Engagement of sub-processors Sample Clauses
The 'Engagement of sub-processors' clause governs how and under what conditions a party, typically a data processor, may involve third-party service providers (sub-processors) to process data on behalf of the original contracting party. This clause often requires the processor to obtain prior written consent or provide notice before engaging sub-processors, and mandates that sub-processors adhere to the same data protection obligations as the primary processor. Its core function is to ensure transparency and maintain data protection standards when data is handled by additional parties, thereby mitigating risks associated with unauthorized or non-compliant data processing.
POPULAR SAMPLE Copied 5 times
Engagement of sub-processors. 7.1. Customer grants Service Provider the general authorization to engage sub-processors with regard to the processing of Customer Personal Data. Sub-processors engaged at the time of conclusion of the Agreement are listed in the Services Description where those being applicable at the time the Parties entering into the Agreement may also being set forth in an Exhibit to this DPA. In case of any contradictions the sub-processor list as being set forth in the online Services Description shall prevail.
7.2. Service Provider shall notify Customer of any intended change in relation to the engagement or replacement of sub-processors via email, notification within the Services or via a subscription service offered by the Service Provider. Customer has the right to object to the engagement of a potential sub-processor. When raising such an objection, Customer shall specify its reasonable grounds for the objection. If Customer does not object within fourteen (14) calendar days upon Service Provider`s notification, its right to object to the corresponding engagement lapses. If Customer objects, Service Provider is entitled to terminate the Agreement and this DPA with a notice period of five (5) working days according to the further specifications in the Agreement.
7.3. The agreement between Service Provider and the sub-processor must impose the same or similar obligations on the latter as those incumbent upon Service Provider under this DPA. The Parties agree that this requirement is fulfilled if the contract provides a level of protection corresponding to this DPA, respectively if the obligations within the meaning of article 28 paragraph 3 GDPR are imposed on the sub-processor. The Parties further agree that this requirement may be satisfied in relation to cloud service providers providing platform, infrastructure or software as a service by concluding the latter’s standard data processing agreements provided, they comply with the requirements within the meaning of article 28 GDPR.
7.4. Subject to compliance with the requirements of section 2.4 of this DPA, the provisions of this section 7 of this DPA shall also apply in the case of an engagement of a sub-processor whose processing of Customer Personal Data is not subject to the GDPR. In such a case, Service Provider shall be entitled and – to the extent that the requirements of section 2.4 of this DPA are not otherwise met – obliged to conclude a contract with the sub-processor incorporating the standard contrac...
Engagement of sub-processors. (1) The Client acknowledges and agrees that ▇▇▇▇▇▇▇ Security engages third parties ("Sub-Processors") to support the provision of the Services. Sub-Processors may perform data processing activities on behalf of ▇▇▇▇▇▇▇ Security under this Agreement.
(2) ▇▇▇▇▇▇▇ Security shall ensure that all Sub-Processors are bound by written agreements to obligations no less protective of Personal Data than those set forth in this Agreement and applicable Data Protection Laws.
Engagement of sub-processors. (a) The Processor can engage, and the Controller consents to the Processor engaging, other processors (“sub- processors”) for the performance of this DPA. A list of the Processor’s sub-processors from time to time will be accessible on the Processor’s website.
(b) The Processor will inform the Controller of any intended changes concerning the addition or replacement of other processors, thereby giving the Controller the opportunity to object to such changes. Where the Controller chooses to object to these changes, the Controller has every right to rescind the DPA prospectively.
(c) The Processor will inform the Controller of the above changes by updating the list of sub-processors on the website one month before the change of sub-processors will take place.
(d) The Processor will make sure that the same data protection obligations are imposed on sub-processors as those laid down in this DPA via a contract or other legal act whereby in particular the appropriate safeguards are provided that the sub-processor will take the necessary technical and organisational measures in such a manner that the processing complies with the requirements of the data protection regulation.
(e) Where the sub-processor fails to fulfil its data protection obligations, the Processor shall remain fully liable to the Controller for the performance of the sub-processor’s obligations.
Engagement of sub-processors. 6.1 You hereby grant Us a general authorization to appoint Sub-processors (and to permit each Sub-processor appointed in accordance with this Section 6 to appoint Sub- processors). This includes and authorization for Us to engage Our Affiliates to provide some of the Products and Services, and You agree that such Affiliates may access or Process Personal Data to fulfil Our contractual obligations under the Agreement or to provide Products and Services on Our behalf.
6.2 Whether the Sub-processor is a Company Affiliate or a third-party, We will:
a. restrict Sub-processors' access to Personal Data only to what is necessary to maintain or provide the Products and Services to You;
b. impose substantially similar appropriate contractual obligations in writing upon Sub-processors that are no less protective than the obligations set forth in this DPA; and
c. remain responsible for Sub-processors’ compliance with and performance of the obligations of this DPA.
6.4 The list of Our Sub-processors, including Affiliates, is available on the Trellix Legal Notices web page (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇.▇▇▇/en-us/assets/docs/legal/enterprise-sub-processor- list.pdf). To be notified of new or changes in Sub-processors, You must register for notifications available here. We will provide notification of new or changes to Our Sub- processor(s) via such e-notifications before authorizing any new or replacement Sub- processor(s) to Process Personal Data in connection with the provision of the Products and Services at least ten (10) days in advance of such change. Where You are required to do so by Applicable Laws, You may object to the engagement of any new Sub- processor within ten (10) days following Our notice regarding such Sub-processor. Your objection must be in writing and provide commercially reasonably justification for the objection, based on reasonable concerns concerning the proposed Sub-processor’s practices relating to data protection. Following any objection, Customer and Company will work in good faith to address Customer’s objection; if Customer’s written concerns cannot be resolved within ninety (90) days, Customer may terminate the Agreement in respect of the applicable Product(s) or Service(s) in relation to which the Sub-processor will Process Personal Data.
