Service Provider Data Protection Agreement
The information is provided by Nanoschool (owned and managed by IT Break.com Pvt. Ltd.) hereby refered as "company" for Mentor/ trainer/ guide or any person providing service to company, hereby refered to as "service provider"
- Scope and Purpose
This Service Provider Data Protection Agreement (“Agreement”) sets forth the terms and conditions governing the protection of personal data provided by company to the Service Provider for the provision of services to company. The Service Provider shall comply with the data protection laws and regulations applicable to the processing of personal data under this Agreement.
2.1 For the purposes of this Agreement, “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.2 The terms “processing,” “controller,” “processor,” “data subject,” and “supervisory authority” shall have the meanings ascribed to them in the General Data Protection Regulation (“GDPR”).
- Obligations of the Service Provider
3.1 The Service Provider shall process personal data only in accordance with the written instructions of company.
3.2 The Service Provider shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing the personal data.
3.3 The Service Provider shall ensure that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
3.4 The Service Provider shall not engage any third-party subprocessors for the processing of personal data without company’s prior written consent.
3.5 The Service Provider shall provide assistance to company, including by appropriate technical and organizational measures, to enable company to comply with requests from data subjects to exercise their rights under GDPR.
3.6 The Service Provider shall notify company without undue delay after becoming aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed on behalf of company.
- company's Obligations
4.1 company shall provide written instructions to the Service Provider regarding the processing of personal data.
4.2 company shall indemnify the Service Provider for any loss, damage, claim or expenses arising out of or in connection with any processing of personal data in accordance with company's written instructions.
- Term and Termination
5.1 This Agreement shall commence on the effective date and shall continue until the earlier of
(i) the completion of the processing of personal data in accordance with this Agreement, or
(ii) the termination of all agreements between the parties.
5.2 This Agreement may be terminated by either party immediately in writing in the event of a material breach of this Agreement by the other party, which breach is not cured within 30 days of receipt of written notice from the non-breaching party.
- Applicable Law and Jurisdiction
6.1 This Agreement shall be governed by and construed in accordance with the laws of the jurisdiction in which the Service Provider is located.
6.2 Any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity, or termination, shall be finally resolved by and constructed in accordance with the laws of India without reference to conflict of laws principles. In the event any dispute in relation hereto is brought by the User, it shall be subject to the exclusive jurisdiction of the courts of Delhi, India.