Common use of RIGHTS AND OBLIGATIONS OF THE CONTROLLER Clause in Contracts

RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 2.1 The Controller (i) shall ensure that the Controller when Processing Controller Data, complies with Applicable Data Protection Law; (ii) is at all times entitled to provide new or amended instructions regarding the Processing of the Controller Data, whereby the Processor shall be given reasonable time for implementation; (iii) shall without undue delay inform the Processor of any circumstances that may require modifications to the Processor’s Processing of the Controller Data; (iv) is at all times entitled to, by written notification to the Processor, terminate the Processor's Processing of the Controller Data if the Controller has reasonable grounds to believe that the Processor is unable, or has failed, to comply with the provisions of the DPA or Applicable Data Protection Law; and (v) provides a general authorisation to the Processor to engage Sub- processors, provided however that the Controller’s authorisation is subject to such Sub- processor‘s compliance with all the provisions set out in this DPA. 2.2 This DPA shall apply to all Processing of the Controller Data performed by the Processor on behalf of the Controller; in no event shall the Parties Process any Personal Data as joint controllers, as such term is defined in the GDPR.

RIGHTS AND OBLIGATIONS OF THE CONTROLLER. 2.1 The Controller (i) shall ensure that the Controller Controller, when Processing Controller processing Controller’s Data, complies with Applicable Data Protection Law; (ii) is at all times entitled to provide new or amended instructions regarding the Processing processing of the Controller Controller’s Data, whereby the Processor shall be given reasonable time for implementation; (iii) shall without undue delay inform the Processor of any circumstances that may require modifications to the Processor’s Processing processing of the Controller Controller’s Data; (iv) is at all times entitled to, by written notification to the Processor, terminate the Processor's Processing processing of the Controller Controller’s Data if the Controller has a reasonable grounds to believe that the Processor is unable, or has failed, to comply with the provisions of the DPA or and/or Applicable Data Protection Law; and (v) provides a general authorisation to the Processor to engage Sub- processorsSub-Processors (as defined below), provided however that the Controller’s authorisation is subject to such Sub- processor‘s Sub-Processor‘s compliance with all the provisions set out in this DPA. 2.2 This DPA shall apply to all Processing of the Controller Data performed by the Processor on behalf of the Controller; in no event shall the Parties Process any Personal Data as joint controllers, as such term is defined in the GDPR.