Effective Date: July 24, 2018.
This Yola Data Processing Addendum forms part of, and is subject to the provisions of, the Yola Terms of Service. Capitalized terms not defined here have the meanings set forth in the Terms of Service.
We, the Processor, technically operate a website and/or online shop on our systems located in countries including the US on behalf of you, the Controller.
The Processor shall process personal data for the Controller in terms of Article 4(2) and Article 28 of the GDPR based on this Agreement.
The contractually stipulated service shall be performed exclusively in a Member State of 欧洲联盟或欧洲经济区协定的一个缔约国. 只有在下列情况下，服务或其部分才应转移到另一个国家 the specific requirements of Article 44 and subsequent Articles of the GDPR are met (e.g. 欧洲委员会作出的适当性决定、标准数据保护条款、经批准的行为准则). We are a certified member of the EU-US and Swiss-US privacy shield. The processing of personal 数据由位于美国的处理器为控制器执行 the framework of these adequacy decisions.
MG游戏中心确保阁下的网站及/或网上商店可于 framework of our Terms of Service. Furthermore, we process all information in connection with user orders and make it available to you. You are then responsible for the execution of the contracts concluded with your users.
处理是指收集、储存及使用有关的个人资料 operation of the respective website and/or online shop.
Data subjects are users of the respective website and/or online shop.
财务主任应单独负责评估依据程序的合法性 根据《mg游戏平台下载》第6(1)条的规定，并根据《mg游戏平台下载》第6(1)条的规定，保障数据主体的权利 Articles 12-22 of the GDPR. Nevertheless, the Processor shall be obligated to forward to the 管理员所有这些询问，在其意图明确的范围内，不得无故拖延 for the Controller exclusively.
财务主任一般应以书面形式发出所有命令、部分命令和指示 or in a documented electronic format. Verbal instructions are to be confirmed in writing or in a documented electronic format without undue delay. The Controller shall be entitled to convince itself adequately of the Processor's adherence to technical and organizational 处理方采取的措施，以及本协议中规定的义务 of the processing and on a regular basis thereafter, as set down in Section 4 hereof.
如果控制人发现错误或错误，应立即通知处理人 irregularities when reviewing the results of the processing.
控制人有义务处理有关商业秘密和数据安全的所有知识 由此在合同关系框架内获得的处理程序的度量 confidentially. This obligation shall remain in effect even after the Termination of this Agreement.
The Controller's authorized issuers of instructions and communication channel for this Agreement shall be:
The Processor shall process personal data exclusively within the bounds of the agreements 除非财务主任有义务执行 根据欧盟或其所属成员国的法律进行其他处理 subject (e.g. investigations by law enforcement and state security authorities); in such a case, the Processor shall inform the Controller of that legal requirement before processing, 除非该法律基于公共利益的重要理由禁止提供此类信息 28(3) Sentence 2 character a of the GDPR).
The Processor hereby warrants that all measures stipulated herein in connection with the processing of personal data under this Agreement will be taken in accordance with this Agreement. The Processor hereby warrants that the data processed for the Controller will be kept strictly separate from other data.
来自控制器的或用于控制器的数据存储媒体必须有专门的标签. The arrival, departure and ongoing use thereof shall be documented.
The Processor shall be required to participate to a necessary extent and provide the Controller with reasonable assistance to the extent possible in safeguarding the rights of data subjects in accordance with Articles 12-22 of the GDPR, in compiling records of 处理活动和必要的影响评估(第28(3)条) Sentence 2 character e and f of the GDPR). The Processor shall provide the necessary information in this regard without undue delay in each case to the Controller. The Controller informs the 处理器在写完本DPA后，立即向控制器办公室汇报 shall be addressed.
处理程序如认为有指示，应及时通知控制程序 违反法定条文(《MG游戏中心》第28(3)条第3句). 处理器有权延迟相关指令的执行，直到它生效 confirmed or amended by the Controller's controller after review. The Processor shall be required 修改、删除或限制处理因合约关系而产生的个人资料 除非财务主任有合法理由反对，否则须以指示方式提出该项要求 interests of the Processor.
The Processor shall notify the Controller by posting on Yola.com without undue delay of 加工者或其雇用的人员对规定的破坏和违反 data protection law or the provisions of the Agreement, as well as of the suspicion of data protection violations or irregularities in the processing of personal data. This shall apply above all with respect to possible notification and communication obligations of the Controller in accordance with Article 33 and Article 34 of the GDPR. The Processor hereby warrants that it will adequately assist the Controller with its obligations in accordance 与GDPR第33条和第34条(GDPR第28(3)条第2个字符). Notifications on behalf of the Controller under Articles 33 or 34 of the GDPR may only be executed by the Processor after prior instruction pursuant to Section 4 of this Agreement.
处理器可聘请第三方及/或分包商处理个人资料 under this Processor Agreement.
加工商会对这些第三方和/或分包商负责，并将施加 第三方和/或分包商的条件、义务和责任与 mentioned in this Processor Agreement. Upon written request by Controller, the Processor is to 提供有关其子处理器与数据保护相关的义务的信息 at any time.
一种足以保障受影响的自然人的权利和自由的危险程度 specific processing shall be ensured. To this end, the protective goals of Article 32(1) of the GDPR, such as the confidentiality, integrity and availability of systems and services and the resilience thereof with regard to the nature, scope, context and purpose of the processing shall be taken into account so that 通过适当的技术和组织措施，以持久的方式减轻风险.
Upon written request from the Controller, and no more than once per calendar year, the Processor will make 向财务主任提供所有必要的信息，以证明其遵守其在本协议项下的义务 the GDPR and allow for and contribute to audits, including inspections, conducted by the Controller or another auditor mandated by the Controller. Any reviews of information, audits, or inspections conducted pursuant to this Section shall be at the Controller’s sole expense.
处理方负责实施本数据处理附录中规定的措施. The Processor is not liable if these measures turn out to be insufficient. The Controller indemnifies the Processor against claims of third parties, including data protection authorities, ensuing for any reason 本资料处理附录所载的个人资料处理中的任何内容.