection Legislation; Breach of security that leads (or may lead) to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Research Staff Personal Data (or any media or carrie...

Subcontracting and Subprocessing. 7.1 The registrar may outsource all or part of the Personal Data processing to subcontractors (including but not limited to resellers) provided the registrar and the subcontractor have concluded a written processing agreement which imposes obligations that correspond to those stipulated in this Data Processing Annex. 7.2 DNS Belgium hereby gives its consent for the outsourcing of the Personal Data processing pursuant to Article 7.1. 8 Transfers of personal data to third countries 8.1 When processing Personal Data under or in connection with the Agreement, the registrar shall do so in accordance with: 8.1.1 all applicable Data Protection Legislation; and 8.1.2 the terms set out in Appendix 1 to this Data Processing Annex. For the purpose of this Appendix 1, references to “data importer” shall be deemed to be references to the registrar and references to “data exporter” shall be deemed to be references to DNS Belgium. 8.2 The registrar may transfer Personal Data to a recipient in a country outside the European Economic Area (such a country being referred to as a Third Country), provided that: 8.2.1 The EU Commission has taken an adequacy decision concerning that Third Country in accordance with the applicable Data Protection Legislation; 8.2.2 The recipient participates in a valid cross-border transfer mechanism in respect of which the EU Commission has taken an adequacy decision in accordance with the applicable Data Protection Legislation, so that the registrar (and, where appropriate, DNS Belgium) can ensure that appropriate safeguards are in place to ensure an adequate level of data protection in respect of the transferred Personal Data; or 8.2.3 The recipient has concluded an agreement with DNS Belgium which contains model clauses approved by the EU Commission or by another competent governmental authority in accordance with the applicable Data Protection Legislation.