Common use of Arrangement Between the Parties Clause in Contracts

Arrangement Between the Parties. The Parties shall each Process the Personal Data. The Parties acknowledge that the factual arrangements between them dictate the classification of each Party in respect of the Data Protection Laws. Notwithstanding this, the Parties anticipate that, in respect of the Personal Data, as between the Recipient and the the Supplier for the purposes of this Agreement, the Recipient shall act as the Controller and the the Supplier shall act as the Processor, as follows: the Recipient shall be the Controller where it is Processing Personal Data in relation to the Permitted Purpose; and the Supplier shall be the Data Processor where it is Processing Personal Data in relation to the Permitted Purpose in connection with the performance of its obligations under this Agreement. Each of the Parties acknowledges and agrees that Schedule 1B (Data Processing Particulars) to this Agreement is an accurate description of the Data Processing Particulars. Nothing within this Agreement relieves the Supplier of its own direct responsibilities and liabilities under the Data Protection Laws. Each Party shall make due notification to any relevant regulator. the Supplier undertakes to the Recipient that it will take all necessary steps to ensure that it operates at all times in accordance with the requirements of the Data Protection Laws and the Supplier will, at its own expense, assist the Recipient in discharging its obligations under the Data Protection Laws as detailed in this Paragraph 2. The Supplier shall not, whether by act or omission, cause the Recipient to breach any of its obligations under the Data Protection Laws. To the extent that the Supplier Processes any Personal Data as a Processor for and on behalf of the Recipient (as the Controller) it shall: only Process the Personal Data for and on behalf of the Recipient for the purposes of performing its obligations under this Agreement, and only in accordance with the terms of this Agreement and any documented instructions from the Recipient; keep a record of any Processing of the Personal Data it carries out on behalf of the Recipient;

Arrangement Between the Parties. The Parties shall each Process the Personal Data. The Parties acknowledge and agree that the factual arrangements between them dictate the classification and role of each Party in respect of the Data Protection Laws. Notwithstanding thisthe foregoing, the Parties anticipate that, in respect of the Personal University Data, as between the Recipient University and the the Supplier Associate for the purposes of this Agreement, the Recipient University shall act as the Controller and the Associate is appointed by the Supplier University to and shall act as the Processor, as follows: the Recipient shall be the Controller where it is Processing Personal Data Processor in relation to the Permitted Purpose; and the Supplier shall be the Data Processor where it is Processing Personal Data in relation to the Permitted Purpose in connection accordance with the performance terms of its obligations under this AgreementSchedule. Each of the Parties acknowledges and agrees that Schedule 1B Appendix 1 (Data Processing Particulars) to this Agreement is an accurate description of the Data Processing Particulars. Nothing within Notwithstanding Paragraph 2.1.1 if either Party is deemed to be a joint Controller with the other in relation to the University Data, the Parties agree that they shall: be jointly responsible for the compliance obligations imposed on a Controller by the Data Protection Laws, and the Parties shall cooperate to do all necessary things to enable performance of such compliance obligations, except that each Party shall be responsible, without limitation, for compliance with its data security obligations where University Data has been transmitted by it, or while University Data is in its possession or control; and acting reasonably and in good faith seek by way of variation or additional agreement or arrangement, to document the parties' respective obligations in accordance with Data Protection Laws (particularly in respect of communications with Data Subjects, third parties and a ICO, including in respect of transparency requirements and notification obligations). Each Party agrees that in performing its obligations under this Agreement relieves Agreement, it shall comply with the Supplier of its own direct responsibilities and liabilities obligations imposed on it under the Data Protection Laws. Each Party shall make due notification In relation to any relevant regulator. University Data that the Supplier undertakes University provides or makes available to the Recipient that it will take all necessary steps to ensure that it operates at all times in accordance with the requirements of the Data Protection Laws and the Supplier will, at its own expense, assist the Recipient in discharging its obligations under the Data Protection Laws as detailed in this Paragraph 2. The Supplier shall not, whether by act Associate or omission, cause the Recipient to breach any of its obligations under the Data Protection Laws. To the extent that the Supplier Associate Processes any Personal Data as a Processor for and on behalf of the Recipient University (the University acting as the Controller) it the Associate shall: only Process the Personal University Data for and on behalf of the Recipient University for the purposes of performing its obligations under this Agreement, and only in accordance with the terms of this Agreement, any Data Transfer Agreement (where applicable) and any documented instructions from the RecipientUniversity (unless required to do otherwise by Applicable Law, in which case it shall (unless prohibited from doing so by such Applicable Law) inform the University of such legal requirement before Processing); keep a record of any Processing of the Personal Data it carries out on behalf of the RecipientUniversity;

Arrangement Between the Parties. The Parties shall each Process the Personal Data. The Parties acknowledge that the factual arrangements between them dictate the classification of each Party in respect of the Data Protection Laws. Notwithstanding thisthe foregoing, the Parties anticipate that, in respect of the Personal Data, as between the Recipient OU and the the Supplier Service Provider for the purposes of this Agreement, the Recipient OU shall act as the Controller and the the Supplier Service Provider shall act as the Processor, as follows: the Recipient . The Service Provider shall be the Controller where it is Processing Personal Data in relation to the Permitted Purpose; and the Supplier shall be the Data Processor where it is Processing only process Personal Data in relation to the Permitted Purpose in connection with the performance of its obligations under this Agreement. Each of the Parties acknowledges and agrees that Schedule 1B Appendix 2 (Data Processing Particulars) to this Agreement is an accurate description of the Data Processing Particulars. Nothing within this Agreement relieves the Supplier Service Provider of its own direct responsibilities and liabilities under the Data Protection Laws. Each Party shall make due notification to any relevant regulatorRegulator. the Supplier The Service Provider undertakes to the Recipient OU that it will take all necessary steps to ensure that it operates at all times in accordance with the requirements of the Data Protection Laws and the Supplier Service Provider will, at its own expense, assist the Recipient OU in discharging its obligations under the Data Protection Laws as more particularly detailed in this Paragraph 2Error: Reference source not found (Data Protection). The Supplier Service Provider shall not, whether by act or omission, cause the Recipient OU to breach any of its obligations under the Data Protection Laws. To the extent that the Supplier Service Provider Processes any Personal Data as a Processor for and on behalf of the Recipient OU (as the Controller) it shall: only Process the Personal Data for and on behalf of the Recipient OU for the purposes of performing its obligations under this Agreement, and only in accordance with the terms of this Agreement and any documented instructions from the Recipient; keep a record of any Processing of the Personal Data it carries out on behalf of the RecipientOU;