Engagement of sub-processors. 5.1. In performing the Processing Operations the Processor is not entitled to engage a third party as sub-processor without the prior written consent of the Controller. The consent of the Controller can also relate to a certain category of sub-processors.
5.2. If the Controller consents to a sub-processor, the Processor must ensure that the Processor enters into an agreement with the respective sub-processor in which at least the same legal obligations and any additional obligations under this Agreement are set out. If a sub-processor does not want to accept the additional obligations under this Agreement, the Controller may decide to release the Processor from the additional obligations for the respective Processing Operations, in which case the Processor can still enter into the sub-processing agreement.
5.3. In the event that the consent relates to a certain category of sub-processors, the Processor shall inform the Controller about the sub-processors as engaged by the Processor. The Controller may object to the sub-processors of the Processor.
5.4. The Controller hereby gives his consent to engage the sub-processors and/or categories of sub-processors included in Annex 2.
Engagement of sub-processors. 6.1. The Controller agrees that the Processor may use sub-processors to fulfil its contractual obligations under this DPA or to provide certain services on its behalf, such as providing additional functionalities or support services. Services offered through the Marketplace may be provided by sub-processors or may engage in a direct contract with the Controller. Processor is not permitted to engage the services of a sub-processor in the context of this agreement without the Controller’s express prior permission in writing. Permission is hereby given for sub-processors mentioned on Schedule A.
6.2. The Controller may make the engagement of a sub-processor for the performance of this data processor agreement conditional upon the fulfilment of certain requirements.
6.3. A sub-processor must give sufficient guarantees with respect to the use of appropriate technical and organizational measures to ensure that the processing takes place in accordance with the provisions of this agreement and the GDPR.
6.4. If the Processor has engaged a sub-processor, the Processor shall be fully liable for the fulfilment of all obligations by the sub-processor. However, if the Controller has made it compulsory for the Processor to cooperate with certain sub-processors for the performance of the services agreed upon in this agreement, the Processor shall not be liable for such sub-processors. The Processor shall conclude a written agreement with the sub-processor, which imposes the same obligations on such third party as are imposed on the Processor under this agreement, so that the sub-processor is also bound by these provisions.
6.5. The Processor shall keep a list of sub-processors, which shall also specify the activities to be carried out.
6.6. If the Processor wishes to process the personal data outside the European Economic Area, it may do so only in countries that are classified by the European Commission or the Minister of Justice as countries providing an adequate level of protection, or in countries that provide an adequate level of protection as a result of additional measures.
Engagement of sub-processors. The District acknowledges and agrees that Service Provider may engage third party Sub processors in connection with the provision of the services. Service Provider will enter into a written Agreement with each Sub processor containing data protection obligations that provide the same data protection obligations for Pupil Records Privacy Data as those in the Agreement and this Appendix A, taking into account the nature of the Products provided by such Sub processor.
Engagement of sub-processors. 8.1. The Processor will receive on the basis of this Processing Agreement general permission for the engagement of Sub-Processors within the meaning of Section 28, subsection 2, of the GDPR. The Sub-Processors, who are already known at the concluding of this Processing Agreement, are mentioned in Appendix 2.
8.2. The engagement of Sub-Processors only takes place by means of an agreement in writing (electronic or physical) with the Sub-Processor, which agreement imposes the same, or stricter, obligations as ensue for the Processor from the Processing Agreement, in particular with regard to the application of suitable technical and organisational measures in order for the processing to comply with the provisions of the GDPR.
8.3. The Processor will inform the Controller of changes concerning adding or the replacement of other Processors, whereby the option will be offered to the Controller to make objections to these changes.
8.4. The Processor remains fully liable for the fulfilment of the Processor's obligations on the basis of the Processing Agreement, including the Personal Data processed by the Sub-Processor, if the Processor uses Sub-Processors.
Engagement of sub-processors. Institution expressly acknowledges and agrees that ▇▇▇▇▇▇ Mind may engage other Sub-processors in connection with the provision of the Symphony Classroom Solution. Any Sub-processor will be permitted to process Institution Personal Information only as necessary to deliver the services for which ▇▇▇▇▇▇ Mind has retained them, and such Sub-processors will be prohibited from processing Institution Personal Information for any other purpose. Subject to section 3.3 of this Annex One, such Sub-processors will provide services pursuant to a written agreement with ▇▇▇▇▇▇ Mind containing substantially the same data protection obligations as set forth herein. ▇▇▇▇▇▇ Mind shall be liable to the Institution for the acts and omissions of its Sub- processors to the same extent ▇▇▇▇▇▇ Mind would be liable if performing the services of each Sub-processor directly under the Agreement, except as otherwise set forth in the Agreement or required by law.
Engagement of sub-processors. Controller expressly acknowledges and agrees that (a) Processor may retain any entity which is controlled by, controls or is in common control with Processor (“Affiliates”) in connection with the provision of the Services; and (b) Processor and Processor’s Affiliates respectively may engage other third-party processors in connection with the provision of the Services (collectively, “Sub-processors”).