{"id":25032,"date":"2025-03-27T03:44:21","date_gmt":"2025-03-27T03:44:21","guid":{"rendered":"https:\/\/employmenthero.com\/sg\/legals\/data-processing\/"},"modified":"2026-05-15T03:49:07","modified_gmt":"2026-05-15T03:49:07","slug":"data-processing","status":"publish","type":"legals","link":"https:\/\/employmenthero.com\/sg\/legals\/privacy-policy\/data-processing\/","title":{"rendered":"Data Processing Addendum"},"content":{"rendered":"\n<div class=\"wp-block-group alignfull has-light-violet-50-background-color has-background has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--28);padding-bottom:var(--wp--preset--spacing--28)\">\n<div class=\"wp-block-group is-layout-flex wp-block-group-is-layout-flex\">\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-1 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large);padding-right:var(--wp--preset--spacing--small);padding-left:var(--wp--preset--spacing--small)\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-1 wp-block-group-is-layout-constrained\">\n<h1 class=\"wp-block-heading\">Data Processing Addendum<\/h1>\n\n\n\n<p class=\"has-xl-font-size\">These are our data processing terms that apply between 91爆料 and the Customer<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-2 wp-block-columns-is-layout-flex\" style=\"padding-top:var(--wp--preset--spacing--12)\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:25%\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained wp-container-1 is-position-sticky\">\n<p class=\"has-xl-font-size\" style=\"padding-top:var(--wp--preset--spacing--4);padding-bottom:var(--wp--preset--spacing--4)\">Contents<\/p>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-neutral-200-color has-alpha-channel-opacity has-neutral-200-background-color has-background\"\/>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--6)\"><strong><a href=\"#Overview\">Overview<\/a><\/strong><\/p>\n\n\n\n<p style=\"margin-top:var(--wp--preset--spacing--6);margin-bottom:var(--wp--preset--spacing--6)\"><strong><a href=\"#Background\">Background<\/a><\/strong><\/p>\n\n\n\n<details class=\"wp-block-details is-style-eh-accordion-nav is-layout-flow wp-container-core-details-is-layout-1 wp-block-details-is-layout-flow\"><summary><strong><a href=\"#1\">1. Definition<\/a><\/strong><\/summary>\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#1.1\">1.1 Clarifications for this DPA<\/a><\/strong><\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-style-eh-accordion-nav is-layout-flow wp-container-core-details-is-layout-2 wp-block-details-is-layout-flow\"><summary><strong><a href=\"#1\">2. Data processing terms<\/a><\/strong><\/summary>\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.1\">2.1 General data processing terms<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.2\">2.2 Sub-Processors<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.3\">2.3 International transfer mechanisms<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.4\">2.4 Data Breach<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.5\">2.5 Audits and inspections<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.6\">2.6 Return or deletion of Personal Data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.7\">2.7 Limitation on liability<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#2.8\">2.8 Other general terms<\/a><\/strong><\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-style-eh-accordion-nav is-layout-flow wp-container-core-details-is-layout-3 wp-block-details-is-layout-flow\"><summary><strong><a href=\"#1\">Schedule 1 \u2013&nbsp;Data Processing Information<\/a><\/strong><\/summary>\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.1\">Nature and purpose of processing operations<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.2\">Categories of data subject<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.3\">Categories of data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S1.3.1\">Categories of Personal Data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S1.3.2\">Special Categories of Personal Data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.4\">Duration of Processing<\/a><\/strong><\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-style-eh-accordion-nav is-layout-flow wp-container-core-details-is-layout-4 wp-block-details-is-layout-flow\"><summary><strong><a href=\"#1\">Schedule 1 \u2013&nbsp;Data Processing Information<\/a><\/strong><\/summary>\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.1\">Nature and purpose of processing operations<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.2\">Categories of data subject<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.3\">Categories of data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S1.3.1\">Categories of Personal Data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S1.3.2\">Special Categories of Personal Data<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S1.4\">Duration of Processing<\/a><\/strong><\/p>\n<\/details>\n\n\n\n<p style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4)\"><strong><a href=\"#Schedule-2\">Schedule 2 \u2013&nbsp;Technical and Organisational Measures<\/a><\/strong><\/p>\n\n\n\n<details class=\"wp-block-details