Glitch

Data Processing Terms

Add Comment

Skip to Main ContentSkip to Main ContentGlitch LogoDiscoverBlogPricingLog inSign upGlitch LogoLog inSign upDiscoverBlogPricingSearchSectionsTerms of ServicePrivacy PolicyDMCA/TrademarkData Processing TermsData Processing TermsPLEASE READ THESE DATA PROCESSING TERMS (THESE “TERMS”) CAREFULLY. THESE TERMS ARE A BINDING CONTRACT FOR PROCESSING OF PERSONAL DATA OF DATA SUBJECTS THROUGH THE USE OF GLITCH, INC. (“GLITCH”) SERVICES. IF YOU DO NOT AGREE TO BE BOUND BY ALL OF THE PROVISIONS OF THESE TERMS, DO NOT ACCESS OR USE, GLITCH’S SERVICES FOR THE PROCESSING OF PERSONAL DATA OF DATA SUBJECTS. IF YOU REQUIRE A SIGNED VERSION OF THESE TERMS PLEASE CONTACT SUPPORT@GLITCH.COM. BY ACCESSING OR USING GLITCH SERVICES YOU ARE ACCEPTING THESE TERMS (ON BEHALF OF YOURSELF OR THE ENTITY THAT YOU REPRESENT) AND YOU REPRESENT AND WARRANT THAT YOU HAVE THE RIGHT, AUTHORITY, AND CAPACITY TO ENTER INTO THESE TERMS (ON BEHALF OF YOURSELF OR THE ENTITY THAT YOU REPRESENT AND ITS AFFILIATES). THESE TERMS WERE POSTED ON SEPTEMBER 26, 2022. GLITCH DATA PROCESSING TERMS Table of Contents<ol> <li>1.Purpose</li> <li>2.Definitions</li> <li>3.Roles of the Parties</li> <li>4.User’s Processing of Personal Data</li> <li>5.Glitch’s Processing of Personal Data</li> <li>6.Transfers of Personal Data</li> <li>7.Correction, Amendment and Deletion Of Personal Data</li> <li>8.Third Party Requests</li> <li>9.Glitch Personnel</li> <li>10.Sub-Processors</li> <li>11.Security Controls for the Protection of Personal Data</li> <li>12.Security Breach Management and Notification</li> <li>13.Limitation of Liability</li> <li>14.Specific Provisions</li> <li>15.CCPA Compliance</li> <li>16.Enforcement</li> <li>17.Order of Precedence</li> <li>18.Changes to these Data Processing Terms</li> <li>Appendix 1.Details of the Parties and Processing</li> <li>Appendix 2.Technical and Organisational Measures</li> <li>Appendix 3.Cross Border Transfer Mechanism</li> </ol>1.PurposeIn consideration of the parties’ mutual obligations to comply with applicable law in accordance with the Agreement, these Glitch Data Processing Terms (these “Terms”) (including their appendices) apply to Glitch’s Processing of Personal Data on User’s behalf in accordance with Privacy and Data Protection Laws. Unless otherwise expressly agreed in writing between User and Glitch, this version of the Terms (1) is incorporated into and subject to the Agreement, (2) shall be effective and remain in force for the term of the Agreement, and (3) in the event of any conflict between the terms of the Agreement and these Terms, the relevant provisions of these Terms shall take precedence. These Terms shall not apply to any User that does not access or use the Services for Processing of Personal Data subject to Privacy and Data Protection Laws or where Glitch is a Data Controller.2.DefinitionsCapitalized terms not defined in these Terms shall have the meaning set forth in the Agreement. <ul> <li>2.1. “Agreement” means the Terms of Service, our Privacy Statement, and all other documents, rules, policies, guidelines, and procedures that we may publish on our Website. </li> <li>2.2. “Affiliate” means any entity (a) that the a party Controls. (b) that a party is Controlled by. or (c) with which a party is under common Control, where “Control” means direct or indirect control (including by ownership) of fifty percent (50%) of an entity’s voting interests. </li> <li>2.3“CCPA” means the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq., and its implementing regulations. </li> <li>2.4. “Data Controller” has the meaning given to “controller” or “data controller” in accordance with applicable Privacy and Data Protection Laws. </li> <li>2.5. “Data Processor” has the meaning given to “processor” or “data processor” in accordance with applicable Privacy and Data Protection Laws. </li> <li>2.6. “Data Subject” has the meaning given to “data subject” in accordance with applicable Privacy and Data Protection Laws. </li> <li>2.7. “Documentation” means the online documentation available via the Website, or when applicable, product specific documentation described in the Agreement. </li> <li>2.8. “EU GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. </li> <li>2.9. “GDPR” means, as applicable, the EU GDPR and/or the UK GDPR. </li> <li>2.10. “Personal Data” has the same meaning as personal data or information of or about a person, as defined in the applicable Privacy and Data Protection Laws where such data is contained in User Data. </li> <li>2.11. “Privacy and Data Protection Laws” means any law or regulation applicable to the processing of personal data under the Agreement, including, for example, the GDPR and the CCPA. </li> <li>2.12. “Processing” and “process” have the meaning given in accordance with applicable Privacy and Data Protection Laws. </li> <li>2.13. “Service Order” means one or more online or written ordering documents which incorporate the Agreement or have otherwise been accepted by Glitch or a Glitch Affiliate. </li> <li>2.14. “Services” has the meaning of such defined term