Free webinar and eBook
Want to discover the key trends shaping recruitment?
Get exclusive data and expert insights with our Global Industry Report 2022 and our accompanying on-demand webinar.
Between
Background
This Agreement shall, unless terminated in accordance with clause 2.2, run from the date the Principal Agreement commences until the date of termination of the Principal Agreement and then automatically expire. For the avoidance of doubt, this Agreement including without limitation the Supplier’s warranties shall also apply in respect of Personal Data (if any) transferred by the Customer to the Supplier prior to the date of this Agreement.
Act on Instructions
1. The Supplier undertakes on a continuing basis that it shall and shall procure that the Third Parties shall:
Security Measures
2. The Supplier warrants and undertakes on a continuing basis that it shall and shall procure that the Third Parties shall:
Security Breach
3. The Supplier warrants and undertakes on a continuing basis that it shall and shall procure that the Third Parties shall:
Treatment of Personal Data
4. The Supplier warrants and undertakes on a continuing basis that it shall and shall procure that the Third Parties shall fully comply at all times with the Data Protection Legislation in respect of the Supplier’s and/or the Third Parties’ Processing of the Data and in particular shall ensure all data inputted or recorded is accurate and up to date (to the extent within Supplier/Third Party control) and (if retained at all) only retained in accordance with the Customer’s data retention policy.
5. For the avoidance of doubt, no references to “Third Parties” whether in this clause 3 or elsewhere in this Data Transfer Agreement shall be taken to imply any right or permission to the Supplier to appoint any third party to carry out any data processing on their behalf and any such appointment requires the express written consent of the Customer.
Subject to the Customer and its auditors entering into reasonable confidentiality obligations, the Supplier warrants and undertakes on a continuing basis that it shall and shall procure that the Third Parties shall at any time upon request of the Customer, on reasonable notice and during regular business hours, at no cost to the Customer:
Minimum Security Measures
The Supplier shall use the same degree of care, but never less than a reasonable degree of care, to prevent unauthorized use or publication of Personal Data, as the Customer uses to protect its own information, and will implement any measures to protect Personal Data which are required by applicable law. The Supplier will be given a copy of the Customer’s current applicable privacy and data protection policies and shall (and shall procure that all Third Parties) comply with the same.
At a minimum, the Supplier agrees
Any additional security measures, where any specific requirements of a Project require specific uses of Personal Data, will be included within the Project Documentation.
Standard Contractual Clauses for Data Processors outside the EEA
Standard Contractual Clauses (processors)
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection
Both the data exporter (customer) and data importer (JobAdder Operations Pty Ltd) HAVE AGREED on the following Contractual Clauses (the “Clauses”) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Clause 1
Definitions
For the purposes of the Clauses:
Clause 2
Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.
Clause 3
Third-party beneficiary clause
Clause 4
Obligations of the data exporter
The data exporter agrees and warrants:
Clause 5
Obligations of the data importer
The data importer agrees and warrants:
Clause 6
Liability
Clause 7
Mediation and jurisdiction
Clause 8
Cooperation with supervisory authorities
Clause 9
Governing Law
The Clauses shall be governed by the law of the Member State in which the data exporter is established, namely England and Wales.
Clause 10
Variation of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.
Clause 11
Subprocessing
Clause 12
Obligation after the termination of personal data processing services
This Appendix forms part of the Clauses and is consented to both parties
The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix
Data exporter
The data exporter is the Customer pursuant to the Principal Agreement pursuant to which it has engaged the data importer to carry out software development activities
Data importer
The data importer is the Supplier pursuant to the Principal Agreement pursuant to which it has been engaged by the data exporter to carry out SaaS services and the provision of the Services requires it to have access to data input by the Customer in order to host the software and permit the Customer to obtain the benefit of the SaaS services.
Data subjects
The personal data transferred concern the following categories of data subjects (please specify):
Customers of the data exporter
Employees of the data exporter
Other personnel of the data exporter
Contractors of the data exporter
Targets and leads
Job candidates and prospects
Categories of data
The personal data transferred concern the following categories of data (please specify):
Customer data
Billing data
System test data
Marketing data relating to targets and prospects
Personnel data
Data related to job candidates and prospects
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data (please specify):
N/A
Processing operations
The personal data transferred will be subject to the following basic processing activities (please specify):
They will be viewed by the data importer only in the course of providing the SaaS services and providing the software hosting environment to allow this to be provided.
This Appendix forms part of the Clauses and must be completed and signed by the parties
Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
Get exclusive data and expert insights with our Global Industry Report 2022 and our accompanying on-demand webinar.