DATA PROTECTION ADDENDUM
|
|
- Whitney Robinson
- 5 years ago
- Views:
Transcription
1 DATA PROTECTION ADDENDUM In the event an agreement ( Underlying Agreement ) entered into by and between (i) either Sunovion Pharmaceuticals Inc. or its subsidiary, Sunovion Pharmaceuticals Europe Ltd. ( Sunovion ) and (ii) the service provider, vendor, or consultant identified in the Underlying Agreement (for the purpose of this Addendum, Service Provider ) requires Service Provider to collect, store, use, disclose, or otherwise process any Personal Information (defined below) under Data Protection Laws (defined below), the terms and conditions stated in this addendum ( Addendum ) shall apply and are incorporated by reference into the Underlying Agreement. To the extent the terms in this Addendum conflict with those in the Underlying Agreement, these terms will control. 1. Definitions. a. Data Protection Laws means privacy and data protection laws and regulations, including any law, regulation, order, guideline, industry code, or other requirement that is applicable to Sunovion or to Service Provider in its performance of the Services. b. Data Subject means any person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to identity of that natural person. c. Personal Information means any information relating to a Data Subject which is collected or used by or on behalf of Sunovion by Service Provider. Personal Information includes Sensitive Personal Information. d. Privacy Program means Service Provider s comprehensive written privacy and information security program. e. Process or Processing means any operation or set of operations which is performed upon Personal Information, whether or not by automatic means, including, without limitation, any collection, transfer, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure, transmission, dissemination, combination, blocking, erasure, or destruction thereof. f. Records means all Personal Information, documentation, data, records, materials, and information obtained or generated by Service Provider in the course of providing the Services. g. Security Incident means any actual or suspected unauthorized access, use, destruction, loss, alteration, acquisition, or disclosure of Personal Information under the control of Service Provider or being processed by a Subprocessor on Service Provider s behalf. h. Sensitive Personal Information means i. data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership;
2 ii. genetic data, biometric data, and data concerning health; iii. data concerning a natural person s sex life or sexual orientation; iv. any other data which, if involved in a Security Incident, would result in a breach notification obligation to Data Subjects or government authorities under Data Protection Laws, including but not limited to Social Security, national identification, or driver s license numbers, financial account or credit card numbers, and usernames and passwords. i. Services means those goods and services provided to Sunovion by Service Provider as set forth in the Underlying Agreement. j. Subprocessor means any third-party agents, subcontractors, or vendors of Service Provider. 2. Obligations. a. Service Provider agrees to comply with all applicable Data Protection Laws and appropriate industry standards applicable to the processing of Personal Information including, if appropriate, ISO/IEC b. Service Provider agrees to use reasonable and appropriate technical, organizational, and physical controls to protect Personal Information and other data covered by Data Protection Laws which are collected or used by or on behalf of Sunovion by Service Provider from loss, destruction, and unauthorized access, use, or disclosure. In assessing the appropriate level of security, Service Provider shall take account of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Information transmitted, stored or otherwise processed. Service Provider further agrees as follows: i. The technical, organizational, and physical controls to protect Personal Information will include: A. the encryption of Personal Information or, with Sunovion s approval, the implementation of equivalent security measures to protect Personal Information; B. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; C. the ability to restore the availability and access to Personal Information in a timely manner in the event of a physical or technical incident; and D. a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. ii. Service Provider agrees that all Personal Information transferred to or stored on any mobile device, including but not limited to laptop computers, compact discs,
3 PDAs, thumb drives, backup tapes, and/or zip drives, shall be in an encrypted form and that all Personal Information transferred over open networks shall be in encrypted form. c. Service Provider agrees to Process Personal Information only as necessary to carry out its responsibilities under the Underlying Agreement, and will Process only the minimum amount of Personal Information required. d. To the extent that Service Provider collects information on Sunovion s behalf or provides to Sunovion, Service Provider will use notices and consents approved by Sunovion. Service Provider represents and warrants that the Personal Information it collects and provides to Sunovion may be lawfully used by Sunovion for the purposes for which it was collected. e. Service Provider agrees not to disclose Personal Information unless: i. it is necessary to carry out an obligation under the Underlying Agreement, including any Statement of Work thereunder; ii. Service Provider notifies Sunovion (to the extent permitted by law) of a legal requirement to disclose Personal Information, which notification shall be prior to disclosure in order to permit Sunovion to oppose the same by appropriate legal action, and Service Provider shall use best efforts to limit the nature and scope of the disclosure and will only disclose the minimum amount of Personal Information necessary to comply with the law or court order; or iii. Sunovion otherwise agrees to such disclosure in writing. f. Service Provider shall assist Sunovion in taking any steps necessary to ensure that Sunovion is able to comply with its obligations under Data Protection Law with respect to Service Provider s processing activities, including assisting Sunovion in consultations with governmental authorities and to prepare any required materials or assessments. g. Service Provider will maintain and materially comply with a Privacy Program designed to protect Personal Information against reasonably foreseeable risks of unauthorized processing, including policies and procedures demonstrating that: i. Personal Information will only be used and disclosed consistent with providing the services hereunder; ii. Service Provider implements appropriate technical, organizational, and physical controls to protect the Personal Information as required by Data Protection Laws; iii. Service Provider trains its workforce on Service Provider s Privacy Program, including on appropriate uses of and protection of Personal Information; iv. Service Provider complies with the requirement to contact Sunovion immediately if a Data Subject contacts Service Provider to exercise any rights under any Data Protection Law; and
4 v. Service Provider takes measures to ensure that Personal Data is only collected, used, stored, shared, and transferred consistent with the instructions of Sunovion. h. Service Provider agrees that, if required by Data Protection Laws, it will: i. employ a data protection officer; and ii. appoint (in writing) a representative within the European Union and any other jurisdictions where a representative is required. i. Service Provider agrees to notify Sunovion within 24 hours of becoming aware of any Security Incident and to take such reasonable, remedial actions warranted to investigate and halt the root cause of such incident to the extent it is ongoing. j. In the event of a Security Incident, Service Provider agrees to assist and fully cooperate with any investigation by Sunovion or Sunovion s designated agent. Sunovion will determine whether to make any notifications to affected individuals or government authorities. k. Service Provider shall not disclose any information about Sunovion in relation to a suspected Security Incident to any third party without Sunovion s prior written approval unless required by law, except that Service Provider may retain a third party subject to obligations of confidentiality and non-disclosure to investigate or mitigate such Security Incident. l. Service Provider agrees to promptly notify Sunovion of any inquiry, complaint, governmental inspection, or audit concerning compliance with Data Protection Laws or applicable industry standards to the extent related to the services provided under the Underlying Agreement. m. In the event Service Provider receives a request from a Data Subject to access, amend, delete, or otherwise exercise the Data Subject s rights under Data Protection Laws, Service Provider will notify Sunovion within three (3) days and follow Sunovion s instructions for responding to the request. n. Service Provider agrees that it will not disclose Personal Information to any Subprocessor without Sunovion s prior written approval. Any Subprocessor will receive Personal Information only pursuant to a written agreement signed by Service Provider and the Subprocessor which will require the Subprocessor to: i. comply with the terms of this Addendum; ii. be properly trained on how to handle Personal Information; and iii. comply with applicable Sunovion policies and procedures. o. Service Provider shall be responsible for any noncompliance with the terms of this Addendum by any Subprocessor, which noncompliance will constitute a breach as if committed directly by Service Provider.
5 p. Service Provider shall ensure that any persons authorized to process Personal Information on Service Provider s behalf have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. 3. International Data Transfers. a. Service Provider agrees that it will obtain Sunovion s prior written approval before transferring Personal Information outside of the country where such data was collected. In cases of doubt, Personal Information should be deemed collected in the country where the Data Subject resides. For the purpose of this paragraph, countries within the European Economic Area ( EEA ) will be deemed a single country. b. Service Provider agrees to comply with applicable Data Protection Laws when transferring Personal Information internationally, including, where appropriate, entering into standard contractual clauses that have been approved by regulatory authorities as a basis for international data transfers. An international transfer of data includes the use of cloud-based storage solutions which may permit access to data stored on servers in one country to an individual located in a different country. c. If the Services provided by Service Provider will involve the collection or processing of Personal Information collected from persons within the EEA, then Sunovion shall serve as the controller of such data, as defined by the European Union General Data Protection Regulation ( GDPR ), and Service Provider shall act only under the instructions of Sunovion in regard to such EEA Personal Information. If Sunovion determines that it is legally required, the parties shall negotiate in good faith to agree on an appropriate data transfer agreement. 4. Indemnification. a. Notwithstanding any provision in the Underlying Agreement to the contrary, Service Provider shall indemnify Sunovion, Sunovion s affiliates and their respective directors, officers, employees, agents, subcontractors, and representatives (collectively, Indemnified Parties ), from and against all damages, fines, fees, penalties, costs (including costs associated with providing notices, any offered remediation services, and investigation of a Security Incident), expenses, or other liabilities, including reasonable attorney s fees and court costs, arising out of, or incurred in connection with: (i) any third-party claim, action, or proceeding arising from any breach by Service Provider, or by a Subprocessor or other contractor of Service Provider, of the terms of this Addendum, including any negligent or reckless act, omission or default by Service Provider or Service Provider s Subprocessors or contractors in the provision of the Services; or (ii) any Security Incident. b. Service Provider shall at its own expense obtain and maintain insurance of a type and amount adequate to cover loss, damage, liability or costs in respect of which it is liable to indemnify Sunovion and shall not do or omit to do any act, matter or thing which may prejudice or render voidable any such insurance. Service Provider shall, upon request by
6 5. Data Retention. Sunovion, provide Sunovion with a copy of the insurance policy which it is obliged to take out pursuant to its obligations under this paragraph. a. Upon the expiration or termination of the Underlying Agreement, all Personal Information obtained or generated by Service Provider in the course of providing the Services hereunder shall, upon Sunovion s written request, be: i. delivered to Sunovion or permanently and securely destroyed within thirty (30) days upon receipt of Sunovion s written request; or ii. retained by Service Provider for Sunovion in a facility offering reasonable protection against damage to, wrongful access to, or loss of Personal Information and other Records in accordance with and for the periods specified in Sunovion s SOP on data retention and information policy and the Underlying Agreement. b. If Service Provider retains copies of any Personal Information pursuant to this Section, such Personal Information will be subject to the obligations in this Addendum, which will survive the termination of the Underlying Agreement. 6. Notices. All notices required pursuant to this Addendum should be sent to Sunovion s Data Privacy Officer by and physical mail at the following addresses: a. privacy@sunovion.com b. Gregory Bokar Attn: Legal Affairs 84 Waterford Drive Marlborough, MA USA
ROSETTA STONE LTD. PROCESSING ADDENDUM
ROSETTA STONE LTD. PROCESSING ADDENDUM This Data Processing Addendum (this DPA ) forms part of the order document(s) (each a Service Order ) and Services Agreement (collectively, the Agreement ), entered
More informationEU Data Processing Addendum
EU Data Processing Addendum This EU Data Processing Addendum ( Addendum ) is made and entered into by and between AlienVault, Inc., a Delaware corporation ( AlienVault ) and the customer specified in the
More informationMoxtra, Inc. DATA PROCESSING ADDENDUM
Moxtra, Inc. DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Terms of Service found at http://moxtra.com/terms-of-service/, unless Company has entered into a superseding
More informationDATA PROCESSING ADDENDUM
Page 1 of 20 DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Customer Terms of Service found at https://slack.com/terms-of-service, unless Customer has entered into a
More informationGDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS
GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS WHO SHOULD EXECUTE THIS DPA: If you have determined that you qualify as a data controller under the GDPR, and need a data processing addendum
More informationON24 DATA PROCESSING ADDENDUM
ON24 DATA PROCESSING ADDENDUM This Data Processing Addendum ( Addendum ) is entered into by and between ON24 Inc., on behalf of itself and its Affiliates ( ON24 ), and Client, on behalf of itself and its
More informationData Processing Addendum
Data Processing Addendum Based on the General Data Protection Regulation (GDPR) and European Commission Decision 2010/87/EU - Standard Contractual Clauses (Processors) This Data Processing Addendum ( DPA
More informationDATA PROCESSING ADDENDUM (v1.0)
DATA PROCESSING ADDENDUM (v1.0) Progressive Voice Services Limited trading as Meetupcall of Premier House, Carolina Court, Doncaster, DN45RA ( Meetupcall ) and having its place of business at, ( Customer
More informationGDPR Data Processing Addendum (DPA) Instructions for Area 1 Security Customers
Area 1 Security, Inc. 142 Stambaugh Street Redwood City, CA 94063 EU GDPR DPA GDPR Data Processing Addendum (DPA) Instructions for Area 1 Security Customers Who should execute this DPA: If you qualify
More informationDATA PROCESSING ADENDUM
W www.exponea.com C +421 948 127 332 sales@exponea.com A Exponea, Twin City B, Mlynské Nivy 12 821 09 Bratislava, SK DATA PROCESSING ADENDUM Exponea s.r.o. registered in the Commercial Register maintained
More informationData Processing Appendix
Data Processing Appendix This Data Processing Appendix (the Appendix ) is attached to and forms part of the Supplier General Terms and Conditions (the Agreement ) between Nebula Oy ( Supplier ) and customer
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the End User License and Services Agreement (the Agreement ) between Customer and Ivanti, to reflect the parties agreement about
More informationDATA PROCESSING AGREEMENT/ADDENDUM
DATA PROCESSING AGREEMENT/ADDENDUM This Data Processing Agreement ( DPA ) is made and entered into as of this day of, 2018 forms part of our Terms and Conditions (available at www.storemaven.com/terms-of-service)
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement (the DPA ), entered into by the Customer and the company Ganttic OÜ (company registration number 11979702) having its registered office at Lai tn
More informationCLIENT DATA PROCESSING AGREEMENT
CLIENT DATA PROCESSING AGREEMENT This Data Processing Agreement for the Data Protection (the Agreement ) of Data Processed is entered into on./../ (hereinafter referred to as the Effective Date ) by and
More informationHOW TO EXECUTE THIS DPA:
DATA PROCESSING ADDENDUM (GDPR, and EU Standard Contractual Clauses) (Rev. April 20, 2018) This Data Processing Addendum ( DPA ) forms part of the Master Subscription Agreement or other written or electronic
More informationDATA PROCESSING TERMS DEFINITIONS
DATA PROCESSING TERMS DEFINITIONS Agency: means KTS Events Limited (company registration number 05289039) and any business entity from time to time controlling, controlled by, or under common control or
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA or Agreement ), entered into by the CPI customer identified on the applicable CPI services agreement for CPI services ( Customer ) and the
More informationCLOUDINARY DATA PROCESSING ADDENDUM
CLOUDINARY DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the agreement for the subscription by the Customer to the Cloudinary Service ("Subscription Agreement") between Cloudinary
More informationDATA PROCESSING ADDENDUM (INCLUDING EU STANDARD CONTRACTUAL CLAUSES)
DATA PROCESSING ADDENDUM (INCLUDING EU STANDARD CONTRACTUAL CLAUSES) This Data Processing Addendum ( DPA ) shall become effective without any further action by the parties: (a) if Customer signing this
More informationGROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).
GROUP PRIVACY POLICY Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ). 1 PURPOSE AND SCOPE 1.1 The aim of this policy is to establish uniform,
More informationTwilio Data Protection Addendum ( DPA ) (GDPR, Binding Corporate Rules, Privacy Shield, and Standard Contractual Clauses) (Revision June 2018)
Twilio Data Protection Addendum ( DPA ) (GDPR, Binding Corporate Rules, Privacy Shield, and Standard Contractual Clauses) (Revision June 2018) Once fully executed, this DPA forms a part of the agreement
More informationEU GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR CLOUDFLARE CUSTOMERS
EU GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS WHO SHOULD EXECUTE THIS DPA: FOR CLOUDFLARE CUSTOMERS If you have determined that you qualify as a data controller under the GDPR, and need a data processing
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the Master Purchase Agreement, Customer Agreement, Channel Partner Agreement, End User License Agreement or other written agreement
More informationCustomer GDPR Data Processing Agreement
Customer GDPR Data Processing Agreement Version May 2018 This Customer Data Processing Agreement reflects the requirements of the European Data Protection Regulation ( GDPR ) as it comes into effect on May
More informationGDPR Data Processing Addendum
GDPR Data Processing Addendum Effective Date 24 May 2018 This Data Processing Addendum for the GDPR (Addendum) is made as of the Effective Date by and between Fresh Relevance Ltd incorporated and registered
More informationDATA PROCESSING TERMS AND CONDITIONS
DATA PROCESSING TERMS AND CONDITIONS These Data Processing Terms and Conditions apply in respect of Personal Data that we process on behalf of Customers who purchase the Powwownow Premium Service. Please
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM (European Union GDPR) (May 2018) This Data Processing Addendum ( DPA ) forms part of the Pancake Laboratories Inc, DBA ShortStack.com ( ShortStack) Terms and Conditions (https://www.shortstack.com/terms-andconditions/),
More informationLifesize, Inc. Data Processing Addendum
Last updated May 1, 2018 Lifesize, Inc. Data Processing Addendum This Lifesize, Inc. Data Processing Addendum ( Addendum ) forms part of the Terms of Service (the Agreement ) between Lifesize, Inc. ( Lifesize
More informationDATA PROCESSING ADDENDUM FOR CUSTOMERS AND USER OF AEROHIVE PRODUCTS AND SERVICES. Version May 2018
DATA PROCESSING ADDENDUM FOR CUSTOMERS AND USER OF AEROHIVE PRODUCTS AND SERVICES 1. Scope and Order of Precedence Version May 2018 This Data Processing Addendum (this DPA ) is deemed an addendum to the
More informationURBAN AIRSHIP DATA PROCESSING ADDENDUM with EU Standard Contractual Clauses. (Revised September 2017)
URBAN AIRSHIP DATA PROCESSING ADDENDUM with EU Standard Contractual Clauses (Revised September 2017) This Data Processing Addendum ( Addendum ) forms part of the Master Subscription Agreement or the online
More informationDATA PROCESSING AGREEMENT (GDPR, Privacy Shield, and Standard Contractual Clauses)
DATA PROCESSING AGREEMENT (GDPR, Privacy Shield, and Standard Contractual Clauses) This Data Processing Agreement ("DPA") forms part of the Master Services and Subscription Agreement between Customer and
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM Based on the General Data Protection Regulation (GDPR) and European Commission Decision 2010/87/EU - Standard Contractual Clauses (Processors) This Data Processing Addendum ( DPA
More informationData Processing Agreement
Data Processing Agreement This Data Processing Agreement with EU Standard Contractual Clauses (Processors), (the DPA ) supplements the Dropbox Business Agreement between Dropbox, Inc. and Dropbox International
More informationData Processing Appendix
Company Name* Execution Date *Company name indicated must conform to the name on customer s Master Subscription Agreement executed with SugarCRM. This Data Processing Appendix on the processing of personal
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) is made between Cognito, LLC., a South Carolina corporation ( Cognito Forms ) and {OrganizationLegalName} ( Customer or Controller or {Organization}
More informationGDPR : We protect your data
GDPR : We protect your data Dear customer, From the 25th May 2018 the new law of Personal Data Protection (GDPR) will enter into force. At Almagest Wealth Management S.A., we understand your need to be
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum ( DPA ) forms part of the Agreement(s) and is entered by and between the Customer and the Service Provider on the Effective Date. For the avoidance
More informationPERSONAL DATA PROCESSOR AGREEMENT
1 PERSONAL DATA PROCESSOR AGREEMENT PARTIES This personal data processor agreement ( Processor Agreement ) has been entered into between: Buyer/Client/Customer ( Controller ), and The company within the
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum (" DPA "), forms part of the Agreement or other written or electronic agreement between Pleo Technologies ApS (" Pleo ) and Customer for the purchase
More informationAppropriate Policy Document
Appropriate Policy Document Schedule 1, Part 4, Data Protection Act 2018 July 2018 Privacy Notice - Appropriate Policy Document v2.docx Page 1 of 8 Contents 1 Introduction... 3 2 Relevant Schedule 1 conditions
More informationBASWARE PERSONAL DATA PROCESSING APPENDIX
This Basware personal data processing appendix and its annexes ( DPA ) is an appendix to, and legally binding only in connection with, the sales agreement between Basware and Customer with regard to Basware
More informationDATA HANDLING AGREEMENT
DATA HANDLING AGREEMENT This agreement is for the provision of the transfer of school data between the School, Wonde and approved third party applications. Wonde Ltd a company registered in England under
More informationThe Controller and Processor Data Protection Binding Corporate Rules of BMC Software
The Controller and Processor Data Protection Binding Corporate Rules of BMC Software 4 August 2015 Table of Contents Introduction 2 PART I: BACKGROUND AND ACTIONS 3 PART II: BMC AS A CONTROLLER 5 PART
More informationDATA PROCESSING ADDENDUM (GDPR and EU Standard Contractual Clauses)
DATA PROCESSING ADDENDUM (GDPR and EU Standard Contractual Clauses) Rev. 1 May 2018 This Data Processing Addendum ( DPA ) forms part of the product or services agreement ( Agreement ) or other written
More informationTERMS AND CONDITIONS OF SERVICE 1. DEFINITIONS: Affiliate means any entity which directly or indirectly owns or controls, is controlled by, or is
TERMS AND CONDITIONS OF SERVICE 1. DEFINITIONS: Affiliate means any entity which directly or indirectly owns or controls, is controlled by, or is under common control with, Donnelley Financial or Client,
More informationDATA PROCESSING ANNEX
Page 1 (5) 1 BACKGROUND AND PURPOSE DATA PROCESSING ANNEX 1.1 The terms of this Annex shall apply to the Agreement between Solibri Oy and/or its Subsidiary/Subsidiaries (Solibri Oy and the Subsidiaries
More informationAppLovin Data Processing Agreement
AppLovin Data Processing Agreement This AppLovin Data Processing Agreement ( DPA ) is incorporated into and is subject to the AppLovin Terms of Use Agreement available at https://www.applovin.com/terms
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Databricks Terms of Service found at https://www.databricks.com/termsofservice, unless Subscriber has entered into a superseding
More informationRBI GDPR DATA PROCESSING ADDENDUM
RBI GDPR DATA PROCESSING ADDENDUM 1. SCOPE 1.1. This GDPR Data Processing Addendum ( DPA ) applies to RBI s processing of personal data on Customer s behalf under the Agreement. With regard to such processing,
More informationMEMORANDUM OF UNDERSTANDING for DATA SHARING BETWEEN DISTRICT AND SCCOE
MEMORANDUM OF UNDERSTANDING Pg. 1 of 3 DATA SHARING BETWEEN DISTRICT AND SCCOE MEMORANDUM OF UNDERSTANDING for DATA SHARING BETWEEN DISTRICT AND SCCOE This Memorandum of Understanding (MOU) is entered
More informationBUSINESS ASSOCIATE AGREEMENT (for use when there is no written agreement with the business associate)
BUSINESS ASSOCIATE AGREEMENT (for use when there is no written agreement with the business associate) This HIPAA Business Associate Agreement ( Agreement ) is entered into this day of, 20, by and between
More informationDATA PROCESSING ADDENDUM
This Data Processing Addendum (the DPA ) forms part of Telia Bedriftsavtale or other written or electronic agreement between the Parties for the purchase of telecommunication services, and regulates any
More informationCustomer GDPR Data Processing Agreement
Customer GDPR Data Processing Agreement This Customer Data Processing Agreement reflects the requirements of the European Data Protection Regulation ( GDPR ) as it comes into effect on May 25, 2018. Bench
More informationAll Sorts UK Limited Data Protection Policy 17 th May 2018
All Sorts UK Limited Data Protection Policy 17 th May 2018 1. Introduction This Policy sets out the obligations of All Sorts UK Limited, a company registered in England under number 03534972, whose registered
More informationBINDING CORPORATE RULES
BINDING CORPORATE RULES CONTROLLER PRINCIPLES INTRODUCTION At Marsh & McLennan Companies (MMC), we respect and are committed to protecting the privacy, security and integrity of Personal Information 1
More informationDATA SERVICES CONTRACTS
GUIDANCE DOCUMENT DATA SERVICES CONTRACTS MAY 2003 Guidance Document: Data Services Contracts 1 CONTENTS 1.0 Purpose of this Guidance Document... 1 2.0 General... 2 2.1 Definitions... 2 2.2 Privacy Impact
More informationAegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy
Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy Contents Definitions.. 2 The Product... 2 Fund Board Governance... 2 Delegation of the Processing of Personal Data... 2 Data Protection
More informationBusiness Associate Agreement Health Insurance Portability and Accountability Act (HIPAA)
Business Associate Agreement Health Insurance Portability and Accountability Act (HIPAA) This Business Associate Agreement (the Agreement ) is made and entered into by and between Washington Dental Service
More informationAWS GDPR DATA PROCESSING ADDENDUM
AWS GDPR DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) is an agreement between Amazon Web Services, Inc. ( AWS, we, us, or our ) and you or the entity you represent ( Customer, you or
More informationH 7789 S T A T E O F R H O D E I S L A N D
======== LC001 ======== 01 -- H S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 01 A N A C T RELATING TO INSURANCE - INSURANCE DATA SECURITY ACT Introduced By: Representatives
More informationPrivacy Policy. This privacy policy shall be valid even if you have reserved your transfers through the other sales partners of Plus Group Kft.
