The processor undertakes Clause Samples

The processor undertakes. 3.4.1. to comply with all obligations arising for the Data Processor from the relevant legislation when processing Personal Data; 3.4.2. to process Personal Data solely on the basis of the Controller's instructions made pursuant to this Processing Agreement, including in relation to the transfer of Personal Data to a third country or an international organization; 3.4.3. to notify the Controller without undue delay in cases where an inspection or other administrative proceedings are initiated by the Agency for Personal Data Protection or another administrative authority in relation to the processing of Personal Data by the Processor, and to provide the Controller with all information about the course and results of such inspection or the course and results of such proceedings; 3.4.4. to assist the Controller in ensuring compliance with the Controller's personal data security obligations under Articles 32 to 36 GDPR, taking into account the nature of the processing to be carried out by the Processor; 3.4.5. to notify the Controller of any Personal Data breach of which it becomes aware without undue delay, and no later than 48 hours after becoming aware of the breach. The minimum scope of such notification is set out in Article 33(3) of the GDPR; 3.4.6. to keep a record of all Personal Data breaches and the corrective measures taken to ensure an adequate level of security of processing. The Processor is obliged to provide the Controller with all necessary cooperation related to the investigation of the breach and the fulfillment of the Controller's obligations under Articles 33 to 34 of the GDPR; 3.4.7. assist the Controller in documenting processes or documents that demonstrate the Controller's compliance with the GDPR.