SCCs Clause Samples

SCCs. Restricted Transfers of Personal Data will be governed by SCCs Module 3 implemented between Workday (as “data exporter”) and its Subprocessors (as “data importers”).

SCCs. The Standard Contractual Clauses set forth at ▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇▇▇▇_▇▇▇▇▇▇▇▇▇▇▇_▇▇▇▇▇▇▇ ("SCCs"), will apply to the processing of Client's Data by TRITAN under this Master Agreement. Upon execution of this Master Agreement, TRITAN and the Client each are agreeing to the SCCs and all appendices attached thereto. The SCCs apply only to Personal Data that is transferred directly from the European Union to a location outside the European Union, whether directly or via a subsequent transfer, to any country or recipient: (a) not recognized by the European Commission as providing an adequate level of protection for Personal Data, and (b) not covered by a suitable framework recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data.

SCCs. Workday has implemented and complies with the SCCs for any Restricted Transfers of Personal Data from Workday (as “data exporter”) to Subprocessors (as “data importers”).

SCCs. Depending on the circumstances of the transfer of Personal Data, the Parties agree: SKU. W zależności od okoliczności przekazywania danych osobowych Strony uzgadniają, że: to enter into the SCCs as set out in Attachment 1, for transfers of Personal Data from Company or its Affiliates established in the EEA or Switzerland, as a data controller, to Vendor established in a country outside the EEA, as a data processor as set out in Module II of the European Commission decision 2021/914, dated 4 June 2021 (“Controller to Processor SCCs” or “Module II”), and as a data processor, to Vendor established in a country outside the EEA or Switzerland, as a data Subprocessor as set out in Module III of the European Commission decision 2021/914, dated 4 June 2021 (“Processor to Processor SCCs” or “Module III”). The SCCs will only apply to Personal Data that is transferred outside the EEA, either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for Personal Data. Personal Data that Vendor processes on Company’s behalf may only be disclosed to a third party located outside the EEA in accordance with clause 8.8 of the SCCs. do zawarcia SKU zgodnie z Załącznikiem 1, w przypadku przekazywania danych osobowych ze Spółki lub jej jednostek stowarzyszonych z siedzibą w EOG lub Szwajcarii, jako administrator danych, Usługodawcy z siedzibą w kraju poza EOG, jako podmiot przetwarzający dane, jak określono w Module II decyzji Komisji Europejskiej 2021/914, z dnia 4 czerwca 2021 r. („Klauzule SKU dotyczące stosunków między administratorem danych i podmiotem przetwarzającym dane” lub „Moduł II”), i jako podmiot przetwarzający dane, do Usługodawcy z siedzibą w kraju poza EOG lub Szwajcarią, jako podwykonawca przetwarzania danych, jak określono w Module III decyzji Komisji Europejskiej 2021/914, z dnia 4 czerwca 2021 r. („Klauzule SKU dotyczące stosunków między podmiotami przetwarzającymi dane osobowe” lub „Moduł III”). Klauzule SKU będą miały zastosowanie wyłącznie do danych osobowych, które są przekazywane poza EOG, bezpośrednio lub przez dalsze przekazywanie, do jakiegokolwiek kraju nieuznanego przez Komisję Europejską za zapewniający odpowiedni poziom ochrony danych osobowych. Dane osobowe przetwarzane przez Usługodawcę w imieniu Spółki mogą być ujawniane wyłącznie stronie trzeciej znajdującej się poza EOG zgodnie z klauzulą 8.8 SKU.

SCCs. Panopto may enter into and comply with the Standard Contractual Clauses for Personal Data transfers to Third Countries, including any successors or amendments to such clauses or such other applicable contractual terms adopted and approved under Data Protection Laws;

SCCs a. Where either the C2C SCCs or C2P SCCs are incorporated into this DPA under Clauses 3.b. or 4.d.: i) they will come into effect upon the commencement of the relevant Restricted Transfer; ii) any clauses which are entirely optional are not included; iii) for the purposes of Clause 13 the first option is included; iv) for the purposes of Clauses 17 and 18, the Member State for purposes of governing law and jurisdiction is the Member State in which the Customer is established. If the Customer is not established in a Member State, the specified Member State shall be Ireland; v) for the purposes of Annex 1.A of the SCCs, the ‘data importer’ and the ‘data exporter’ are set out in Part 1 or Part 2 (as applicable) of Annex 2 of this DPA; vi) for the purposes of Annex 1.B of the SCCs, the description of the transfer is set out in Part 1 or Part 2 (as applicable) of Annex 2 of this DPA vii) for the purposes of Annex 1.C of the SCCs the competent supervisory authority shall be the supervisory authority competent in the country in which the Customer is established; and viii) for the purposes of Annex 2 of the SCCs, the technical and organisational measures are the Security Controls. b. Where the C2P SCCs are incorporated into this DPA under Clause 4.d.: i) Option 2 (“General written authorisation”) of Clause 9 is selected; ii) the time period for the addition or replacement of Sub-Processors shall be as described in Clause 4.g.1 of this DPA;

