Whitespace as the Processor shall Clause Samples

Whitespace as the Processor shall. 15.8.1. Process the Personal Data only on the instructions of the Customer; 15.8.2. not transfer the Personal Data outside of the UK unless it has appropriate safeguards in place permitting such transfer in accordance with clause 15.8.5. 15.8.3. ensure that its staff who process Personal Data have had the necessary training regarding handling and security of Personal Data and have committed themselves to confidentiality or are under appropriate statutory obligation of confidentiality; 15.8.4. Take all reasonable measures pursuant to Article 32 of GDPR, in particular: i. implement and maintain suitable and appropriate technical and organisational measures and controls to prevent unauthorised or unlawful processing of Personal Data and accidental loss, destruction, damage, theft, use or disclosure of such Personal Data, and shall protect against any security threats to the Personal Data and detect and prevent unauthorised processing of or access to Personal Data; ii. comply with its Information Security Standards; iii. install and maintain all necessary software updates to ensure compliance of Article 32 and shall give notice to the Client of such updates which affect the Whitespace Service. iv. in assessing the appropriate level of security, taking into account the risks that are presented by the Processing of Personal Data, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise Processed; and v. take such steps to ensure that any person acting under the authority of the Processor who has access to the Personal Data does not Process such Personal Data except in respect of the Whitespace Service, unless he or she is required to do so by law. 15.8.5. Where the Processor engages another processor for carrying out specific processing activities on behalf of the Client (a sub-processor), the Processor shall impose the same data protection obligations as required by GDPR on the sub-processor. 15.8.6. On request from the Client and subject to the Client paying Whitespace’s reasonable costs (as detailed in Schedule 3 and Schedule 4) in collating and such data, assisting in any Data Subject requests and/or any co- operation under Article 28(3)(f) of GDPR. 15.8.7. At the request of the Client destroy, anonymise or return Personal Data relating to the Whitespace Service to the Client at the end of this Agreement, unless the Personal Data is required by law and/or ...