The terms used in this Agreement shall have the meanings set either in the Agreement or in the Principal Agreement. Except as modified below, the terms of the Principal Agreement shall remain in full force and effect. The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
HOW TO EXECUTE THIS DPA:
To execute this DPA, please do one of the following:
download this DPA, complete the form fields, sign, and email to [email protected] Customer acknowledges and agrees that a completed and signed copy of this Agreement must be emailed to [email protected] for the Agreement to become effective;
click here (currently unsupported option) to complete the form fields and sign electronically.
Once electronically executed by both Controller and Processor, this DPA will be effective and your signatory will receive a fully-executed copy by email.
1. Definitions and Interpretation
In this Agreement, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:
- "Sub-processor" **means any Data Processor (including any third party) appointed by the Processor to process Controller Personal Data on behalf of the Controller.
- "Process/Processing/Processed", "Data Controller", "Data Processor", "Data Subject", "Personal Data", "Special Categories of Personal Data" **and any further definition not included under this Agreement or the Principal Agreement shall have the same meaning as in EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council ("GDPR").
- "Data Protection Laws" **means EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council ("GDPR") as well as any local data protection laws.
- "Erasure" **means the removal or destruction of Personal Data such that it cannot be recovered or reconstructed.
- "EEA" **means the European Economic Area.
- "Third country" **means any country outside EU/EEA, except where that country is the subject of a valid adequacy decision by the European Commission on the protection of Personal Data in Third Countries.
- "Controller Personal Data" **means Personal Data processed by Processor on behalf of the Controller pursuant to or in connection with the Principal Agreement.
- "Personal Data Breach" **means a breach of leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Controller Personal Data transmitted, stored or otherwise processed.
- "Services" **means the services to be supplied by the Processor to the Controller pursuant to the Principal Agreement.
- "Products" **means the products to be supplied by the Processor to the Controller pursuant to the Principal Agreement.