Processing of Company Personal Data. 2.1 The Processor will: (a) comply with all applicable Data Protection Laws in the Processing of Personal Data; and (b) not Process Personal Data other than on the Controller’s documented instructions (including those instructions given under clause 2.2) unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case the Contracted Processor, shall to the extent permitted by Applicable Laws inform the Controller of that legal requirement before the relevant Processing of that Personal Data. 2.2 The Controller instructs the Contracted Processor (and authorises them to instruct each Subprocessor) to: (a) process the Personal Data; and (b) transfer the Personal Data to any country or territory, as reasonably necessary for the provision of the Services. 2.3 Schedule 1 sets out certain information regarding the Contracted Processors' Processing of the Personal Data as required by article 28(3) of the GDPR (and, where relevant, equivalent requirements of other Data Protection Laws). The parties may agree from time to time to amend Schedule 1 as necessary to meet those requirements.
Appears in 3 contracts
Sources: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement