V9.7 01/05/20 UD0011 Page 175 of 177
This Document is uncontrolled when printed unless over stamped “CONTROLLED DOCUMENT"
17. Law
17.1 This EULA (and any non-contractual obligations arising out of or in connection with it) is governed by the laws
of England and Wales and the parties submit to the jurisdiction of the Courts of England and Wales.
Data Protection Laws
17.2 The Customer acknowledges that for the purposes of the Data Protection Laws, to the extent any Personal Data
is involved in its use of the Hardware and Embedded Software, the Customer will be the Data Controller in
respect of such Personal Data.
17.3 In limited circumstances, the Company may have access to data stored on the Hardware which may include
user names or other Personal Data relating to the Customer’s employees or authorized users (“Agreement
Personal Data”) where such access is required in order to provide support under the Warranty or any hardware
maintenance agreement entered into by the Customer and the Company. The Customer authorises the
Company to Process Agreement Personal Data during the term of this EULA as a Data Processor for the purposes
of performing its obligations under this EULA only.
17.4 The Customer authorises the Company to appoint sub-processors of Agreement Personal Data and agrees to
the use of the Company’s existing sub-processors of Agreement Personal Data (each an “Authorised Sub-
Processor”).
17.5 The Customer shall:
17.5.1 comply with the Data Protection Laws;
17.5.2 ensure that only the Personal Data that the Company requires in order to perform its obligations under
this EULA will be disclosed to, shared with and/or accessible by the Company; and
17.5.3 obtain all necessary consents and/or provide all fair processing notices required under the Data
Protection Laws to enable the Company to lawfully receive, store, disclose and/or use all Agreement
Personal Data (whether by itself or Authorised Sub-Processors) for the purpose of performing its
obligations and exercising its rights under this EULA and as otherwise agreed by the parties from time
to time.
17.6 The Company:
17.6.1 may appoint Authorised Sub-Processors in connection with the performance of its obligation under this
EULA; and
17.6.2 shall provide notification of changes to Authorised Sub-Processors of Agreement Personal Data to the
Customer at least 14 calendar days in advance to provide the Customer with the opportunity to object
to the change. The Customer shall be deemed to accept the change if an objection is not received
within 10 calendar days of notification. If an objection is received then the parties will work together
in good faith to achieve an agreed outcome and any Authorised Sub-Processors appointed shall be
appointed on terms the same as this EULA and the Company shall remain liable for the acts and
omissions of such Authorised Sub-Processors.
17.7 The Company warrants that, if acting as a Data Processor, it shall:
17.7.1 Process the Agreement Personal Data only for the purpose of performing its obligations under this
EULA and on such documented instructions received from the Customer from time to time as are
reasonable, necessary and relevant to enable each party to perform its obligations under this EULA,
save where required by Applicable Law and in such case the Company shall notify the Customer of the
nature and extent of the Applicable Laws preventing such Processing (unless to do so would itself be
a contravention of any Applicable Law); and
17.7.2 put in place appropriate technical and organisational security measures to the standard required under
the Data Protection Law (“Security Measures”) and shall provide reasonable assistance with any
privacy impact assessment(s) that may be required of the Company under the Data Protection Laws
which relate to the Processing of Agreement Personal Data under this Agreement.
17.8 From the 25 May 2018, the Company warrants that, if acting as a Data Processor, it shall:
17.8.1 notify the Customer without undue delay after becoming aware of the accidental or unlawful
destruction, loss, alteration, unauthorised disclosure of, or access to, Agreement Personal Data
To Next Page
Loading...