is-style-eh-accordion-nav is-layout-flow wp-container-core-details-is-layout-5 wp-block-details-is-layout-flow\"><summary><strong><a href=\"#1\">Schedule 3 \u2013&nbsp;Annexes to the EU SCCs and Appendices to the UK SCCs<\/a><\/strong><\/summary>\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S3.1\">Annex I\/ Appendix 1:<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S3.1.A\">A: List of parties<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S3.1.B\">B: Description of transfers<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--8)\"><strong><a href=\"#S3.1.C\">C: Competent supervisory authority<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><strong><a href=\"#S3.2\">Annex II\/ Appendix 2: Technical and organisational measures<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-sm-font-size\" style=\"margin-top:var(--wp--preset--spacing--4);margin-bottom:var(--wp--preset--spacing--4);padding-left:var(--wp--preset--spacing--4)\"><a href=\"#S3.3\">Annex III of the EU Standard Contractual Clauses<\/a><\/p>\n<\/details>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column has-link-color wp-elements-8c0444bf4fe4b15b55b935adf583c1c1 is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:75%\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\">\n<h2 class=\"wp-block-heading\" id=\"Overview\"><strong>Overview<\/strong><\/h2>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f93a0b9ea0cdeb996ce4d26c470d7560\" style=\"padding-top:var(--wp--preset--spacing--8)\">This Data Processing Addendum explains our data processing activities carried out as a Data Processor on behalf of our Customers.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>For customers and users in all regions other than Canada<\/strong>: This version of the Data Processing Addendum takes effect as of&nbsp;<strong>2 September 2025<\/strong>.<\/li>\n\n\n\n<li><strong>For customers and users in Canada<\/strong>: This version of the Data Processing Addendum takes effect as of&nbsp;<strong>1 October 2025<\/strong>. For Canadian customers that signed up on or after 12 May 2025.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d7ed66a9575f262bea30292502202e58\" style=\"padding-top:var(--wp--preset--spacing--4)\">Previous versions of this document can be found&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/archived\/\"><strong>here<\/strong><\/a><strong>.<\/strong><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\">\n<h2 class=\"wp-block-heading\" id=\"Background\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong>Background<\/strong><\/h2>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-3bb102dfcc0759ec739100c29fccc0ba\" style=\"padding-top:var(--wp--preset--spacing--8)\">This Data Processing Addendum (\u2018<strong>DPA<\/strong>\u2018) forms part of the agreement between 91爆料 (and its Affiliates including Employment Innovations entities) (\u2018<strong>us<\/strong>\u2018, \u2018<strong>we<\/strong>\u2018, or \u2018<strong>our<\/strong>\u2018) and our Customers (\u2018<strong>you\u2019&nbsp;<\/strong>or \u2018<strong>your<\/strong>\u2018). It reflects our agreement with you regarding the processing of your Customer Personal Data and acts as an addendum to the 91爆料&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/terms-conditions\/\">Platform Terms and Conditions<\/a>, and\/or any other terms and conditions that you agree to when receiving Services from us (the \u2018<strong>Agreement<\/strong>\u2018).<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-0f64819c41875b13959aa7c14b940b25\" style=\"padding-top:var(--wp--preset--spacing--4)\">When you enter into the Agreement, including this DPA, you do so to receive our Services, including the use of the 91爆料 Platform and\/or the 91爆料 Work app.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\">\n<h2 class=\"wp-block-heading\" id=\"1\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong>1. Definition<\/strong><\/h2>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d7ae1644331d4994ea0ba4ec516088fa\" style=\"padding-top:var(--wp--preset--spacing--8)\">In this DPA:<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f12a04e1caeed4d6a4cecdb839db82ba\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Affiliates<\/strong>&nbsp;means any corporation or other business entity controlling, controlled by or under common control with 91爆料 Pty Ltd. A current list of Affiliates is available&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/privacy-policy\/data-processing\/affiliates\/\">here<\/a>;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-b1a695383b0d2c3247cbfd574938ea89\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Applicable Law&nbsp;<\/strong>means all laws, regulations, orders, rules, judgments, directives, industry agreements or determinations in force from time to time applicable to a party and relevant to the Agreement or this DPA, including, without limitation the GDPR, the UK GDPR, Privacy Act 1988 (Cth), Personal Information Protection and Electronic Documents Act (PIPEDA), and Privacy Act 2020;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-407c0d2f8a5f28071148a56671bfae01\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Customer<\/strong>&nbsp;means