The Agreement is being put in place to ensure that Data Processor processes Data Controller's personal data on Data Controller's instructions and in compliance with applicable data privacy laws.
The Parties to this Agreement hereby agree to be bound by the terms and conditions in the attached Schedule as applicable with effect from 25 May 2018 (the "Effective Date").
"Applicable Data Protection Laws" means the General Data Protection Regulation 2016/679 ("GDPR") once it takes effect and any law, statute, declaration, decree, directive, legislative enactment, order, ordinance, regulation, rule or other binding instrument of the Data Controller's Member State which implements the GDPR, the Data Protection Directive 95/46/EC and the e-Privacy Directive 2002/58/EC (in each case as amended, consolidated, re-enacted or replaced from time to time);
"Data Subject" means the living individuals who are the subject of the Customer Personal Data;
"Model Clauses" means the standard contractual clauses for the transfer of Personal Data to data processors established in Third Countries set out in the Commission Decision of 5 February 2010 (C(2010) 593), as amended by EU Commission Implementing Decision 2016/2297 of 16 December 2016;
"Personal Data" and "Process","Processed" or "Processing" have the meaning given in the GDPR;
"Regulator" means the data protection supervisory authority which has jurisdiction over Data Controller's Processing of Personal Data; and
"Third Countries" means all countries outside of the scope of the data protection laws of the European Economic Area ("EEA"), excluding countries approved as providing adequate protection for Personal Data by the European Commission from time to time.
This file was last modified on June 18, 2018.