Your Personal Data If you determine that you will be supplying us with your Personal Data (as defined in the Data Processing Addendum referenced below) for us to process on your behalf, in the provision of maintenance and support services or hosting services (if the Product licensed to you is a Hosted Service) or during the course of any audits we conduct pursuant to section 1.14 (Audit), you may submit a written request at ▇▇▇▇▇▇▇@▇▇▇▇▇▇▇▇.▇▇▇ for the mutual execution of a Data Processing Addendum substantially in the form we make available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/docs/default-source/progress-software/data-processing-addendum.pdf and we will enter into such Data Processing Addendum with you. To the extent there is any conflict between this ▇▇▇▇ and such Data Processing Addendum, the Data Processing Addendum will prevail with respect to our handling and processing of your Personal Data.
Personal Data Registry Operator shall (i) notify each ICANN-‐accredited registrar that is a party to the registry-‐registrar agreement for the TLD of the purposes for which data about any identified or identifiable natural person (“Personal Data”) submitted to Registry Operator by such registrar is collected and used under this Agreement or otherwise and the intended recipients (or categories of recipients) of such Personal Data, and (ii) require such registrar to obtain the consent of each registrant in the TLD for such collection and use of Personal Data. Registry Operator shall take reasonable steps to protect Personal Data collected from such registrar from loss, misuse, unauthorized disclosure, alteration or destruction. Registry Operator shall not use or authorize the use of Personal Data in a way that is incompatible with the notice provided to registrars.
Processing Personal Data This ▇▇▇▇▇ shall be completed by the Controller, who may take account of the view of the Processors, however the final decision as to the content of this Annex shall be with the Buyer at its absolute discretion.
YOUR PERSONAL INFORMATION 17.1 We collect certain information about the purchaser and the users of the Card in order to operate the Card programme. IDT Financial Services Limited is the data controllers of Your personal data, and will manage and protect Your personal data in accordance with applicable law.IDT Financial Services Limited receives card services from First Data Slovakia s.r.o., which acts as a data processor for IDT Financial Services Limited. 17.2 We may transfer Your personal data outside the EEA to Our commercial partners where necessary to provide Our services to You, such as customer service, account administration, financial reconciliation, or where the transfer is necessary as a result of Your request, such as the processing of any international transaction. When We transfer personal data outside the EEA, We will take steps to ensure that Your personal data is afforded substantially similar protection as personal data processed within the EEA. Please be aware that not all countries have laws to protect personal data in a manner equivalent to that of the EEA. Your use of Our products and services will indicate to Us that You agree to the transfer of Your personal data outside the EEA. If You withdraw Your consent to the processing of Your personal data or its transfer outside the EEA, which You can do by using the contact details in clause 15, We will not be able to provide Our services to You. Therefore, such withdrawal of consent will be deemed to be a termination of the Agreement. 17.3 Unless You have provided Your explicit permission, Your personal data will not be used for marketing purposes by Us or Our commercial partners (unless You have independently provided Your consent to them directly), nor will it be shared with third parties unconnected with the Card scheme. 17.4 You have the right to request details of the personal information that is held about You, and You may receive this by writing to our Customer Service Center. 17.5 Please refer to the Privacy Policy of IDT Financial Services Limited ▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/privacypolicy.pdf for full details, which You accept by accepting the Agreement.
Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller. 2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally. 2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest. 2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission. 2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data. 2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal framework on the protection of Personal Data. The practical consequence of this is that, in addition to the full responsibility of the Processor towards the Controller, she shall carry the same level of responsibility vis-à-vis the independent supervisory authority (and any other competent state authority) as well as the Natural Persons - Data Subjects of the data being processed.