Common use of Other Access Clause in Contracts

Other Access. In the event of an emergency that gives rise to imminent danger to persons or property at the data centers housing Customer Data, Data Trustee may grant access to emergency responders (e.g., police, ambulance personnel, fire fighters) solely as and for the time period reasonably necessary to respond to the emergency situation. Data Trustee will supervise the access by such responders to ensure it does not include access to Customer Data. Microsoft may deploy anti-spam and anti-malware updates to the German Online Services without supervision of the Data Trustee, provided such updates do not provide Microsoft with access to Customer Data. Data Trustee will not disclose Customer Data to third parties except (1) as Customer directs, (2) as described in this Data Trustee Agreement, or (3) as required by German law. Data Trustee will not disclose Customer Data to law enforcement unless required by German law. If compelled to disclose Customer Data to law enforcement, then Data Trustee will promptly notify Customer and provide a copy of the demand unless legally prohibited from doing so. Upon receipt of any other third party request for Customer Data (such as requests from Customer’s end users), Data Trustee will promptly notify Customer unless prohibited by German law. If Data Trustee is not required by law to disclose the Customer Data, Data Trustee will reject the request. If the request is valid and Data Trustee could be compelled to disclose the requested information, Data Trustee will ask the third party to request the Customer Data from Customer. If a data subject requests access to its data, Data Trustee will forward such request to the Customer. Subject to the above, Data Trustee will not provide any third party: (1) direct, indirect, blanket or unfettered access to Customer Data; (2) the platform encryption keys used to secure Customer Data or the ability to break such encryption; or (3) any kind of access to Customer Data if Data Trustee is aware that such data is used for purposes other than those stated in the request. In support of the above, Data Trustee may provide Customer’s basic contact information to the third party. All processing of Customer Data performed by Data Trustee shall take place within Germany. Data Trustee may not subcontract any portion of its processing of Customer Data without written approval by Customer. Data Trustee may use the affiliates listed below for certain data processing tasks to which Customer hereby consents: Deutsche Telekom Regional Services and Solutions GmbH (RSS) Address: ▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇ ▇, ▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇ T-Systems on site services GmbH (OS) Address: ▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇ ▇ – ▇, ▇▇▇▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇▇ I.T.E.N.O.S. International Telecom Network Operation Services GmbH (ITENOS) Address: ▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇, ▇▇▇▇▇ ▇▇▇▇, ▇▇▇▇▇▇▇ T-Systems Multimedia Solutions GmbH (MMS) Address: ▇▇▇▇▇▇▇ ▇▇▇. ▇, ▇▇▇▇▇ ▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇ Deutsche Telekom Technischer Service GmbH (DTTS) Address: ▇▇▇▇▇▇▇▇▇-▇▇▇▇▇-▇▇▇▇▇ ▇▇-▇▇, ▇▇▇▇▇ ▇▇▇▇, ▇▇▇▇▇▇▇ Telekom Deutschland GmbH Address: ▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇, ▇▇▇▇▇ ▇▇▇▇, ▇▇▇▇▇▇▇ Deutsche Telekom AG Address: ▇▇▇▇▇▇▇▇▇-▇▇▇▇▇-▇▇▇▇▇ ▇▇▇, ▇▇▇▇▇ ▇▇▇▇, ▇▇▇▇▇▇▇ Data Trustee remains responsible for the performance of such affiliates under this Agreement and will ensure such affiliates comply with all requirements herein, including processing Customer Data solely within Germany and subject to German law. Data Trustee personnel are obligated to maintain the security and secrecy of any Customer Data as provided in this Agreement, and this obligation continues even after their engagement ends. Data Trustee will comply with all laws and regulations applicable to its part of the provision of the German Online Services. However, Data Trustee is not responsible for compliance with any laws or regulations applicable to Customer or Customer’s industry that are not generally applicable to Data Trustee. Data Trustee does not determine whether Customer Data includes information subject to any specific law or regulation. Customer must comply with all laws and regulations applicable to its use of German Online Services, including laws related to privacy, data protection and confidentiality of communications. Customer is responsible for implementing and maintaining privacy protections and security measures for components that Customer provides or controls (such as within a Microsoft Azure customer’s virtual machine or application), and for determining whether the German Online Services are appropriate for storage and processing of information subject to any specific law or regulation. The privacy representative for Data Trustee can be reached at the following address: Deutsche Telekom AG Konzerndatenschutz / Group Privacy Konzernbeauftragter für den Datenschutz / CPO ▇▇. ▇▇▇▇▇-▇▇▇▇▇▇ ▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇-▇▇▇▇▇-Allee 140 D-53113 Bonn, Germany ▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇▇▇▇.▇▇