THE COMPANY’S ROLE AS A DATA CONTROLLER. 3.1. The Company shall ensure that the following information is provided to every Data Subject when personal data is collected or in advance of data collection: a) Details of the Company including, but not limited to, the identity of its Data Protection Officer. b) The purpose(s) for which the personal data is being collected and will be processed and the legal basis justifying that collection and processing; c) Where applicable, the legitimate interests upon which the Company is justifying its collection and processing of the personal data; d) Where the personal data is not obtained directly from the Data Subject, the categories of personal data collected and processed; e) Where the personal data is to be transferred to one or more third parties, details of those parties; f) Where the personal data is to be transferred to a third party that is located outside of the European Economic Area (the “EEA”), details of that transfer, including but not limited to the safeguards in place; g) Details of the length of time the personal data will be held by the Company (or, where there is no predetermined period, details of how that length of time will be determined);
Appears in 2 contracts
Sources: Impero Services Agreement, Impero Services Agreement