you, the specific party which has entered into the Agreement with us;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-cd2dfb9a30d5f389982c3db611902c63\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Customer Personal Data<\/strong>&nbsp;means Personal Data in respect of which you are the Data Controller, and we are the Data Processor; but which excludes Personal Data processed by us when acting as a Data Controller;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-6f052cbe1c7dc41360a5f983bbfe877e\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Data Breach&nbsp;<\/strong>means any accidental or unlawful acquisition, destruction, loss, alteration, unauthorised disclosure of, or access to, Customer Personal Data;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-c9fd8cede0393b9463b2a859431133f8\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Data Controller<\/strong>&nbsp;means the entity which alone or jointly with others determines the purposes and means of processing of Personal Data, it will be interpreted in accordance with the GDPR and the UK GDPR;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d4e64f409258c9efefde0ed6429d4e8f\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Data Processor<\/strong>&nbsp;means an entity which processes Personal Data on behalf of a Data Controller, it will be interpreted in accordance with the GDPR and the UK GDPR;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f0fe909967fc08bc391260aef92b792d\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Data Protection Law<\/strong>&nbsp;means the GDPR, the UK GDPR, Directive 2002\/58\/EC concerning the processing of Personal Data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), any national laws or regulations implementing the foregoing Directives, any other privacy and data protection laws that may be applicable to the parties (including data privacy laws that are specific to the region in which you or our relevant Affiliate entity is based like Australia, Canada, and New Zealand), and any amendments to or replacements of such laws and regulations;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4d18bfa6582086b0f65fcec71c79d2e4\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Data Subject<\/strong>&nbsp;has the meaning given to it in the GDPR and the UK GDPR;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-7b1e000817e5dc6708a425e90cbab1c1\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>EEA<\/strong>&nbsp;means the European Economic Area;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-c715a97399d8de0d21132baeee9b6dfc\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>GDPR<\/strong>&nbsp;means in each case to the extent applicable to the processing activities: (i) Regulation (EU) 2016\/679; and (ii) Regulation (EU) 2016\/679 as amended by any legislation arising out of the withdrawal of the UK from the European Union;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-760c95ef44c16fddea070fc687fe16cc\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>91爆料<\/strong>&nbsp;means 91爆料 Pty Ltd, 91爆料 (UK) Ltd or the relevant 91爆料 Affiliate in your region (like New Zealand or Canada) which has entered into the Agreement with you for the provision of the Services;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-376d66f9c2c2c05f3abbb57ef61cb72c\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Personal Data<\/strong>&nbsp;means any information relating to an identified or identifiable natural person and an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-df4d74485ad6c80342869bd07cb6a50c\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Processing<\/strong>&nbsp;has the meaning given to it in Data Protection Law (the \u2018GDPR\u2019 and the \u2018UK GDPR\u2019) and \u2018process\u2019, \u2018processes\u2019 and \u2018processed\u2019 will be interpreted accordingly;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-265826490f662c5c1d4f51378b5e3446\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Relevant Country<\/strong>&nbsp;means all countries other than those (a) within the EEA and (b) countries in respect of which an adequacy finding under Article 25(6) of the European Data Protection Directive or Article 45 of the GDPR has been given;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4ffd858bde93a97d6178d073aaccf496\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Services<\/strong>&nbsp;means the provision of cloud-based and artificial intelligence powered human resources and payroll software services, EH Jobs app, Managed Payroll services, HeroForce EoR where we act on behalf of our Customer, Applicant Tracking System (ATS), financial services products, and\/or other products and services provided by us and\/or our Affiliates under the Agreement through our websites, platforms and apps where we act in the capacity of a Data Processor;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4d975b33df5ee0b7ede343499d02fb5f\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Standard Contractual Clauses&nbsp;mean:<\/strong><\/p>\n\n\n\n<ol style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list has-black-color has-text-color has-link-color