Controller’s Obligations Clause Samples

Controller’s Obligations. 1. Controller shall notify Processor without undue delay, and comprehensively, of any defect or irregularity with regard to provisions on data protection detected by Controller in the results of Processor’s work.

Controller’s Obligations. 5.1 The Controller undertakes to ensure that there is a legal basis for the processing operations under Clause 4 and to draw up written instructions to enable the Processor and, where appropriate, Subprocessors, to perform their obligations under this Agreement. 5.2 The Controller is responsible for providing information under applicable legislation to the data subjects on the processing of personal data, consulting with the Swedish Authority for Privacy Protection where necessary, and otherwise ensuring that the processing of personal data by the Controller is lawful. 5.3 The Controller shall promptly provide information on any circumstances that may entail a need for changes in the way in which the Processor processes personal data and that may affect its obligations. The Controller shall also inform the Processor of any action by third party, including the Swedish Authority for Privacy Protection and the data subject, in relation to the processing.

Controller’s Obligations. 5.1 The Controller represents and warrants that: (i) it shall comply with this DPA and its obligations under Data Protection Law; (ii) it has obtained any, and all, necessary permissions and authorisations necessary to permit the Processor, its Affiliates and Sub-processors, to execute their rights or perform their obligations under this DPA; and (iii) all Affiliates of the Controller who use the Services shall comply with the obligations of the Controller set out in this DPA. 5.2 The Controller shall implement appropriate technical and organisational measures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The Controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymisation and encryption of Personal Data; (ii) the ability to ensure the on-going confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In accessing the appropriate level of security account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. 5.3 The Controller acknowledges and agrees that some instructions from the Controller including the Processor assisting with audits, inspections, DPIAs or providing any assistance under this DPA, may result in additional fees. In such case the Processor shall notify the Controller of its fees for providing such assistance in advance and shall be entitled to charge the Controller for its reasonable costs and expenses in providing such assistance, unless agreed otherwise in writing.

Controller’s Obligations. 5.1 The obligations of the Controller are set out in appendix 5.

Controller’s Obligations. Controller’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Controller shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Controller acquires Personal Data and provides it to Processor.

Controller’s Obligations. 7.1 The obligations of the Controller are set out in Appendix 4.

Controller’s Obligations right to control 2.1.1. In the context of the contractual relationship between Customer, acting as Controller, and Processor, Customer is solely responsible for assessing the legal admissibility of the processing to be performed by Processor with regard to GDPR provisions and other rules on data protection. 2.1.2. Customer has the right to carry out inspections in consultation with Processor or to have them carried out by an examiner to be named on a case-by-case basis. Customer moreover has the right to verify that Processor complies with this Agreement in his business. The execution of such random checks shall be announced on reasonable notice. Processor shall ensure that Customer can convince himself of Processor´s compliance with regard to all of the latter´s obligations in accordance with art. 28

Controller’s Obligations. Controller shall, in its use of the Services, at all times Process Personal Data, and provide Instructions for the Processing of Personal Data, in compliance with applicable Data Protection Laws, and shall ensure that the Processing of Personal Data in accordance with Controller’s Instructions will not cause Processor to be in breach of the Data Protection Laws. Controller is solely responsible for the accuracy, quality, and legality of (i) the Personal Data provided to Processor by or on behalf of Controller, (ii) the means by which Controller acquired any such Personal Data, and (iii) the Instructions it provides to Processor regarding the Processing of such Personal Data. Controller shall not provide or make available to Processor any Personal Data in violation of the Agreement or which is otherwise inappropriate for the nature of the Services. Controller shall indemnify, defend, and hold harmless Processor from and against all claims or losses due to Controller’s non-compliance with its obligations in this section.

Controller’s Obligations. Controller undertakes to: