The categories of company personal data to be processed by the service provider and the processing activities to be carried out under this Agreement are listed in Appendix 1. In addition to, and not in lieu of, these representations, warranties and representations in the Agreement, the Service Provider warrants, undertakes and undertakes, with respect to the Company`s Personal Data, that at all times it: process the Company`s Personal Data only in accordance with documented instructions given by the Company from time to time, including transfers, unless Union or national law of an EU Member State to which the service provider is subject provides otherwise. National Law Journal named Lighthouse`s Spectra Platform a Legal Technology Pioneer 2022 For 25 years, Lighthouse has provided software and services to manage the increasingly complex enterprise data landscape for compliance and legal teams. Lighthouse is a leader in developing proprietary technologies that integrate with industry-leading third-party software, automate workflows, and create an easy-to-use, end-to-end platform. Lighthouse also offers unique proprietary applications and consulting services that are invaluable for large, complex issues, as well as a new SaaS platform, Spectra, designed for in-house teams. Whether responding to incidents such as litigation or regulatory investigations, or developing programs to proactively minimize the potential for future incidents, Lighthouse works as a channel partner with multinational industry leaders, leading global law firms, and the world`s leading software provider. For more information, see lighthouseglobal.com. The Service Provider designates Click Dimensions as the current data processor. Notwithstanding the provisions of the Agreement, the Service Provider shall not, without the prior written consent of the Company, engage any other third party to process the Company`s Personal Data (“Sub-processor”) and shall in any event be submitted to the Service Provider: provide the Company with reasonable notice of the identity and location of the Sub-processor and a description of the processing intended by the Sub-Processor that enable the Company to assess the potential risks to the Company`s personal data. Data; and impose legally binding contractual conditions on the sub-processor that are consistent with those contained in this amendment, including the referenced Annexes. The Service Provider will notify the Company promptly, without undue delay, but in any event within 24 (twenty-four) hours of becoming aware of any destruction, loss, alteration or disclosure of or access to the Company`s Personal Data, actual or suspected accident, unauthorized or illegal (“Security Breach”). The Service Provider will also provide the Company with a detailed description of the security breach, the nature of the data that was the subject of the security breach and (to the extent known to the Service Provider) the identity of each data subject once such information may be collected or becomes available, as well as any other information and cooperation that the Company may reasonably request with respect to the security breach. Service Provider agrees to take immediate action at its own expense to investigate the security breach and identify, prevent and mitigate the effects of such security breach and, with the prior consent of the Company, to take any recovery or other action necessary to remedy the security breach.
Cooperation. The Provider agrees to provide all assistance reasonably necessary to the Company to respond, comply with or otherwise resolve any request, question, complaint, request or binding instruction received by: (a) any living person whose personal data is processed by the Service Provider on behalf of: the Company; and (b) any regulatory or data protection authority. In the event that the Service Provider receives such notice in connection with the processing of Personal Data under this Agreement, the Service Provider will promptly notify the Company and will not respond to such communication, unless required by law or expressly authorized by the Company in writing. In the event that the Service Provider is required by law, court order, warrant, subpoena or other legal process to disclose the Company`s personal data to third parties, the Service Provider will promptly notify the Company if and to the extent prohibited by law. The Service Provider shall provide the Company with all reasonable assistance to enable the Company to respond, oppose or contest any such request. If the Company is unable to obtain, or does not obtain, a protective order or other remedy under this Section, the Service Provider may disclose only the portion of the Company`s Personal Data that it is legally required to disclose and will use reasonable efforts to ensure that the Company`s disclosed Personal Data is treated in accordance with the Agreement and kept confidential. become. Data transmission.