Privacy Policy Plus Group Kft. (1033 Budapest, Polgár utca 8-10., www.plusairsolutions.com, informationsecurity@plusairsolutions.com, tax number: 22976309-2-41, hereinafter: Plus Group Kft., service provider
More informationIRIS Group of Companies Customer Data Processing Terms
IRIS Group of Companies Customer Data Processing Terms Definitions (any other capitalised terms not contained in this section will be as defined in the IRIS Software Group General Terms & Conditions (
More informationTEREX CORPORATION DATA PROTECTION POLICY
TEREX CORPORATION DATA PROTECTION POLICY Terex Data Protection Policy Page 1 Index 1.0 Policy Statement, Purpose and Scope... 3 2.0 Requirements... 3 2.1 Data Protection Principles... 3 2.2 Communication
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATES AND SUBCONTRACTORS
HIPAA BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATES AND SUBCONTRACTORS This HIPAA Business Associate Agreement ( BAA ) is entered into on this day of, 20 ( Effective Date ), by and between Allscripts
More informationBroadbean Technology Limited - Data Processing Agreement (25th May 2018)
Broadbean Technology Limited - Data Processing Agreement (25th May 2018) This agreement and its associated schedules shall come into force with effect from 25 th May 2018 and shall from that date replace
More informationDATA PROCESSING ADDENDUM with EU Standard Contractual Clauses
DATA PROCESSING ADDENDUM with EU Standard Contractual Clauses This Data Processing Addendum ("Addendum") forms part of the Agreement between Snow and Company (each as defined below). This Addendum is only
More informationCUSTOMER DATA PROCESSING ADDENDUM
CUSTOMER DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) and applicable Attachments apply when HP acts as a Data Processor and processes Customer Personal Data on behalf of Customer in order
More informationData Protection Agreement
Data Protection Agreement This Data Protection Agreement (the DPA ) becomes effective on May 25, 2018. The Customer shall make available to GURTAM and the Customer authorizes GURTAM to process information
More informationAmgen Binding Corporate Rules (BCRs) Public Document
Amgen Binding Corporate Rules (BCRs) Public Document Introduction: Amgen is a biotechnology leader committed to serving patients with grievous illness. Binding Corporate Rules (BCRs) express Amgen s commitment
More informationARTICLE 1 DEFINITIONS
[GPM Note: This Template Data Use Agreement is to be used when a covered entity seeks to disclose a limited set of PHI to another entity for research, public health, and/or health care operations purposes.
More informationLICENSE AGREEMENT. Security Software Solutions
LICENSE AGREEMENT Security Software Solutions VERIS ACTIVE ID SERVICES AGREEMENT between Timothy J. Rollins DBA Security Software Solutions, having an office at 5215 Sabino Canyon Road and 4340 N Camino
More informationDATA HANDLING AGREEMENT
DATA HANDLING AGREEMENT This agreement records the terms upon which Wonde will process the School Data for the purpose of transferring the School Data to one or more third party providers of services to
More informationMentorcliQ Data Processing Agreement
MentorcliQ Data Processing Agreement This MentorcliQ Data Processing Agreement ( DPA ), that includes the Standard Contractual Clauses adopted by the European Commission, as applicable, reflects the parties
More informationInternet Banking Agreement Muenster State Bank
Internet Banking Agreement Muenster State Bank This Internet Banking Agreement (this "Agreement") states the terms and conditions for Internet Banking offered by Muenster State Bank (the "Bank"). When
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Author: Mrs A Taylor Approval needed Board of Directors by: Adopted (date): 6 December 2016 Date of next review: December 2017 Data Protection Policy Introduction The de Ferrers
More information* Unless otherwise indicated, this policy will still apply beyond the review date.
Name of Policy Description of Policy Privacy Policy This policy sets out how ACU manages privacy obligations and reflects the 13 Australian Privacy Principles (APPs) from Schedule 1 of the Privacy Amendment
More informationSUMMARY OF BINDING CORPORATE RULES
SUMMARY OF BINDING CORPORATE RULES July 1 st, 2015 1 Table of Contents 1. Preamble... 3 2. Definitions... 3 3. Endorsement... 4 4. Entity with delegated data protection responsibilities... 4 5. Description
More informationHull & Company, LLC Tampa Bay Branch PRODUCER AGREEMENT
Hull & Company, LLC Tampa Bay Branch PRODUCER AGREEMENT THIS PRODUCER AGREEMENT (this Agreement ), dated as of, 20, is made and entered into by and between Hull & Company, LLC, a Florida corporation (
More informationPAYROLL SERVICE AGREEMENT
PAYROLL SERVICE AGREEMENT YOUR NAME: DATE: This Payroll Services Agreement (this Agreement ) is made as of the day of, 20 for the effective service commencement date of, between Client identified above
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Agreement dated as of is made by and between, on behalf of its (School/Department/Division) (hereinafter referred to as Covered Entity ) and, (hereinafter Business Associate
More informationTIFFANY AND COMPANY: EU-U.S. PRIVACY SHIELD PRIVACY POLICY - CONSUMER DATA
Last Updated: September 20, 2016 Tiffany and Company ( Tiffany ) respects your concerns about privacy. Tiffany participates in the EU-U.S. Privacy Shield ( Privacy Shield ) framework issued by the U.S.
