Data Processing Addendum DPA
You acknowledge that Zapier providing notification of a Security Incident is not an acknowledgment of fault or liability. You will be responsible for providing or making Personal Information available to Zapier in compliance with all applicable Data Protection Legislation, including providing any necessary notices to, and obtaining and maintaining any necessary rights, consents, and authortizations from, Data Subjects whose Personal Information is provided by you to Zapier for Processing pursuant to this Addendum. Each of Zapier and you acknowledge and agree that you have not “sold” (as such term is defined by the CCPA) Personal Information to Zapier. Disclosure to Third Parties.
(d) Sinch Email shall be responsible for the acts and omissions of any sub-processors as it is to the Customer for its own acts and omissions in relation to the matters provided in this DPA. (a) Sinch Email shall make available to the Customer on reasonable request, information that is reasonably necessary to demonstrate compliance with this DPA. (iv) it will respond in a reasonable time and to the extent reasonably practicable to enquiries by Data Subjects regarding the Processing of their Personal Data, and to give appropriate instructions to the Processor in a timely manner. (a) The Processing of the Customer’s Personal Data within the scope of the Agreement shall be carried out in accordance with the following stipulations and as required under Article 28(3) of the GDPR. The parties may amend this information from time to time, as the parties may reasonably consider necessary to meet those requirements. (f) “Services” means the services provided to the Customer by Sinch Email pursuant to the Principal Agreement.
Webflow’s Obligations as a Processor
We currently observe the Security Measures described in this Annex 2. All capitalized terms not otherwise defined herein will have the meanings as set forth in the General Terms. For more information on these security measures, please refer to HubSpot’s SOC 2 Type II Report, SOC 3 Report, Security Overview and Penetration Test Summaries, available at trust.hubspot.com.
Security Incident. If Zapier becomes aware of a Security Incident, Zapier will (a) notify you without undue delay, and not later than 48 hours after Zapier discovers the Security Incident, and (b) make reasonable efforts to identify the cause of the Security Incident, mitigate the effects, and remediate the cause https://forexarticles.net/getting-started-as-an-asp-net-developer-learning/ to the extent within Zapier’s reasonable control. Upon your request and taking into account the nature of the applicable Processing, Zapier will assist by providing, when available, information reasonably necessary for you to meet your Security Incident notification obligations under Data Protection Laws.
Personal Data Breaches
What’s more, some of your customers, or each of them, may need unique DPAs that meet their data usage needs. Managing these various DPAs can become a drain on your legal team’s productivity. Given how important it is to accurately manage contracts concerning consumer data, you’ll need an intelligent management system that prevents errors and lapses, but also empowers anyone who needs to create a contract. Dpa customers are offered these services for a flat monthly fee (graded according to the size of the medium).
Data Protection Impact Assessments and Consultation with Supervisory Authorities. Conflict of Laws. If this provision is invoked, we will not be liable to you under the Agreement for any failure to perform the applicable Subscription Services until such time as you issue new lawful Instructions with regard to the Processing. “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized Front End Developer What is Front End Development, Explained in Plain English disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed by us and/or our Sub-Processors in connection with the provision of the Subscription Services. “Personal Data Breach” will not include unsuccessful attempts or activities that do not compromise the security of Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.
Audits
The Customer agrees to exercise its audit right in the Standard Contractual Clauses by instructing Sinch Email to conduct the audit set out in Paragraph 10. (b) Sinch Email shall only process the Customer’s Personal Data (i) for the purposes of fulfilling its obligations under the Principal Agreement and (i) in accordance with the documented instructions described in this DPA or as otherwise instructed by the Customer from time to time. Such Customer’s instructions shall be documented in the applicable order, services description, support ticket, other written communication or as directed by Customer using the Services (such as through an API or control panel). Responsibilities. We certify that we will Process California Personal Information as a Service Provider strictly for the purpose of performing the Subscription Services and Consulting Services under the Agreement (the “Business Purpose”) or as otherwise permitted by the CCPA, including as described in the ‘Usage Data’ section of our Privacy Policy. 3.1 Purpose Limitation.
If you do notify us of such an objection, the parties will discuss your concerns in good faith with a view to achieving a commercially reasonable resolution. If no such resolution can be reached, we will, at our sole discretion, either not appoint the new Sub-Processor, or permit you to suspend or terminate the affected Subscription Service in accordance with the termination provisions of the Agreement without liability to either party (but without prejudice to any fees incurred by you prior to suspension or termination). The parties agree that by complying with this sub-section, HubSpot fulfills its obligations under Sections 9 of the Standard Contractual Clauses. (d) In Clause 11 (Redress), the optional requirement that data subjects be permitted to lodge a complaint with an independent dispute resolution body does not apply.