Common use of Supplementary Measures Clause in Contracts

Supplementary Measures. In addition to the obligations under Sections 7(a)-(d), if and to the extent that the Parties will engage in cross-border Processing of Personal Data or will transmit, directly or indirectly, any Personal Data to a country outside of the country from which such Personal Data was collected (including without limitation transfers of Personal Data outside of the EEA, Switzerland or the UK), the Parties agree to the following supplementary measures: i. All Personal Data shall be encrypted both in transit and at rest using state of the art encryption technology that is robust against the performance of cryptanalysis; ii. Menlo Security warrants and represents that, as of the date of the Agreement, it has not received any national security data production orders (e.g., pursuant to Section 702 of the Foreign Intelligence Surveillance Act (“FISA Section 702”) or U.S. Presidential Policy Directive 28); iii. Menlo Security will use all reasonable legal mechanisms to challenge any demands for data access through the national security process that Menlo Security receives; and iv. Menlo Security will provide, up to once per calendar year upon Customer’s request, a transparency report indicating the types of binding legal demands for the Personal Data it has received, including national security orders and directives.