Common use of Records and Data Clause in Contracts

Records and Data. 7.1. You and We will each comply with Our respective obligations under the Privacy Act and any other applicable privacy and data protection laws in relation to Member Records and Customer Data. 7.2. Your customers retain all rights in their Customer Data. Unless otherwise agreed, We may only transmit and route Customer Data in accordance with this Agreement and to the extent required to provide the Member Services to You. In particular, We will: (a) not issue any express request to any of Our Representatives or suppliers to access any Customer Data; and (b) promptly notify You of any unauthorised access to Customer Data by any of Our Representatives or suppliers promptly after becoming aware of such unauthorised access. For the avoidance of doubt, We shall not be deemed to have breached this clause or any other provision of this Agreement merely by providing the Member Services through which Customer Data is transferred by You and/or any third party; 7.3. We will not process, collect, use, store, host, disclose or access any Member Records, except in accordance with Our privacy policy and as required to perform the Member Services or to strictly (and only to the extent) required to comply with applicable law. 7.4. You accept that the Member Portal, Member Services and/or Member Records may be hosted by Us or Our suppliers on hardware or infrastructure located in or outside New Zealand and We may not own or operate that infrastructure Ourselves. 7.5. You warrant and agree that: (a) You will only upload or input Member Records into the Member Portal, which You are legally entitled and authorised to upload or input; (b) You are responsible for the accuracy of Your Member Records except where We have assigned or allocated such records for You; (c) Our collection, use, storage and disclosure of the Member Records in accordance with this Agreement will not breach any applicable law or the rights of any other person; and (d) all Member Records, Customer Data and other materials and information that is transmitted by You or Your customers using the Member Services will not infringe the rights of any person or breach any applicable law. 7.6. If We become aware of the transmission or storage of any Customer Data or other content that breaches this Agreement, We may disconnect the Member Equipment that the relevant content is hosted on or transmitted by. Unless immediate action is required by law or for protection of persons or property, we will use reasonable endeavors to provide You with prior notice of any proposed disconnection and an opportunity to remove or cease transmission of the offending content. If You become aware of any Customer Data or other content that You think breaches the Agreement, You will notify Us immediately. 7.7. You will take reasonable precautions to back up and archive Your Member Records and, where You have agreed with Your customers to do so, the Customer Data. You agree that We have no responsibility for any loss or corruption of any Member Records or Customer Data unless caused by Our wilful misconduct. 7.8. You indemnify Us in respect of any loss or damage We incur in respect of any third-party claim that: (a) any of the Member Records or Customer Data is lost, unavailable or corrupted (other than to the extent such loss, unavailability or corruption is caused by our willful misconduct); or (b) the transmission of any Member Records or Customer Data by Us or Our suppliers in the course of providing the Member Services in accordance with the Agreement infringes the Intellectual Property Rights or other rights of any person or breaches any law, regulation, code or standard. 7.9. We acknowledge that We are neither authorised, nor have We been instructed, to act as “Data Processor” or “subprocessor” (as defined under European privacy laws and regulations) with respect to Customer Data. We will not process, collect, use, store, host, disclose or access any Customer Data: (a) except as strictly (and only to the extent) required to comply with applicable laws; or (b) unless and until We have entered into a mutually acceptable data processing and security agreement with You, which at a minimum meets the requirements of the Privacy Act and any other applicable privacy and data protection laws. We will otherwise only transmit and route Customer Data in accordance with your instructions and to the extent required to provide the Member Services;

Records and Data. 7.1. You and We will each comply with Our respective obligations under the Privacy Act and any other applicable privacy and data protection laws in relation to Member Records and Customer Data. 7.2. Your customers retain all rights in their Customer Data. Unless otherwise agreed, We may only transmit and route Customer Data in accordance with this Agreement and to the extent required to provide the Member Services to You. In particular, We will: (a) not issue any express request to any of Our Representatives or suppliers to access any Customer Data; and (b) promptly notify You of any unauthorised access to Customer Data by any of Our Representatives or suppliers promptly after becoming aware of such unauthorised access. For the avoidance of doubt, We shall not be deemed to have breached this clause or any other provision of this Agreement merely by providing the Member Services through which Customer Data is transferred by You and/or any third party; 7.3. We will not process, collect, use, store, host, disclose or access any Member Records, except in accordance with Our privacy policy and as required to perform the Member Services or to strictly (and only to the extent) required to comply with applicable law. 7.4. You accept that the Member Portal, Member Services and/or Member Records may be hosted by Us or Our suppliers on hardware or infrastructure located in or outside New Zealand and We may not own or operate that infrastructure Ourselves. 7.5. You warrant and agree that: (a) You will only upload or input Member Records into the Member Portal, which You are legally entitled and authorised to upload or input; (b) You are responsible for the accuracy of Your Member Records except where We have assigned or allocated such records for You; (c) Our collection, use, storage and disclosure of the Member Records in accordance with this Agreement will not breach any applicable law or the rights of any other person; and (d) all Member Records, Customer Data and other materials and information that is transmitted by You or Your customers using the Member Services will not infringe the rights of any person or breach any applicable law. 7.6. If We become aware of the transmission or storage of any Customer Data or other content that breaches this Agreement, We may disconnect the Member Equipment that the relevant content is hosted on or transmitted by. Unless immediate action is required by law or for protection of persons or property, we will use reasonable endeavors to provide You with prior notice of any proposed disconnection and an opportunity to remove or cease transmission of the offending content. If You become aware of any Customer Data or other content that You think breaches the Agreement, You will notify Us immediately. 7.7. You will take reasonable precautions to back up and archive Your Member Records and, where You have agreed with Your customers to do so, the Customer Data. You agree that We have no responsibility for any loss or corruption of any Member Records or Customer Data unless caused by Our wilful misconduct. 7.8. You indemnify Us in respect of any loss or damage We incur in respect of any third-party claim that: (a) any of the Member Records or Customer Data is lost, unavailable or corrupted (other than to the extent such loss, unavailability or corruption is caused by our willful misconduct); or (b) the transmission of any Member Records or Customer Data by Us or Our suppliers in the course of providing the Member Services in accordance with the Agreement infringes the Intellectual Property Rights or other rights of any person or breaches any law, regulation, code or standard. 7.9. We acknowledge that We are neither authorised, nor have We been instructed, to act as “Data Processor” or “subprocessor” (as defined under European privacy laws and regulations) with respect to Customer Data. We will not process, collect, use, store, host, disclose or access any Customer Data: (a) except as strictly (and only to the extent) required to comply with applicable laws; or (b) unless and until We have entered into a mutually acceptable data processing and security agreement with You, which at a minimum meets the requirements of the Privacy Act and any other applicable privacy and data protection laws. We will otherwise only transmit and route Customer Data in accordance with your instructions and to the extent required to provide the Member Services;.