Processing of Customer Personal Data Sample Clauses

Processing of Customer Personal Data. 2.1 CrowdStrike shall: 2.1.1 Process Customer Personal Data only on Customer’s documented instructions, as set out in the Agreement and this DPA, including Customer providing instructions via APIs made available by CrowdStrike with the Offerings, and as required by Applicable Laws (the “Documented Instructions”). Any additional or alternate instructions, having an impact to the Offerings must be agreed upon by the Parties separately in writing; and 2.1.2 Unless prohibited by Applicable Law, inform the Customer if CrowdStrike determines that: (i) Customer’s instructions conflict with Applicable Laws; or (ii) Applicable Laws require any Processing contrary to the Customer’s instructions. 2.2 Customer shall: 2.2.1 Be responsible for complying with Applicable Laws when making decisions and issuing instructions for the Processing of Customer Personal Data, including securing all permissions, consents or authorizations that may be required; and 2.2.2 Defend and indemnify CrowdStrike, CrowdStrike Affiliates, and CrowdStrike Subprocessors for any claim brought against any one or more of them arising from an allegation of Customer’s breach of this Section, whether by a Data Subject or a government authority. In the event of such a claim, the Parties shall follow the process set forth in the Agreement for Customer to defend and indemnify CrowdStrike and if none, then CrowdStrike will: (a) notify Customer of such claim, (b) permit Customer to control the defense or settlement of such claim; provided, however, Customer shall not settle any claim in a manner that requires CrowdStrike to admit liability or make any changes with respect to the Offerings without CrowdStrike’s prior written consent, and (c) provide Customer with reasonable assistance in connection with the defense or settlement of such claim, at Customer’s cost and expense. In addition, CrowdStrike may participate in the defense of any claim, and if Customer is already defending such claim, CrowdStrike’s participation will be at CrowdStrike’s expense. This provision does not diminish Customer or Data Subject’s rights under Applicable Laws related to CrowdStrike’s adherence to its obligations under Applicable Laws.

Processing of Customer Personal Data. 2.1 Processor shall: 2.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and 2.1.2 not Process Customer Personal Data other than on the relevant Customer’s documented instructions. 2.2 The Customer instructs Processor to process Customer Personal Data.

Processing of Customer Personal Data. 2.1. In respect of Personal Data, the parties acknowledge that (as between the parties):‌ (a) Bottomline is the Processor and Customer is the Controller for Customer Personal Data (notwithstanding the foregoing, where the Customer is the Processor for Customer Personal Data, Bottomline shall be deemed as a Subprocessor); and (b) Bottomline is an independent Controller for any Bottomline Personal Data. 2.2. Subject to Section 2.3, Customer instructs Bottomline to Process Customer Personal Data as necessary to provide the Services or otherwise to perform Bottomline’s obligations and exercise Bottomline’s rights under the Agreement. 2.3. Customer acknowledges and agrees that any instructions additional to those set out in the Agreement (including these Privacy Terms), issued by Customer with regards to the Processing of Customer Personal Data by or on behalf of Bottomline pursuant to the Agreement: (a) shall be strictly required for the sole purpose of ensuring compliance with Data Protection Laws; and (b) shall not relate to the scope of, or otherwise materially change the Services to be provided by Bottomline. 2.4. In relation to instructions which meet the conditions in Section 2.3 above, the Customer may terminate the relevant Services under the Agreement by providing Bottomline with at least sixty (60) days’ prior written notice, if Bottomline notifies the Customer that: (a) it is unable to adhere to, perform or implement instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or (b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise) provided always that: (i) the parties shall in good faith seek to reach a mutually acceptable resolution within thirty (30) days of Bottomline notifying the Customer that it is unable to meet the instructions under Section 2.3, and (ii) until such time as either a resolution has been reached between the parties or the Customer exercises its above termination right, Bottomline shall continue to provide the Services in accordance with the Agreement notwithstanding any such Customer instructions. 2.5. Bottomline may Process Customer Personal Data as required by applicable European Union, UK or European Union Member State laws. To the extent permitted by applicable laws, prior to Bottomline Processing Customer Personal Data under this Section 2.5, Botto...

Processing of Customer Personal Data. 2.1 SentinelOne shall: 2.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and 2.1.2 not Process Customer Personal Data other than for the purpose described in Annex 1 to this Addendum, unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case SentinelOne or the relevant SentinelOne Affiliate shall to the extent permitted by Applicable Laws inform the Customer of that legal requirement before the relevant Processing of that Personal Data. 2.2 Customer hereby: 2.2.1 instructs SentinelOne (and authorizes SentinelOne to instruct each Subprocessor) to: 2.2.1.1 Process Customer Personal Data; and 2.2.1.2 in particular, transfer Customer Personal Data to any country or territory, as reasonably necessary for the provision of the Solutions and consistent with the Agreement; and 2.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 2.2.1 on behalf of each relevant Customer Affiliate. 2.3 Annex 1 to this Addendum sets out certain information regarding the Contracted Processors' Processing of the Customer Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Customer may make reasonable amendments to Annex 1 by written notice to SentinelOne from time to time as Customer reasonably considers necessary to meet those requirements. Nothing in Annex 1 (including as amended pursuant to this section 2.3) confers any right or imposes any obligation on any party to this Addendum.