wp-elements-e427ab5e323fe2ad6f649110097a7843\">\n<li>in respect of EU Personal Data, the&nbsp;<a href=\"https:\/\/commission.europa.eu\/publications\/standard-contractual-clauses-international-transfers_en\">EU Standard Contractual Clauses<\/a>&nbsp;for the transfer of Personal Data to third countries pursuant to the GDPR, adopted by the European Commission under Commission Implementing Decision (EU) 2021\/914 and made available on the European Commission website (or any replacement publication made on the website), including the text from modules two and three of such clauses and not including any clauses marked as optional (\u2018<strong>EU Standard Contractual Clauses\u2019<\/strong>);<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">in respect of UK Personal Data:\n<ul style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list\">\n<li>2.1 the&nbsp;<a href=\"https:\/\/ico.org.uk\/media2\/migrated\/4019539\/international-data-transfer-addendum.pdf\">International Data Transfer Addendum to the EU Standard Contractual Clauses<\/a>&nbsp;(\u2018<strong>UK Addendum<\/strong>\u2018) made available on the ICO website (or any replacement publication made on the website), issued by the Information Commissioner and laid before Parliament in accordance with s.119A of the Data Protection Act 2018 on 2 February 2022 but, as permitted by clause 17 of such addendum, the parties agree to change the format of the information set out in Part 1 of the UK Addendum so that:\n<ul style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list\">\n<li>2.1.1 the details of the parties in table 1 of the UK Addendum will be as set out in Schedule 3 (with no requirement for signature);<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">2.1.2 for the purposes of table 2 of the UK Addendum, the UK Addendum will be appended to the EU Standard Contractual Clauses (including the selection of modules and non-application of optional clauses as noted above); and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">2.1.3 the appendix information listed in table 3 of the UK Addendum is set out in Schedule 3.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-2c660f80c0bdd3675403709f76a1b9cb\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong>91爆料 Work app<\/strong>&nbsp;means the mobile application and its services provided to you (Customers and Users).<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-1d27e951d02fe969ae87d97d22c20bb0\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Sub-Processor<\/strong>&nbsp;means any entity which is engaged by us or by any other sub-processor of ours who may access or process Customer Personal Data;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-8b50c26ffc4910270d6205e32e389e4c\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>UK GDPR<\/strong>&nbsp;means the GDPR as applicable as part of UK domestic law by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (as amended);<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-51097001a4035b1deb7ac1eb7cd141ee\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>User<\/strong>&nbsp;means individual users of the Services including employees of your organisation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1.1\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>1.1 Clarifications for this DPA<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-904c5012f69f1f30d7413c8eeb955f29\" style=\"padding-top:var(--wp--preset--spacing--8)\">1.1.1 any words following the terms \u201clike\u201d, \u201cinclude\u201d, \u201cfor example\u201d or any similar expression will be construed as illustrative and will not limit the sense of the words, description, definition, phrase or term preceding those terms;<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-63ac52a5df98817ad74103ce243e060d\" style=\"padding-top:var(--wp--preset--spacing--4)\">1.1.2 references to Clauses and Schedules are, unless otherwise stated, references to the clauses of, and schedules to, this DPA; and<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-105db7f764c38430b0d224dbd2e55691\" style=\"padding-top:var(--wp--preset--spacing--4)\">1.1.3 references to this DPA or any other agreement or document are to this DPA or such other agreement or document as it may be varied, amended, supplemented, restated, renewed, novated, or replaced from time to time.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--10)\">\n<h2 class=\"wp-block-heading\" id=\"2\"><strong>2.Data processing terms<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.1\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.1 General data processing terms<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-3b165a12c189af65ba4a1a5fe230845e\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.1.1<strong>&nbsp;Roles of the parties:&nbsp;<\/strong>You are the Data Controller and we are the Data Processor of the Customer Personal Data. We require certain Personal Data to set up and manage your account on our platforms and apps and to provide Services under the Agreement. We may also provide specific services and support relating to individuals where we determine the purposes for which, and means in which, the Personal Data is processed, and in these cases, we will process Personal Data as a Data Controller.