SCCs. For this DPA, in connection with Infor’s provision of the Services, the Parties agree to enter into, as applicable: (i) the Controller to Controller SCCs for Restricted Transfers of Personal Data from a Customer established in the EU/EEA, as a data controller, to an Infor entity established in a country outside the EU/EEA, as a data controller; (ii) the Controller to Processor SCCs for Restricted Transfers of Personal Data from a Customer established in the EU/EEA, as a data controller, to an Infor entity established in a country outside the EU/EEA, as a data processor; and/or (iii) the Processor to Processor SCCs for Restricted Transfers of Personal Data from a Customer established in the EU/EEA, as a data processor, to an Infor entity established in a country outside the EU/EEA, as a data processor; with the selections identified in Section I.2.b. below (as applicable). If Data Protection Laws require the Parties to execute the SCCs as a separate agreement, the Parties shall promptly execute such SCCs.

SCCs. Depending on the circumstances of the transfer of Personal Data, the Parties agree: SCB. Afhankelijk van de omstandigheden van de overdracht van persoonsgegevens, komen de partijen overeen: to enter into the SCCs as set out in Attachment 1, for transfers of Personal Data from Company or its Affiliates established in the EEA or Switzerland, as a data controller, to Vendor established in a country outside the EEA, as a data processor as set out in Module II of the European Commission decision 2021/914, dated 4 June 2021 (“Controller to Processor SCCs” or “Module II”). The Controller to Processor SCCs will only apply to Personal Data that is transferred outside the EEA, either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for Personal Data. Personal Data that Vendor processes on Company’s behalf may only be disclosed to a third party located outside the EEA in accordance with clause 8.8 of the Controller to Processor SCCs. om de SCB aan te gaan zoals uiteengezet in bijlage 1 voor de overdracht van persoonsgegevens van het bedrijf of zijn gelieerde ondernemingen gevestigd in de EER of Zwitserland, als zijnde de verwerkingsverantwoordelijke, naar de leverancier gevestigd in een land buiten de EER, als zijnde de gegevensverwerker, zoals uiteengezet in Module II van het besluit van de Europese Commissie 2021/914, gedateerd 4 juni 2021 ( “SCB verwerkingsverantwoordelijke naar verwerker” of “Module II”). De SCB Verwerkingsverantwoordelijke naar verwerker zijn alleen van toepassing op persoonsgegevens die ▇▇▇▇▇▇ overgedragen buiten de EER, hetzij rechtstreeks of via verdere overdracht, naar een land dat niet door de Europese Commissie wordt erkend als beschikkend over een adequaat niveau van bescherming van persoonsgegevens. Persoonsgegevens die de leverancier namens het bedrijf verwerkt, mogen ▇▇▇▇▇▇ ▇▇▇▇▇▇ bekendgemaakt aan een derde partij die zich buiten de EER bevindt in overeenstemming met bepaling 8.8 van de SCB Verwerkingsverantwoordelijke naar verwerker.

SCCs. The Customer and Lusha hereby assent to the Annex to the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (“SCCs”, available at ▇▇▇▇▇://▇▇▇-▇▇▇.▇▇▇▇▇▇.▇▇/legal-content/EN/TXT/PDF/?uri=CELEX:32021D0914&from=EN), as follows: In Section II (Obligations of the Parties), Clause 9(a) for MODULE TWO: Transfer controller to processor: The data importer shall specifically inform the data exporter in writing of any intended changes to its list of sub-processors through the addition or replacement of sub-processors at least 10 days in advance, thereby giving the data exporter sufficient time to be able to object to such changes prior to the engagement of the sub-processor(s). If, in Lusha’s reasonable opinion, such objections are legitimate, Lusha shall either refrain from using such sub-processor in the context of the Processing of Personal Data or shall notify Customer of its intention to continue to use the sub-processor. Where Lusha notifies Customer of its intention to continue to use the sub-processor in these circumstances, Customer may, by providing written notice to Lusha, terminate the Agreement immediately. In Section IV (Final Provisions), Clause 17 for MODULE TWO: Transfer controller to processor: The Parties agree that this shall be the EU member state in which the Customer is established, or, if the Customer is not established in any EU member state, then the law of the Republic of Ireland. In Section IV (Final Provisions), Clause 18(b) for MODULE TWO: Transfer controller to processor: The Parties agree that those shall be the courts of the EU member state’s town in which the Customer is established, or, if the Customer is not established in any EU member state, then ▇▇▇ ▇▇▇▇▇▇ ▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇▇. In Annex I, for MODULE TWO: Transfer controller to processor: Data Exporter: Customer. Activities relevant to the data transferred under these Clauses: an organization using Lusha’s services which involves Lusha Processing Personal Data received from the Customer. Role: Controller. Data Importer: Lusha. Activities relevant to the data transferred under these Clauses: Developer, operator and provider of the Lusha services which involve Lusha Processing Personal Data received from the Customer. Role: Processor.