Processing of Customer Personal Data. 3.1 JourneyApps and each JourneyApps Affiliate shall: 3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and 3.1.2 not Process Customer Personal Data other than on the relevant Customer Group Member’s documented instructions, including instructions included in the Principal Agreement as part of the scope of the Services, unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case JourneyApps or the relevant JourneyApps Affiliate shall to the extent permitted by Applicable Laws inform the relevant Customer Group Member of that legal requirement before the relevant Processing of that Personal Data. 3.2 Each Customer Group Member: 3.2.1 instructs JourneyApps and each JourneyApps Affiliate (and authorises JourneyApps and each JourneyApps Affiliate to instruct each Subprocessor) to: 3.2.1.1 Process Customer Personal Data; and 3.2.1.2 in particular, transfer Customer Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the Principal Agreement; and 3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 3.2.1 on behalf of each relevant Customer Affiliate. 3.3 Annexure 1 to this DPA sets out certain information regarding the Contracted Processors’ Processing of the Customer Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Customer may make reasonable amendments to Annexure 1 by written notice to JourneyApps from time to time as Customer reasonably considers necessary to meet those requirements. Nothing in Annexure 1 (including as amended pursuant to this section 3.3) confers any right or imposes any obligation on any party to this DPA.

Processing of Customer Personal Data. 2.1 During the term of this Agreement Sage warrants and represents that it: 2.1.1 shall comply with the Data Protection Laws applicable to Sage whilst such Customer Personal Data is in Sage’s control; 2.1.2 when acting in the capacity of a Data Processor, shall only Process the Customer Personal Data: 2.1.2.1 as is necessary for the provision of the Program under this Agreement and the performance of Sage’s obligations under this Agreement; or 2.1.2.2 otherwise on your documented instructions. 2.2 Sage agrees to comply with the following provisions with respect to any Customer Personal Data Processed for you in connection with the provision of the Program under this Agreement.

Processing of Customer Personal Data. 2.1 The parties acknowledge that Supplier acts as a Processor; and Customer acts as the Controller. 2.2 Supplier shall comply with the GDPR and CCPA in Processing Customer Personal Data; and not Process Customer Personal Data other than on Customer’s instructions; and as required by applicable laws. To the extent permitted by applicable laws, Supplier shall inform Customer of any Processing to be carried out as required by applicable laws and the relevant legal requirements that require it to carry out such Processing, before the relevant Processing of that Customer Personal Data. 2.3 Annex 1 & Annex 2 (Data Processing Details) sets out certain information regarding Supplier’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR and Cal. Civ. Code § 1798.140(c) of the CCPA 2.4 Notwithstanding anything to the contrary herein, Supplier may terminate the Agreement in its entirety upon written notice to Customer with immediate effect if Supplier considers (in its reasonable discretion) that: (a) it is unable to adhere to, perform or implement any instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or (b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise). 2.5 Customer represents and warrants on an ongoing basis that, for the purposes of Article 6 of the GDPR, and (where applicable) Article 9 and/or Article 10 of the GDPR, there is, and will be throughout the term of the Agreement, a valid legal basis and (where applicable) condition for the Processing by Supplier of Customer Personal Data in accordance with this Data Processing Addendum and the Agreement (including, any and all instructions issued by Customer from time to time in respect of such Processing).

Processing of Customer Personal Data. 2.1 Supplier shall: 2.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and 2.1.2 not Process Customer Personal Data other than on the relevant Customer Group Member’s documented instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Supplier shall to the extent permitted by Applicable Laws inform the relevant Customer Group Member of that legal requirement before the relevant Processing of that Personal Data.

Processing of Customer Personal Data. 2.1. In respect of Customer Personal Data, the Parties acknowledge that: (a) Firefly acts as a Processor; and (b) Customer acts as the Controller. 2.2. Firefly shall: (a) comply with all applicable Data Protection Laws in Processing Customer Personal Data; and (b) not Process Customer Personal Data other than: (i) on Customer’s instructions (subject always to Paragraph 2.7); and (ii) as required by applicable laws. 2.3. Customer instructs Firefly to Process Customer Personal Data as necessary: (a) to provide the Services to Customer; and (b) to perform Firefly ’s obligations and exercise Firefly ’s rights under the Agreement. 2.4. Annex 1 (Data Processing Details) sets out certain information regarding Firefly’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR. 2.5. Nothing in Annex 1 (Data Processing Details) confers any right or imposes any obligation on any Party to this Data Processing Addendum. 2.6. Where Firefly receives an instruction from Customer that, in its reasonable opinion, infringes the GDPR, Firefly shall inform Customer. 2.7. Customer acknowledges and agrees that any instructions issued by Customer with regards to the Processing of Customer Personal Data by or on behalf of Firefly pursuant to or in connection with the Agreement: (a) shall be strictly required for the sole purpose of ensuring compliance with Data Protection Laws; and (b) (without limitation to the generality of Paragraph 2.5) shall not relate to the scope of, or otherwise materially change, the Services to be provided by Firefly under the Agreement. 2.8. Notwithstanding anything to the contrary herein, Firefly may terminate the Agreement in its entirety upon written notice to Customer with immediate effect if Firefly considers (in its reasonable discretion) that: (a) it is unable to adhere to, perform or implement any instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or (b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise). 2.9. Customer represents and warrants on an ongoing basis that, for the purposes of Article 6 of the GDPR, there is, and will be throughout the term of the Agreement, a valid legal basis for the Processing by Firefly of Customer Personal Data in accordance with this Data Processing Addendum and the Agreement (including, any and all instructio...