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-00ce3b7f4389ac4a07b5c9a18705beb5\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.1.2<strong>&nbsp;Scope of this DPA:&nbsp;<\/strong>This DPA only applies to the processing of Customer Personal Data by us in connection with the Services under the Agreement. The categories of Data Subjects and types of Customer Personal Data processed are set out in Schedule 1 of this DPA. Customer Personal Data is processed for the purpose of providing the Services and other purposes as identified in Schedule 1 of this DPA. We may process Customer Personal Data for the duration of the Agreement (or longer to the extent permitted by Applicable Law).<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-cf31e09c52ea239ded3b3e0fc6dfba17\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.1.3<strong>&nbsp;Legal compliance obligation:&nbsp;<\/strong>Each party agrees that in relation to this DPA, it is compliant with, and will remain compliant with all Applicable Law. You will make sure that you have provided notice to Data Subjects of the data processing activities carried out under this DPA. If you are based in UK and\/or EU, then you will make sure that there is a valid lawful basis under the UK GDPR and\/or GDPR for all Customer Personal Data that is disclosed in connection with the Agreement for the data processing activities envisaged by the Agreement.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-713530a529e0c1e411f9dec253d1cf4f\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.1.4&nbsp;<strong>Our rights and responsibilities:&nbsp;<\/strong>Other than for anything to the contrary in the Agreement, in relation to Customer Personal Data, we will:<\/p>\n\n\n\n<ol style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4;list-style-type:lower-alpha\" class=\"wp-block-list\">\n<li>process Customer Personal Data only in accordance with your instructions as established in the Agreement or as you have provided to us in writing from time to time, given that these instructions are reasonable and subject to our right to charge additional sums at our current rates should the scope of the agreed services be exceeded. In addition to this, we may:\n<ol style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4;list-style-type:lower-roman\" class=\"wp-block-list\">\n<li>process Customer Personal Data as required under Applicable Law and take reasonable steps to inform you of such a requirement before processing the data, unless the law prohibits this; and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">&nbsp;process Customer Personal Data when analysing and\/or providing support in relation to the Services, and carrying out measures to further develop and improve the Services for our customer base as a part of the ongoing delivery of Services, provided that necessary safety measures are put in place as may be required by Applicable Law;<\/li>\n<\/ol>\n<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">promptly notify you, if in our opinion, an instruction given to us by you infringes Data Protection Law;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">where applicable, make sure that access to Customer Personal Data is given to our (or our Sub-Processors\u2019) personnel who are contractually bound to respect the confidentiality of this type of Customer Personal Data;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\">implement appropriate technical and organisational measures to protect against unauthorised or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer Personal Data. These measures will be appropriate to the harm which might result from any unauthorised or unlawful processing, accidental loss, destruction, damage, or theft of Customer Personal Data, and having regard to the nature of the Customer Personal Data which is to be protected and is set forth in Schedule 1 of this DPA. You acknowledge that we may change the security measures through the adoption of new or enhanced security technologies, and you authorise us to make such changes provided that they do not materially diminish the level of protection. We make information about our most up-to-date security measures applicable to the Services available&nbsp;<a href=\"https:\/\/help.employmenthero.com\/hc\/en-au\/articles\/360001054196-Employment-Hero-s-security-measures-and-single-sign-on-SSO-processes-via-the-HR-platform\">here<\/a>;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\">at your reasonable request and at your cost, to the extent that this is possible, assist you with your obligations to respond to requests from Data Subjects of Customer Personal Data looking to exercise their rights under Data Protection Law (to the extent that the Customer Personal Data is not accessible to you through the Services provided under the Agreement);<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\">at your reasonable request and at your cost, taking into account the nature of the processing and the information available to us, assist you with your obligations under Articles 32 to 36 of the GDPR; and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\">at your written request, delete or return to you any Customer Personal Data within the agreed period of time after the end of the provision of the Services as set out in the Agreement (or within a reasonable period of time if the Agreement is silent on this point), unless Applicable Law requires storage of the Customer Personal Data.<\/li>\n<\/ol>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-44046694613fed7d20a7bd237966800c\" style=\"padding-top:var(--wp--preset--spacing--8);padding-bottom:var(--wp--preset--spacing--2)\">2.1.5 <strong>Data storage<\/strong>: The Personal Data that we hold within our platform will be stored and managed on secure data centres by our third-party storage provider. The locations of our data centres are set out in the table below.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Region<\/strong><\/td><td><strong>Relevant Services and the location of data centres in which our platform data is stored<\/strong><\/td><\/tr><tr><td>APAC region<\/td><td>Personal Data within our platform is located in data centres in Australia.<\/td><\/tr><tr><td>The United Kingdom<\/td><td>HR related Personal Data within our platform is located in data centres in Australia and Ireland.<br>Payroll related Personal Data within our platform is primarily located in data centres in Ireland.<\/td><\/tr><tr><td>Canada<\/td><td><strong>For classic Humi by 91爆料 Customers:<\/strong> Personal Data is located in data centres in Canada.<br><strong>For Employment Operating System Customers:<\/strong> HR related Personal Data within our platform is located in data centres in Australia and Canada. Payroll related Personal Data within our platform is primarily located in data centres in Canada.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a6c0c4834b7a1b8a0f894e838478d477\" style=\"padding-top:var(--wp--preset--spacing--8)\"><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.2\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.2 Sub-Processors<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-ee0e261104f9eb5bcaa57118675ee785\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.2.1&nbsp;<strong>Appointment of Sub-Processors:&nbsp;<\/strong>You agree that we may transfer Customer Personal Data or give access to Customer Personal Data to Sub-Processors for the purposes of providing the Services or other purposes identified in Schedule 1 of this DPA, provided that we comply with our requirements under this section of the DPA. We will remain responsible for our Sub-Processor\u2019s compliance with the obligations of this DPA. We will make sure that any Sub-Processors, to whom we transfer Customer Personal Data, enter into written agreements with us requiring them to agree to terms no less protective, in any material respect, than this DPA.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d94bcb7bd8c3d93df788baf9fba69c02\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.2.2&nbsp;<strong>List of current Sub-Processors and notice of updates to the list:&nbsp;<\/strong>A current list of Sub-Processors is available&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/privacy-policy\/data-processing\/subprocessors\/\">here<\/a>&nbsp;and is deemed to be pre-approved by you. We can at any time and without justification either appoint a new Sub-Processor, or remove or change an existing Sub-Processor. If you subscribe for updates in regard to the Sub-Processor list by emailing&nbsp;<a href=\"mailto:privacy@employmenthero.com\">privacy@employmenthero.com<\/a>, you will be given prior written notice of additions to the Sub-Processor list by email, or via the 91爆料 Platform and the 91爆料 Work app. We recommend that you occasionally check our website, platforms, or apps for communications concerning updates to the Sub-Processor list.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-98fe8b826efebb76347bc0cbf0dfb567\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.2.3&nbsp;<strong>Objections to Sub-Processors:<\/strong>&nbsp;If you do not legitimately object to changes to the Sub-Processor list within 30 days\u2019 of being notified of a new Sub-Processor, the Sub-Processor list update is considered to be approved by you. Legitimate objections to the Sub-Processor list update must contain reasonable and documented data protection grounds relating to a Sub-Processor\u2019s non-compliance with applicable Data Protection Law. In the event that you reasonably object to a new Sub-Processor, we will use reasonable efforts to make available to you a change in the Services or recommend a commercially reasonable change to your use of the Services. This will be done to avoid processing of Personal Data by the new Sub-Processor to whom you object without unreasonably burdening you. If we are unable to make these types of changes available to you within within a reasonable period of time, which will not exceed 60 days, you may, subject to the terms of the Agreement, terminate the applicable Services, which cannot be provided by us without the use of the objected-to new Sub-Processor with written notice to us.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-1841662f8d57d15e96009c0a088ab3c8\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.2.4&nbsp;<strong>Access to our agreements with Sub-Processors:&nbsp;<\/strong>We may, at our discretion, provide you with a copy of our agreements with Sub-Processors (subject to redaction of any confidential information and this being reasonable for us to do). These copies may be provided by us in a manner to be determined by us, only upon the written request by you via email to&nbsp;<a href=\"mailto:privacy@employmenthero.com\">privacy@employmenthero.com<\/a>, and at your sole expense.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.3\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.3 International transfer mechanisms<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-9c297ab3f4ebdac6d4dcfa6ec12b66c3\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.3.1 If you are a EU or UK Customer, you acknowledge that, in relation to providing the Services, Customer Personal Data may be transferred to, or accessed from Australia or another Relevant Country. Where such transfer occurs, the Standard Contractual Clauses will apply and be incorporated as part of this DPA, with application of&nbsp;the UK Addendum for UK Customers.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-85365e1e4cc67a20bc2890a28714b9c8\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.3.2 We will not, and will make sure that none of our Affiliates or contractors, transfer, access or use EU or UK Personal Data in a Relevant Country other than in compliance with the terms of this DPA and the Standard Contractual Clauses (and as amended by the UK Addendum, where applicable). You agree to authorise the international transfers in application of Schedule 3, and the parties agree to comply with the obligations set out in the Standard Contractual Clauses as though they were set out in full in this DPA, with you as the \u2018data exporter\u2019 and us as the \u2018data importer\u2019, with the parties signature and dating of the Agreement being deemed to be the signature and dating of the Standard Contractual Clauses and with the Annexes and\/or Appendices to the Standard Contractual Clauses being as set out in Schedule 3 to this DPA.<\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes has-sm-font-size\" style=\"padding-top:var(--wp--preset--spacing--8);line-height:1.4\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\">International Data Transfers Out Of The EEA, UK And\/Or Switzerland<\/th><th class=\"has-text-align-left\" data-align=\"left\">Obligations<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Customer (as Controller) to 91爆料 Affiliate&nbsp;<\/strong>(EEA, and\/or Switzerland to Relevant Countries)<\/td><td class=\"has-text-align-left\" data-align=\"left\">If we (acting as a Processor) are based outside of the EEA, United Kingdom and\/or Switzerland, and transfer of Customer Personal Data is made by you out of the EEA, United Kingdom and\/or Switzerland to our Affiliates located in Relevant Countries, this transfer will be governed by Module Two (Controller-to-Processor) of the Standard Contractual Clauses, if you act as a Controller.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Customer (as Processor) to 91爆料 Affiliate<\/strong>&nbsp;(EEA, and\/or Switzerland to Relevant Countries)<\/td><td class=\"has-text-align-left\" data-align=\"left\">If we (acting as a Processor) are based outside of the EEA, United Kingdom and\/or Switzerland, and transfer of Customer Personal Data is made by you out of the EEA, United Kingdom and\/or Switzerland to our Affiliates located in Relevant Countries, this transfer will be governed by Module Three (Processor-to-Processor) of the Standard Contractual Clauses, if you act as a Processor.&nbsp;<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Customer to 91爆料 Affiliate&nbsp;<\/strong>(United Kingdom to Relevant Countries)<\/td><td class=\"has-text-align-left\" data-align=\"left\">Transfers of Customer Personal Data out of the United Kingdom to our Affiliates (acting as sub-processors) located in Relevant Countries, will be governed by the applicable Module of the Standard Contractual Clauses as described in the two columns above (amended by the UK Addendum).<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>91爆料 to 91爆料 Affiliate&nbsp;<\/strong>(United Kingdom to Relevant Countries)<\/td><td class=\"has-text-align-left\" data-align=\"left\">If we (acting as a Processor) are based within the United Kingdom, transfers of Customer Personal Data out of the United Kingdom to our Affiliates (acting as sub-processors) located in Relevant Countries, will be governed by Module Three (Processor-to-Processor) of the Standard Contractual Clauses as amended by the UK Addendum.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>91爆料 to 91爆料 Affiliate&nbsp;<\/strong>(EEA and\/or Switzerland to Relevant Countries)<\/td><td class=\"has-text-align-left\" data-align=\"left\">If we (acting as a Processor) are based within the EEA, and\/or Switzerland, transfers of Customer Personal Data out of the EEA, and\/or Switzerland to our Affiliates (acting as sub-processors) located in Relevant Countries, will be governed by Module Three (Processor-to-Processor) of the Standard Contractual Clauses.