P1.Role | = | [Controller/Processor] |
P2.Role | = | [Processor/Sub-Processor/Controller] |
BreachNotification.Period.Cl | = | [Without undue delay] [24 hours] [48 hours] [72 hours] |
Note | = | Optional section on Liability Cap - Section 8.Sec |
LiabilityCap.cl | = | {INSERT} / [the liability caps as per the Main Agreement] |
GoverningLaw.Cl | = | {INSERT} [As per the Main Agreement] |
CodersNote | = | Exposes the insert point, then fills it with a dummy. |
INSERT | = | [INSERT] |
Ti | = | VARIABLES |
1.Ti | = | Parties’ relationship |
1.Alt1.sec | = | {_Controller} to {_Processor} |
1.Alt2.sec | = | {_Processor} to Sub-Processor |
1.Alt3.sec | = | Independent Controller to {_Controller} |
1. | = | [G/Z/Alt/3] |
1.SecName | = | Variables.1 |
1.AltPrompt | = | Relationship |
2.Ti | = | Parties’ roles |
2.1.sec | = | {P1.Name.Full} will act as the {P1.Role.cl} (as defined in Section 1 of the Terms) |
P1.Role.cl | = | [Controller/Processor] [and Business] |
2.2.sec | = | {P2.Name.Full} will act as the {P2.Role.cl} (as defined in Section 1 of the Terms) |
P2.Role.cl | = | [Processor [and Service Provider]/Sub-Processor/Controller] |
2. | = | [G/Z/ol/s2] |
3.Ti | = | Contacts |
3.1.0.sec | = | {P1.Role} |
3.1.1.sec | = | Name: {P1.Name.Full} |
3.1.2.sec | = | Email: {P1.Email} |
3.1.3.sec | = | {P1.ID.AdditionalInformation.cl} |
P1.ID.AdditionalInformation.cl | = | [INSERT ADDITIONAL DETAILS] |
3.1. | = | [G/Z/ol-none/s3] |
3.2.0.sec | = | {P2.Role} |
3.2.1.sec | = | Name: {P1.Name.Full} |
3.2.2.sec | = | Email: {P1.Email} |
3.2.3.sec | = | {P1.ID.AdditionalInformation.cl} |
P2.ID.AdditionalInformation.cl | = | [INSERT ADDITIONAL DETAILS] |
3.2. | = | [G/Z/ol-none/s3] |
3. | = | [G/Z/ol/s2] |
4.Ti | = | Main Agreement |
4.sec | = | {MainAgreement.Identification.cl} |
5.Ti | = | Term |
5.sec | = | This DPA will commence on the final date of signature and will continue for {DPA.Life.Duration} |
6.Ti | = | Breach Notification Period |
6.sec | = | {BreachNotification.Period.Cl} after becoming aware of a personal data breach |
7.Ti | = | Sub-processor Notification Period |
7.sec | = | [A reasonable timeframe] [14 days] [30 days] before the new sub-processor is granted access to {_Personal_Data} |
Note | = | Optional section on Liability Cap |
8.Ti | = | Liability Cap |
8.sec | = | Each party’s aggregate liability under this {_DPA} will not exceed {LiabilityCap.cl} |
9.Ti | = | Governing Law and Jurisdiction |
9.sec | = | {GoverningLaw.Cl} |
10.Ti | = | {Def.Data_Protection_Laws} |
10.0.sec | = | All laws, regulations and court orders which apply to the processing of {_Personal_Data} in: |
10.1.sec | = | the European Economic Area (EEA) |
10.2.sec | = | the United Kingdom (UK) |
10.3.sec | = | the United States (US) |
10.4.sec | = | Australia |
10.5.sec | = | {INSERT} |
10.00.sec | = | This includes the [European Union Regulation (EU) 2016/679,] [the Data Protection Act 2018], [California Consumer Privacy Act of 2018 (CCPA)/California Privacy Rights Act of 2020 (CPRA)], [the Privacy Act 1998] and {INSERT}, [each] as amended from time to time. |
10. | = | [G/Z/ol-bullet/s5] |
11.Ti | = | Services related to processing |
11.sec | = | {INSERT} [As described in the Main Agreement] |
12.Ti | = | Duration of processing |
12.sec | = | [For the Term of this {_DPA}] {INSERT} |
13.Ti | = | Nature and purpose of processing |
13.sec | = | {INSERT} |
14.Ti | = | {Def.Personal_Data} |
14.sec | = | The types of personal data processed are {INSERT} |
15.Ti | = | Data subjects |
15.sec | = | The individuals whose {_Personal_Data} will be processed are {INSERT} |
16.Ti | = | Special provisions |
16.sec | = | {INSERT} |
17.Ti | = | Transfer Mechanism |
17.Alt1.sec | = | N/A |
17.Alt2.sec | = | Standard Contractual Clauses approved by the European Commission Decision of 4 June 2021 (as amended from time to time), for the transfer of personal data from the EEA or adequate country to a third country |
17.Alt3.sec | = | International Data Transfer Agreement issued by the Information Commissioner’s Office under Section 119A of the Data Protection Act 2018, effective from 21 March 2022 |
17.Alt4.sec | = | International Data Transfer Addendum issued by the Information Commissioner’s Office under Section 119A of the Data Protection Act 2018, effective from 21 March 2022 |
17.Alt5.sec | = | The Binding Corporate Rules of [INSERT DETAILS] |
17. | = | [G/Z/Alt/5] |
17.SecName | = | Variable.17 |
17.AltPrompt | = | Transfer Mechanism |
= | [G/Z/ol/17] | |
= | ||