in the Agreement. </li> <li>2.15. “Standard Contractual Clauses” means, as applicable, the EEA Standard Contractual Clauses and/or the UK Standard Contractual Clauses as defined in Appendix 3. </li> <li>2.16. “Sub-processor” means any Data Processor engaged by Glitch, including Glitch Affiliates. </li> <li>2.17. “UK GDPR” means the EU GDPR as amended and incorporated into UK law under the UK European Union (Withdrawal) Act 2018. </li> <li>2.18. “User” has the meaning of such defined term in the Agreement. </li> <li>2.19. “User Data” means all data submitted (or caused to be submitted) to Glitch via the Services including any User Content or Content (as such terms are defined in the “Agreement”). </li> <li>2.20 “Website” means glitch.com and glitch.com subdomains owned by Glitch, Inc., including those provided by us and on which a link to these Terms is displayed through glitch.com and the related web sites. </li> </ul>3.Roles of the PartiesThe parties acknowledge and agree that with regard to the Processing of Personal Data, User is either a Data Controller or a Data Processor and Glitch is a Data Processor.4.User’s Processing of Personal DataUser shall, in its use of the Services, only Process Personal Data or transfer such Personal Data to Glitch, in accordance with the requirements of Privacy and Data Protection Laws and the Documentation. In particular, User represents and warrants on an ongoing basis that, including for the purposes of Article 6 of the GDPR, there is a legal basis for the Processing by Glitch of Personal Data on behalf of User in accordance with these Terms and the Agreement (including any and all instructions issued by User from time to time in respect of such Processing) and it will honor the rights of Data Subjects pursuant to Privacy and Data Protection Laws. If User is a Data Processor, User represents and warrants that its instructions and actions with respect to the Personal Data, including appointing Glitch as a Processor, have been and are authorized by the relevant Data Controller.5.Glitch’s Processing of Personal DataGlitch shall only Process Personal Data upon User’s documented instructions and immediately notify User in writing if, in Glitch’s reasonable opinion, their instructions infringe Privacy and Data Protection Laws. provided, User acknowledges that the Services will Process Personal Data on an automated basis in accordance with User’s configurations. User instructs Glitch to Process Personal Data for the following purposes: (i) Processing in accordance with the Agreement and applicable Service Orders. (ii) Processing initiated by User through the Services’ application programming interfaces (APIs) or user interfaces. (iii) Processing to comply with other reasonable documented instructions provided by User (e.g., via support tickets, email communications and chat platforms) where such instructions are consistent with the terms of the Agreement and (iv) Processing otherwise required of Glitch by applicable laws. Glitch does not make any commitment to monitor User’s configurations. These Terms and the Agreement contain User’s sole instructions to Glitch for the Processing of Personal Data. Appendix I, Part B to these Terms sets out the details of Glitch’s Processing of Personal Data.6.Transfers of Personal Data<ul> <li>6.1. Consent to Transfer. Except as expressly set forth in the Agreement, Glitch may store and process Personal Data in the United States or any other country in which Glitch or any of its Sub-processors maintains facilities, subject to this Section 6. </li> <li>6.2. Cross-Border Personal Data Transfer Mechanism. Where Processing of Personal Data by Glitch requires an onward transfer mechanism to lawfully transfer personal data from a jurisdiction (including those identified in Appendix 3), then the terms and conditions of Appendix 3 (Cross Border Transfer Mechanism) shall apply. </li> </ul>7.Correction, Amendment and Deletion Of Personal DataThe Services are not intended for processing and storing personal data. The Services permit the copying and sharing of User Data with other users. User is fully responsible for any User Data it makes available to other users. To the extent User, in its use of the Services, does not have the ability to correct, amend or delete Personal Data as required by Privacy and Data Protection Laws, Glitch shall comply with any commercially reasonable request by User to facilitate such actions to the extent Glitch is legally permitted to do so and has reasonable access to the Personal Data. User acknowledges that Glitch cannot correct, amend, or permanently delete copies of Personal Data hosted or stored on equipment controlled by User.8.Third Party RequestsGlitch shall, to the extent legally permitted, promptly notify User if it receives a request, complaint, inquiry or other correspondence from a data subject, regulatory authority or other third party in connection with Glitch’s processing of Personal Data. Unless required by law, Glitch shall not respond to any such third party request without User’s prior written consent except to confirm that the third party request relates to User and to provide the third party with User’s contact information to allow them to contact User directly. Taking into account the nature of the Processing and to the extent User does not have access to the relevant information through its use of the Services, Glitch shall, at User’s cost, provide User with such assistance as may be reasonably necessary and technically possible in the circumstances, to assist User in fulfilling its obligations with respect to third party requests.9.Glitch Personnel<ul> <li>9.1. Confidentiality. Glitch shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data, have received appropriate training on their responsibilities and have executed confidentiality agreements. </li> <li>9.2. Reliability. Glitch shall take commercially reasonable steps to ensure the reliability of any Glitch personnel engaged in the Processing of Personal Data. </li> <li>9.3. Limitation of Access. Glitch shall limit its access to Personal Data to those personnel who require such access to perform the Agreement. </li> <li>9.4. Data Protection Officer. Glitch or its Affiliates have appointed a data protection officer to the extent this is required by Privacy and Data Protection Laws. The appointed person may be reached at gc@fastly.com. </li> </ul>10.Sub-Processors<ul> <li>10.1. Appointment of Sub-processors. In accordance with Article 28(2) of the GDPR, User acknowledges and agrees that (a) Glitch Affiliates may be retained as Sub-processors. and (b) Glitch Affiliates may engage third-party Sub-processors in connection with the provision of the Services, in which case, the Glitch Affiliate (as the case may be) shall procure that the Glitch Affiliate has entered into a written agreement with respect to each Sub-processor containing data protection obligations in substantially similar terms to those in these Terms with respect to the protection of Personal Data to the extent applicable to the nature of the Services provided by such Sub-processor. Glitch will make available to User a current list of Sub-processors engaged in connection with the provision of the Services with the identities of those Sub-processors in the Documentation or by posting such list to the Website. Additions or changes to the list of Sub-processors will be provided to Users according to the Documentation updates provision of the Agreement or the Website in advance of the date on which those Sub-processors begin processing Personal Data. </li> <li>10.2. Right to Object. In the event User objects to a new or replacement Sub-processor(s) that Processes Personal Data, User may terminate the Agreement if it cannot be provided by Glitch without the Processing of Personal Data by the objected-to new Sub-processor (including by changing User’s configuration or use of the Services to avoid Processing of Personal Data by the objected-to new or replacement Sub-processor without unreasonably burdening User or materially diminishing functionality) by providing written notice to Glitch within thirty (30) days of Glitch’s notice or disclosure of such new Sub-processor(s) or discontinuing use of the Services where no Service Order exists. User shall receive a pro-rata refund of any unearned prepaid fees for the period following the effective date of termination in respect of such terminated Services. </li> <li>10.3. Liability. Glitch shall be liable for the acts and omissions of its Sub-processors to the same extent Glitch would be liable if performing the services of each Sub-processor directly under the terms of these Terms, except as otherwise set forth in the Agreement. </li> </ul>11.Security Controls for the Protection of Personal DataGlitch shall maintain appropriate administrative, physical and technical safeguards for protection of the security and integrity of the Personal Data. Glitch regularly monitors compliance with these safeguards.12.Security Breach Management and NotificationGlitch shall notify User (using contact information User has provided to Glitch) without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data Processed by Glitch or its Sub-processors of which Glitch becomes aware (“Security Breach”), providing User with sufficient information (insofar as such information is within Glitch’s possession) to allow User to meet its obligations to report or inform data subjects and/or regulatory authorities of the Security Breach under the GDPR, to the extent permitted by law. 13.Limitation of LiabilityNothing in these Terms is intended to prejudice or limit any of Glitch’s right to limitations of liability afforded to data processors pursuant to Privacy and Data Protection Laws. Each party’s liability arising out of or related to these Terms (whether in contract, tort or under any other theory of liability) is subject to the limitations of liability set forth in the Agreement. provided, in no event will such limitation apply to any data subject’s rights under the Standard Contractual Clauses.14.Specific Provisions<ul> <li>14.1. Data Protection Impact Assessment. Upon User’s request and at User’s cost, Glitch shall provide User with reasonable assistance needed to fulfill User’s obligation under Privacy and Data Protection Laws to carry out a data protection impact assessment related to Processing of Personal Data by Glitch taking into account the nature of the Processing and to the extent User does not otherwise have access to the relevant information, and to the extent such information is available to Glitch. </li> <li>14.2. Prior Consultation. Upon User’s request and at User’s cost, Glitch shall provide User with reasonable assistance with any prior consultations to any regulatory authority of User which are required under Privacy and Data Protection Laws such as Article 36 of the GDPR related to Processing of Personal Data by Glitch and taking into account the nature of the Processing and to the extent User does not otherwise have access to the relevant information and to the extent such information is available to Glitch. </li> <li>14.3. Audits. The parties agree that the audits described in the Standard Contractual Clauses and Privacy and Data Protection Laws shall be carried out in accordance with the following specifications: </li> <li>14.3.2. If the information made available pursuant to Section 14.3.1 is insufficient, in User’s reasonable judgment, to confirm Glitch’s compliance with its obligations under these Terms, then User may request an onsite audit of the procedures relevant to the protection of Personal Data under these Terms. All such audits will be performed at User’s expense. User shall give Glitch reasonable notice of any on-site audit to be conducted under this Section 14.3 (which shall in no event be less than thirty (30) days’ notice unless required by a regulatory authority). </li> <li>14.3.3. User shall reimburse Glitch for any time expended for any such on-site audit at Glitch’s then-current professional services rate, which shall be made available to User upon request. Before the commencement of any such on-site audit, User and Glitch shall mutually agree upon the scope, timing and duration of the audit in addition to the reimbursement rate for which User shall be responsible. All reimbursement rates shall be reasonable, taking into account the resources expended by Glitch. User shall promptly notify Glitch with information regarding any non-compliance discovered during the course of an audit. </li> <li>14.3.4. Deletion of Personal Data. Glitch shall delete Personal Data upon the termination or expiration of all Service Orders providing for the Processing of Personal Data and upon the request of User to the extent permitted by applicable law. User acknowledges that, except to the extent described in the Documentation, the Services do not export User Data and, therefore, Glitch will not return any Personal Data. </li> <li>14.3.5. Upon User’s request, and subject to the confidentiality obligations set forth in the Agreement, Glitch shall make available to User third-party certifications and audit reports regarding Glitch’s compliance with the obligations set forth in these Terms and User shall use such information solely for the purposes of complying with its obligations under Privacy and Data Protection Laws. </li> <li>14.3.1. 14.5. Certification of Deletion. The parties agree that the certification of deletion of Personal Data that is described in Clause 8.5 of the Standard Contractual Clauses shall be provided by Glitch to User only upon User’s request. </li> </ul>15.CCPA ComplianceAs a service provider to User under the Agreement, Glitch will comply with the CCPA’s restrictions and prohibitions on service providers selling Personal Data and retaining, using, or disclosing Personal Data outside of the parties’ direct business relationship. Glitch shall not collect, use, retain, or disclose Personal Data except as permitted in the Agreement and under the CCPA. Glitch shall not sell Personal Data.16.EnforcementIf any provision of these Terms is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of these Terms will remain in effect.17.Order of PrecedenceIn the event of any conflict or inconsistency among the following, the provisions of the following agreements, in order of precedence, shall prevail: (i) the Standard Contractual Clauses (when applicable), (ii) these Terms, (iii) the Service Order(s) and (iv) the Agreement.18.Changes to these Data Processing TermsIn consideration of Glitch’s ongoing obligations to comply with applicable law in the performance of the Services, Glitch may update these Terms. Glitch will provide no less than ten (10) days’ prior notice of any change to these Terms (formatting and other immaterial changes excepted), unless prior notice is not practicable due to a conflict in applicable law or regulation or other changes outside of Glitch’s reasonable control. This notice of an update to these Terms will be posted on the Website.Appendix 1.Details of the Parties and ProcessingA. List of PartiesData exporter(s): <ul> <li> Name: User and any Affiliates Address: Address of User described in the Agreement or as User has otherwise informed Glitch Contact person’s name, position, and contact details: As stated in the Agreement or as User has otherwise informed Glitch Activities relevant to the data transferred under the SCCs and the Terms: use of the Services in accordance with the Agreement Signature and Date: This Appendix 1 shall be deemed executed upon acceptance of the Terms. Role: Data exporter’s role is set forth in Section 3 of the Terms. </li> </ul> Data importer(s): <ul> <li> Name: Glitch, Inc. Address: 228 Park Avenue South, Suite 52723 New York, NY 10003-1502 Contact person’s name, position, and contact details: David Sando, Deputy General Counsel, Fastly, Inc., gc@fastly.com Activities relevant to the data transferred under the SCCs and the Terms: Processing necessary to provide the Services Signature and Date: This Appendix 1 shall be deemed executed upon acceptance of the Terms. Role: Processor </li> </ul>B. Description of Processing and Transfer The categories of Data Subject to whom the Personal Data relates Data Subjects include the identified or identifiable persons contained in data caused to be submitted to Glitch via the Services by or at the direction of User. Categories of personal data processed and transferred The Services are not intended for processing and storing personal data. however, personal data contained within network requests or User Data (as that term is defined in the Agreement) would be processed by the Services. Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures. The Services do not require the Processing of sensitive data. Sensitive data will be processed only if data exporter instructs data importer to process sensitive data. The sensitive or special categories of data contained in content or requests (as determined and controlled by the data exporter) may include, Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership and the processing of data concerning health or sex life. The frequency of the processing and transfer (e.g. whether the data is transferred on a one-off or continuous basis). Processing and transfers shall occur on a continuous basis as instructed by data exporter. *The nature and purpose of the Processing * Glitch provides all of its services upon the instruction of the data exporter in accordance with the terms of (i) the Agreement and (ii) the Data Processing Terms (or Data Processing Agreement as applicable) with the data exporter. Glitch will Process Personal Data as necessary to perform the Services pursuant to the Agreement, as further specified in the Documentation and in accordance with User’s use of the Services. Purpose(s) of the data transfer and further processing The objective of processing of personal data by data importer is the performance of the Services pursuant to the Agreement with data exporter. The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period Personal Data is retained consistent with data exporter’s instructions and data importer’s documentation. For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing Data may be transferred to sub-processors to process data, on data importer’s behalf, consistent with data exporter’s instructions to data importer and data importer’s published documentation. Data importer makes available to data exporter a current list of sub-processors engaged in connection with the Services. Notice of additions or changes to the list of sub-processors will be provided to data exporter via the applicable data importer website.C. Competent Supervisory Authority Identify the competent supervisory authority/ies in accordance with Clause 13 For the EEA Standard Contractual Clauses, the competent supervisory authority is determined in accordance with Clause 13 of the EEA SCCs. For the UK Standard Contractual Clauses, the competent supervisory authority is the UK Information Commissioner’s Office.Appendix 2.Technical and Organisational MeasuresIncluding Technical and Organisational Measures To Ensure The Security Of The DataGlitch will maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Personal Data. Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures in order to ensure the security of the processing Glitch conducts internal audits and risk assessments. Appendix 3.Cross Border Transfer Mechanism 1. Definitions Capitalized terms not defined in this Appendix shall have the meaning set forth in the Terms. 1.1. “Standard Contractual Clauses” means, as applicable to a particular transfer, one of the following: 1.1.1. EEA SCCs 1.1.2. UK SCCs 1.1.2. UK IDTA 1.2. “EEA SCCs” or “EEA Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Implementing Decision 2021/914 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council. 