Processor Obligations Clause Samples

Processor Obligations. 4.1 The Processor may collect, process or use Personal Data only within the scope of this DPA. 4.2 The Processor confirms that it shall process Personal Data on behalf of the Controller. 4.3 The Processor shall promptly inform the Controller, if in the Processor’s opinion, any of the instructions regarding the processing of Personal Data provided by the Controller, breach any Data Protection Law. 4.4 The Processor shall ensure that all employees, agents, officers and contractors involved in the handling of Personal Data: (i) are aware of the confidential nature of the Personal Data and are contractually bound to keep the Personal Data confidential; (ii) have received appropriate training on their responsibilities as a data processor; and (iii) are bound by the terms of this DPA. 4.5 The Processor shall implement appropriate technical and organisational procedures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. 4.6 The Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymisation and encryption of Personal Data; (ii) the ability to ensure the on-going confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In accessing the appropriate level of security, account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. 4.7 The technical and organisational measures detailed in Exhibit B shall at all times be adhered to as a minimum security standard. The Controller accepts and agrees that the technical and organisational measures are subject to development and review and that the Processor may use alternative suitable measures to those detailed in the attachments to this DPA, provided such measures a...

Processor Obligations. 4-1 In respect of the processing referred to in article 2, the Processor will ensure compliance with the applicable laws and regulations, in particular the GDPR. 4-2 The Processor's obligations as ensuing from this Agreement will also extend to those processing personal data under the authority of the Processor, including but not limited to employees, in the broadest sense. 4-3 To the extent within its power, the Processor will lend its assistance to the Controller for purposes of implementation of DPIAs within the meaning of Article 35 GDPR.

Processor Obligations. 40.1 The Supplier shall, in relation to any Personal Data Processed in connection with the performance by the Supplier of its obligations under this Agreement: (a) Process that Personal Data only on the documented written instructions of the Customer unless the Supplier is required by applicable law to Process Personal Data. The Supplier shall promptly notify the Customer of this before performing the Processing required by the applicable laws unless those applicable laws prohibit the Supplier from so notifying the Customer; (b) ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the Supplier, to protect against unauthorised or unlawful Processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful Processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it). (c) not transfer any Personal Data to a Third Country unless the Supplier complies with its obligations under the Data Protection Laws by providing an adequate level of protection to any Personal Data that is transferred. The Customer agrees that the Personal Data may be transferred to or stored in a Third Country where the Customer is located in order to carry out the Services and the Supplier's other obligations under this Agreement; and (d) assist the Customer, at the Customer's cost in responding to any request from a Data Subject and in ensuring compliance with its obligations under Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators; (e) at the written direction of the Customer, delete or return Personal Data and copies thereof to the Customer on termination of the Agreement unless required by applicable law to store the Personal Data; (f) maintain complete and accurate records and inform...

Processor Obligations. 2.1. Regarding the processing operations referred to in the previous clause, Processor shall comply with all applicable legislation, including at least all data processing legislation such as the GDPR. 2.2. Upon first request Processor shall inform Controller about any measures taken to comply with its obligations under this Data Processing Agreement. 2.3. All obligations for Processor under this Data Processing Agreement shall apply equally to any persons processing personal data under the supervision of Processor, including but not limited to employees in the broadest sense of the term. 2.4. Processor shall inform Controller without delay if in its opinion an instruction of Controller would violate the legislation referred to in the first clause of this article. 2.5. Processor shall provide reasonable assistance to Controller in the context of any data protection impact assessments to be made by Controller. 2.6. Processor shall, in accordance with Article 30 GDPR, keep a register of all categories of processing activities which it carries out on behalf of the Controller under this data processing agreement. At Controller's request, Processor shall provide Controller access to this register.

Processor Obligations. The Processor will, during the Term: (a) as payment for the supply of the Milk, pay to the Farmer the amounts detailed in Item 7 of Schedule 1, at the time and in the manner detailed in Item 8 of Schedule 1 (Supply Fee); (b) collect the Milk from the Farmer, at the Processor’s cost, in accordance with the Collection Procedure (detailed in Item 9 of Schedule 1); (c) undertake the sampling procedures and volume accuracy assurances in relation to the Milk, as detailed in Schedule 2 (Processor Testing); (d) as soon as reasonably practicable after the Processor Testing, provide written notice of the results of the Processor Testing to the Farmer, with reference to the quality and quantity of Milk, in accordance with Item 2.2 of Schedule 2 (Processor Testing Results); (e) undertake the actions detailed in Item 4 of Schedule 2 in the event of Quality Non-Compliance; (f) as soon as reasonably practicable after the occurrence of a Rejection Event (under in Item 4 of Schedule 2) notify the Farmer in writing of the rejection of the Milk, including the reasons for the rejection and consequences of the rejection; (g) provide to the Farmer written statements regarding the Milk within 16 calendar days of the conclusion of each calendar month specifying the: (i) quantity and quality of the Milk purchased from the Farmer in the preceding calendar month; (ii) Supply Fee paid for the Milk and the dates of those purchases; and (iii) a summary of the calculation of the Supply Fee, (Written Statement); and (h) assist the Farmer to remedy the Quality Non-Compliance (where applicable).

Processor Obligations. Processor shall, and Processor shall ensure that its Personnel, Affiliates and Sub-Processors shall, Process all Personal Data fairly and lawfully, respect the privacy of Data Subjects and comply with all Data Protection Rules. Processor shall also ensure that its Personnel, Affiliates and Sub-Processors shall have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. Processor shall not (i) obtain any rights to any Personal Data by virtue of providing the Services, (ii) transfer or disclose any Personal Data (in part or in whole) to any third party, except as stipulated in these Terms, or

Processor Obligations. 2.1. Regarding the processing operations referred to in the previous clause, Processor shall comply with all applicable legislation, including at least all data processing legislation such as the Dutch Data Protection Act. 2.2. Upon first request Processor shall inform Controller about any measures taken to comply with its obligations under this Data Processing Agreement. 2.3. All obligations for Processor under this Data Processing Agreement shall apply equally to any persons processing personal data under the supervision of Processor, including but not limited to employees in the broadest sense of the term. 2.4. Processor shall inform Controller without delay if in its opinion an instruction of Controller would violate the legislation referred to in the first clause of this article. 2.5. Processor shall provide reasonable assistance to Controller in the context of any privacy impact assessments to be made by Controller.

Processor Obligations. Where a Party is acting as a Processor of Personal Data on behalf of the other Party under this Agreement, the following provisions shall apply:

Processor Obligations. The provisions of Section 10.7 of the General Terms shall be deleted and replaced as follows: