UK Personal Data Clause Samples

UK Personal Data. In relation to Personal Data that is protected by the UK GDPR ("UK Personal Data"), the UK SCCs will apply as follows: (i) The EU SCCs, completed as set out in Section 7.4 above, shall also apply to transfers of such UK Personal Data; and (ii) The UK Addendum shall be deemed executed between the transferring Customer and AuditBoard, and the EU SCCs shall be deemed amended as specified by the UK Addendum in respect of the transfer of such UK Personal Data. Tables 1 to 3 of the UK Addendum shall be deemed completed with relevant information from the EU SCCs, completed as set out in Section 7.4 above, and the options "Exporter" and "Importer" shall be deemed checked in Table 4. The start date of the UK Addendum (as set out in Table 1) shall be the effective date of this DPA.

UK Personal Data. The UK Approved Addendum applies only to transfers of Personal Data which are subject to the UK GDPR, either directly or via onward transfer, to any country or recipient: (i) not recognized by the UK Information Commissioner or other relevant UK authorities as providing an adequate level of protection for Personal Data (as described in the UK GDPR), and (ii) not covered by a suitable framework (e.

UK Personal Data. To the extent any Protected Information contained in Customer Data is regulated by the UK GDPR (“UK Personal Data”), the IDTA (as defined herein) and Schedule 1 attached hereto will apply to Nasuni’s Processing of such UK Personal Data on your behalf and the parties hereby agree to comply with the IDTA, which is hereby incorporated into this Addendum in its entirety. In the event of a conflict between the Agreement and the IDTA, the IDTA will control to the extent applicable to UK Personal Data.

UK Personal Data. In relation to Personal Data protected by the UK GDPR (“UK Personal Data”), the UK Addendum will apply as follows: i. the EU SCCs, completed as set out in Section 2.3.2.1 of this Addendum A, shall also apply to transfers of UK Personal Data; ii. the UK Addendum shall be deemed executed (and incorporated into this DPE by this reference) between the transferring Customer and Workday, and the EU SCCs shall be deemed amended as specified by Part 2 (Mandatory Clauses) of the UK Addendum in respect of the transfer of UK Personal Data; iii. Tables 1 to 3 of the UK Addendum shall be deemed completed with relevant information from within this DPE and the EU SCCs, completed as set out in Section 2.3.2.1 of this Addendum A; iv. the start date of the UK Addendum (as set out in Table 1) shall be the effective date of this DPE; and

UK Personal Data. The parties agree that the Information Commissioner’s Office’s International Data Transfer Agreement, referred to hereafter as Standard Contractual Clauses, will apply to UK Personal Data that is transferred via the Services from the United Kingdom, either directly or via onward transfer, to any country or recipient outside the United Kingdom that is not recognized by the ICO as providing an adequate level of protection for Personal Data. To the extent applicable, the Standard Contractual Clauses will be deemed entered into (and incorporated into this DPA by this reference) and completed as follows:

UK Personal Data. Where Customer is located in the United Kingdom, the version of the SCCs referenced in Part A, Section 12(d) above shall apply together with the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses as issued by the Information Commissioner’s Office under S119A(1) of the Data Protection Act 2018 (“UK Addendum”), which is hereby incorporated by reference. The parties further agree that for the purpose of the UK Addendum: i) The Customer shall be the data exporter, and Bain shall be the data importer (on behalf of itself and its affiliates), and the parties’ details as set out in the Agreement shall be incorporated into Table 1 of Part 1 of the UK Addendum (Parties); ii) The first option of Table 2 of Part 1 of the UK Addendum (Selected SCCs, Modules and Selected Clauses) shall be selected and the date shall be the date of this Agreement; iii) Table 3 of Part 1 of the UK Addendum (Appendix Information) shall be populated with the relevant information set out in Annex A and Annex B to this Agreement and Section 12(c) above; and iv) Either the importer or the exporter may end the UK Addendum, and Table 4 of Part 1 of the UK Addendum shall be completed accordingly.

UK Personal Data. In respect of any UK Restricted Transfer, Customer acting on its own behalf and as agent for each Customer Affiliate (each as "data exporter") and Airbrake acting on its own behalf ("data importer") with effect from the commencement of the relevant transfer agree that such transfer(s) will be carried out in accordance with and subject to the International Data Transfer Agreement A1.0 issued by the ICO (“UK IDTA”), which can be found at ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/media/for-organisations/documents/4019538/international- data-transfer-agreement.pdf. To the extent there is any conflict between the DPA and the UK IDTA in relation to the processing of UK Personal Data, the terms of the UK IDTA will prevail. To the extent applicable, the UK IDTA will be deemed entered into (and incorporated into this DPA by this reference) and completed as follows: Part 1: Tables

UK Personal Data. Transfers of UK Personal Data by Customer to Panopto in Third Countries are subject to the Standard Contractual Clauses attached to this DPA and incorporated by reference as Exhibit 2 (the “2010 SCCs”). For the sake of clarity, if and to the extent that the 2010 SCCs apply, signatures of assent of Customer and Panopto to the Agreement will be deemed signatures to the 2010 SCCs. The following terms will apply to the 2010 SCCs whether used pursuant to this Section 8.2.1(b) or Section 8.2.2 below: (i) the 2010 SCCs will apply to a customer which is subject to the data protection laws and regulations of the UK, and such customer constitutes a “data exporter”; (ii) for purposes of clause 5(a) of the 2010 SCCs, the Agreement, this DPA, and Customer’s use of the Services’ features and functionality are Customer’s written instructions to Panopto in relation to the processing of Personal Data; (iii) Customer’s right of audit under clauses 5.1(f) and 12.2 of the 2010 SCCs may be exercised as specified in Section 5 (Records and Audits) of this DPA; (iv) pursuant to clause 5(h) of the 2010 SCCs, Customer’s rights regarding Panopto’s subprocessors under the 2010 SCCs are subject to Section 6 (Personnel and Subprocessors) of this DPA; (v) the Parties agree that copies of the Subprocessor agreements that Panopto must provide to Customer pursuant to clause 5(j) of the 2010 SCCs may have commercial information, or clauses unrelated to the 2010 SCCs or their equivalent, removed by Panopto beforehand, and that such copies will be provided only upon written request by Customer; (vi) for purposes of clause 12.1 of the 2010 SCCs, Panopto will (1) comply with its obligations to return or destroy all Personal Data as specified in Section 4.10 (Return of Personal Data) of this DPA and (2) provide certification of such destruction on upon Customer’s written request therefor.