1.3. “UK SCCs” or “UK Standard Contractual Clauses” means the UK Addendum to the EEA SCCs adopted pursuant to or permitted under Article 46 of the UK GDPR. 1.4. “UK IDTA” means the UK International Data Transfer Agreement (IDTA) adopted pursuant to or permitted under Article 46 of the UK GDPR. 2. The Standard Contractual Clauses will apply to any Processing of Personal Data by Glitch where Personal Data is transferred from the European Economic Area (“EEA”), the United Kingdom and/or Switzerland to outside the EEA, the United Kingdom and/or Switzerland, either directly or via onward transfer, to any country or recipient: (a) not recognized by the European Commission, United Kingdom, or Switzerland (as applicable) as providing an adequate level of protection Personal Data (within the meaning of Privacy and Data Protection Laws). and (b) to the extent the transfer is not covered by an alternative mechanism of transfer (e.g., binding corporate rules) recognized by the relevant authorities or courts as providing an adequate level of protection for personal data. 3. Application of the EEA Standard Contractual Clauses. For data transfers from the EEA or Switzerland, then the EEA SCCs will apply as follows: 3.1 Module 2 (Controller to Processor) will apply where User is a Controller of Personal Data and Glitch is a Processor of Personal Data; 3.2 Module 3 (Processor to Processor) will apply where User is a Processor of Personal Data and Glitch is a Processor of Personal Data; 3.3 For each module, where applicable: 3.3.1. in Clause 7, the option docking clause will not apply. 3.3.2. in Clause 9, Option 2 will apply, and the time period for prior notice of a sub-processor will be as set forth in Section 10 of the Terms. 3.3.3. in Clause 11, the option will apply. 3.3.4. in Clause 17 (Governing Law) (Option 1), the law of the Netherlands will apply. 3.3.5. In Clause 18(b), disputes will be resolved before the courts of the Netherlands. 3.4 Annex I of the SCCs shall be deemed completed with the information in Appendix 1 of the Terms. 3.5 Annex II of the SCCs shall be deemed completed with the information in Appendix 2 of the Terms 3.6 For transfers from Switzerland: 3.6.1. The supervisory authority with respect to such personal Data is the Swiss Federal Data Protection and Information Commissioner. 3.6.2. References to a “Member State” shall be interpreted to refer to Switzerland. 3.6.3. Data subjects located in Switzerland shall be able to enforce their rights in Switzerland. 3.6.4. References to the EU GDPR shall be understood to refer to the Swiss Federal Act on Data Protection (as amended or replaced). 3.6.5. In Clause 17 (Governing Law)(Option 1), the law of Switzerland will apply. 3.6.6. In Clause 18(b), disputes will be resolved in the courts of Switzerland. 4. Application of the UK Standard Contractual Clauses. For Personal Data transfers from the EEA or Switzerland and the UK, the EEA SCCs will apply as noted in Section 3 above, and the UK SCCs to the EEA SCCs will apply to the Personal Data being transferred from the UK. 5. Application of the UK International Data Transfer Agreement.For Personal Data transfers from the UK that do not also involve Personal Data being transferred from the EEA or Switzerland (“Transferred Data”), then the UK IDTA will apply as follows: 5.1 Part one: Tables 5.1.1 Table 1: Parties and signature: This Table shall be deemed completed with the information in Appendix 1 of these Terms and the signatures to the Terms. 5.1.2 Table 2: Transfer Details 5.1.2.1 UK country’s law that governs the IDTA: England and Wales 5.1.2.2 Place for legal claims to be made: England and Wales 5.1.2.3 The status of the importer: Importer is the Exporter’s Processor or Sub-Processor 5.1.2.4 Whether the UK GDPR applies to the Importer: UK GDPR applies to the Importer’s Processing of the Transferred Data 5.1.2.5 Linked Agreements: The Agreement and the Terms. 5.1.2.6 Term: The Importer may Process the Transferred Data for the following time period: the period for which the Linked Agreement is in force. 5.1.2.7 Ending the ITDA before the end of the term: the Parties cannot end the IDTA before the end of the Term unless there is a breach of the IDTA. 5.1.2.8 Can the Importer make further transfers of the Transferred Data? The Importer MAY transfer on the Transferred Data to another organisation or person (who is a different legal entity) in accordance with IDTA Section 16.1 (Transferring on the Transferred Data). 5.1.2.9 Specific restrictions when the Importer may transfer on the Transferred Data: The Importer MAY ONLY forward the Transferred Data in accordance with IDTA Section 16.1 pursuant to the terms of Section 10 of the Terms. 5.1.2.10 Review Dates: The Parties must review this IDTA at least once each year. 5.1.3 Table 3: Transferred Data: This Table shall be deemed completed with the information in Appendix 1 of these Terms. 5.1.4 Table 4: Security Requirements: This Table shall be deemed completed with the information in Appendix 2 of these Terms.5.2 Part two: Extra Protection Clauses: Intentionally omitted5.3 Part three: Commercial Clauses: Intentionally omitted5.4 Part four: Mandatory Clauses: no modifications Build fast, full-stack web apps in your browser for freeTry something newglitch.new/reactCompanyAbout UsHandbookPressCareersCommunityHelp CenterForumService StatusLegal/TermsPricingReport AbuseCreate with...DigitalOceanFastlyWebXRSocial@glitch@glitchdotcom@fastlydevsLinkedInDEV.to ProfileThis site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.