More informationDATA PROTECTION NOTICE
DATA PROTECTION NOTICE Who are we? We are the Trustees of the Pension Scheme for the Nursing and Midwifery Council and Associated Employers (the Scheme). We collect, hold and use personal information to
More informationData Processing Addendum
Data Processing Addendum The parties conclude this Data Processing Addendum ( DPA ), which forms part of the Agreement between Customer and Supplier ( Epignosis ), to reflect our agreement about the Processing
More informationIDEXX - DATA PROTECTION AGREEMENT
IDEXX - DATA PROTECTION AGREEMENT (A) (B) (C) (D) IDEXX and Customer have entered into an Agreement. In the context of the Agreement, IDEXX will process Personal Data on behalf of and for the benefit of
More informationData Processing Agreement and Privacy Policy (EU) Classification: PUBLIC March 2018
1. PURPOSE AND SCOPE 1.1 This document sets out Fourth s Data Processing Agreement and Privacy Policy for its Customers with operations in the EU and/or who process Personal Data of data subjects located
More informationInterpreters Associates Inc. Division of Intérpretes Brasil
Interpreters Associates Inc. Division of Intérpretes Brasil Adherence to HIPAA Agreement Exhibit B INDEPENDENT CONTRACTOR PRIVACY AND SECURITY PROTECTIONS RECITALS The purpose of this Agreement is to enable
More informationBUSINESS ASSOCIATE AGREEMENT W I T N E S S E T H:
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( this Agreement ) is made and entered into as of this day of 2015, by and between TIDEWELL HOSPICE, INC., a Florida not-for-profit corporation,
More informationSouth Carolina General Assembly 122nd Session,
South Carolina General Assembly 122nd Session, 2017-2018 R184, H4655 STATUS INFORMATION General Bill Sponsors: Reps. Sandifer and Spires Document Path: l:\council\bills\nbd\11202cz18.docx Companion/Similar
More informationThe Allied Group Privacy Shield Policy
The Allied Group Privacy Shield Policy The Allied Group, Inc. ("Allied") has adopted this Privacy Shield Policy ("Policy") to establish and maintain an adequate level of Personal Data privacy protection.
More informationData Processing Agreement
Data Processing Agreement New Day at Work Online workspace of the future! Page 1 Content 1. Definitions... 3 2. Scope... 3 3. Our obligations as a Data Processor... 4 4. Your obligations as a Data Controller...
More informationMASTER SERVICES AGREEMENT
MASTER SERVICES AGREEMENT This Master Services Agreement sets forth the terms and conditions governing the use of our Services. Additional terms and conditions specific to an applicable Service you have
More informationBig Web Warehouse Ltd GDPR Data Processor Policy Warehouse and Fulfilment April 2018
Big Web Warehouse Ltd GDPR Data Processor Policy Warehouse and Fulfilment April 2018 1. Introduction This Policy sets out the obligations of, Big Web Warehouse Ltd (BWW), a company registered in the United
More informationSUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT
SUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT (Revised on March 1, 2016) THIS HIPAA SUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT (the BAA ) is entered into on (the Effective Date ), by and between ( EMR ),
More informationBanks Sheridan Limited Data Protection Privacy Policy 19 May 2018
Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018 1. Introduction This Policy sets out the obligations of Banks Sheridan Limited ( the Company ) regarding data protection and the rights
More informationDATA PROCESSING AGREEMENT ( AGREEMENT )
DATA PROCESSING AGREEMENT ( AGREEMENT ) entered into on by and between: with its registered office in Gdańsk (80-387), ul. Arkońska 6, bud. A4, entered in the Register of Enterprises of the National Court
More informationAir Academy Federal Credit Union. Remote Deposit Capture Services Terms and Conditions
Air Academy Federal Credit Union Remote Deposit Capture Services Terms and Conditions The following provisions constitute an addendum to the Agreements and Disclosures of Air Academy Federal Credit Union
More informationMan and Machine - Data Protection Policy
Man and Machine - Data Protection Policy 1. Introduction This Policy sets out the obligations of Man and Machine Ltd, whose registered office is at Unit 8 Thame 40, Jane Morbey Road, Thame, Oxfordshire,
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Agreement ( Agreement ) is entered into by and between Applications Software Technology Corporation (AST) ( Business Associate ) and Pinellas County, for and on
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (the Agreement ) is entered into this day of, 20, by and between the University of Maine System acting through the University of ( University
More information