These Data Processing Terms form part of the Terms between Sine and you and apply when we process Personal Data on your behalf in the course of providing the Services. These Data Processing Terms do not apply where we are the Controller. Defined and/or capitalized terms not defined here have the meanings given them in the Terms. If not defined in the Terms, capitalized terms have the meaning given them, or an equivalent term, in applicable data protection, privacy or security laws (“Privacy Laws”).These Data Processing Terms take precedence over any other terms of the Terms in relation to the Processing of Personal Data.
DESCRIPTION OF THE PROCESSING AND TRANSFER
(MODULE 2: CONTROLLER TO PROCESSOR)
A. LIST OF THE PARTIES |
|
Controller / Data Exporter |
You and your Affiliates, as set forth in the Terms. |
Processor / Data Importer
|
Name: Sine Group Pty Ltd A.C.N. 167 296 219. Address: 100 Pirie Street, Adelaide, South Australia 5000 Contact: Privacy Officer Email: [email protected]
|
B. DETAILS OF PROCESSING/TRANSFER |
|
CATEGORIES OF DATA SUBJECTS
|
The Personal Data processed and transferred is determined and controlled by you in your sole discretion and may include, without limitation, the following categories of Data Subjects: (i) employees, contractors and temporary workers (current, former, prospective) of data exporter; (ii) channel partners, distributors, sales partners, and business partners (iii) advisors, trainers, consultants, service providers and other third parties; (iv) Users of the Services; (v) any other data subject as described in the Terms. |
CATEGORIES OF PERSONAL DATA |
The Personal Data processed and transferred is determined and controlled by you in your sole discretion and may include, without limitation, the following categories of data: name, email address, job title, country of residence, mobile phone number, username, password, security question, IP addresses, unique identification numbers and signatures, voice, video and data recordings, location data, and device identification (e.g., UUID, IMEI-number, SIM card number, MAC address). |
SPECIAL CATEGORIES OF DATA |
The Services is not intended for the Processing of Special Categories of Data or Prohibited Data, and you shall not transfer, directly or indirectly to us, except with respect to facial recognition in connection with Face Check and limited health data, where applicable. |
1. FREQUENCY |
The Personal Data transfers under the Terms will take place on a continuous basis. |
2. NATURE OF THE PROCESSING
|
Sine and its Subprocessors are providing the Services or fulfilling contractual obligations to you, as described in the Terms. These Services may include the processing of Personal Data by Sine and/or its Subprocessors. |
PURPOSE OF PROCESSING / TRANSFER |
Your Personal Data is processed and transfer is made for the following purposes: (i) providing the Services and facilitating communication with customers, employees and Users; (ii) administration and management of channel partners, distributors and/or sales partners; (iii) identity management and security; (iv) managing product and service development, improving existing and developing new products and services, research and development; (v) research; (v) any other scope and purpose as described in the Terms. |
RETENTION |
Your Personal Data will be retained in accordance with the Terms unless applicable law requires storage of the Personal Data for a longer period. |
TRANSFER TO SUBPROCESSORS |
Sine may process and transfer Personal Data to Subprocessors in relation to the performance of the Terms and in accordance with the following scope:
|
C. COMPETENT SUPERVISORY AUTHORITY |
|
For the purposes of Clause 13 of the SCCs, the competent supervisory authority for the Customer shall be the supervisory authority applicable to the Customer in its EEA country of establishment or, where it is not established in the EEA, in the EEA country where its representative has been appointed pursuant to Article 27(1) of Regulation (EU) 2016/679. |
|
D. GOVERNING LAW AND CHOICE OF FORUM |
|
GOVERNING LAW |
For the purposes of Clause 17 of the SCCs, the parties select the law of Ireland. |
CHOICE OF FORUM |
For the purposes of Clause 18 of the SCCs, the parties agree that the courts of Ireland will have jurisdiction. |
E. OTHER |
|
Where the SCCs identify optional provisions or provisions with multiple options the following will apply: |
For Clause 7 (Docking Clause), the optional provision will apply. |
For Clause 9(a), option 2 will apply. The parties will follow the process agreed in Section 2 (Subprocessors). |
|
For Clause 11(a) (Redress), the optional provision will not apply. |
|
For Clause 12 (Liability), the limitation of liability in the Terms applies to these Data Processing Terms. |
SECURITY MEASURES
This Annex 2 describes the Security Measures designed to protect and secure our SaaS Services when we Process Personal Data under the Terms. We may update or modify the Security Measures from time to time provided that such updates and modifications do not result in a material degradation of the overall security of the Services provided under the Terms. Beta Services may be subject to different practices.
Categories |
Practices |
Personnel Security |
|
Physical Security |
Sine and its cloud services providers (e.g., Amazon Web Services) take measures to prevent unauthorized physical access to premises and facilities holding Personal Data. This may be accomplished through:
|
Access Control |
Sine has robust Identity and Access Management controls in place with usage of unique user ID and complex password for authentication. Sine follows complex password policy. The protection measures include:
|
Asset Management |
o Information Asset Protection to protect information throughout its lifecycle including creation, use, processing, storage, transmission and destruction. o Continuous Monitoring Strategy with data loss prevention mechanism. o Asset Inventory to maintain inventories of its systems supporting customer information. o Asset Configuration and Control. |
Incident Management |
|
Network Security |
|