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>91爆料 to Sub-Processor&nbsp;<\/strong><\/td><td class=\"has-text-align-left\" data-align=\"left\">Transfers of Customer Personal Data out of the EEA, United Kingdom and\/or Switzerland to our third-party Sub-Processors will be governed by data processing agreements, incorporating the Standard Contractual Clauses (as amended by the UK Addendum where applicable), that have been executed by us at a global level with the third-party Sub-Processors.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-e9b4a83d9f365229331c34f4d5ca8e4f\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.3.3 For the purposes of the EU Standard Contractual Clauses, the following will apply:<\/p>\n\n\n\n<ol style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4;list-style-type:lower-alpha\" class=\"wp-block-list\">\n<li>Clause 9 OPTION 2: where applicable, general written authorisation will be required for the engagement of new Sub-Processors, subject to clause 2.2 of this DPA;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">Clause 17 (Governing law): the clauses will be governed by the laws of the Republic of Ireland; and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">Clause 18 (Choice of forum and jurisdiction) the courts of the Republic of Ireland will have jurisdiction<\/li>\n<\/ol>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-792836018ea857112bdf8e513f0a2fdb\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.3.4 In the event that you give us consent to transfer Personal Data to a Relevant Country but a relevant European Commission decision or other valid adequacy method under applicable Data Protection Legislation, on which you have relied on in authorising the data transfer, is held to be invalid, or that any supervisory authority requires transfers of Personal Data made pursuant to such decision to be suspended, then the parties agree to discuss in good faith and facilitate use of an alternative transfer mechanism.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-517c0efde31624d02f41f4101ef33b12\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.3.5 For transfer of Customer Personal Data out of countries other than the EEA, United Kingdom and\/or Switzerland, we will meet its obligations under Applicable Laws when carrying out these transfers.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.4\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.4 Data Breach<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-79064b6637851737e94961cf67665925\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.4.1 We will notify you in writing (including via email), without undue delay, if we become aware of a Data Breach that impacts you and requires notice to you under Applicable Law. We will take steps, within a reasonable timescale, to remedy the Data Breach and provide further information to you as may be reasonably required.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4e581f724ce066e1d5daf5184f394461\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.4.2 We will make reasonable efforts to identify the cause of any Data Breach and take steps as we deem necessary and reasonable to remediate the cause of the Data Breach to the extent the remediation is within our reasonable control.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-10a6dbd18f6a8c78f0e054117f79d8af\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.4.3 Our assistance under this clause which exceeds any obligations set out by Applicable Law will be chargeable, as incurred, at our current rates unless you demonstrate that that type of assistance is required because of a failure by us to comply with our obligations under this DPA.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-8ea263dc3c52a8aeffcc4de9932bc9fb\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.4.4 The obligations under this clause will not apply to Data Breach that are caused by you or your personnel.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.5\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.5 Audits and inspections<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-409c9ad8e8752f0b02fb342805243ccb\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.5.1 To the extent required by Applicable Law, and upon written request from you within reasonable intervals between each request and at your cost and expense, we will, audit the security of our processes and computing environment that we use in handling Customer Personal Data. This audit will be performed no more than once annually and it may be performed by independent third-party security professionals as chosen by us (in which case such choice is made at our expense). In the event that we have recently acted in respecting such rights for another customer, or undergone any type of audit that would provide the relevant information needed by you, we will provide you with a summary of those recent audit results.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-bf0e629eea8b912e7d93f13df20a5539\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.5.2 We will respond, no more frequently than annually, to any reasonable security questionnaire provided by you which seeks to assist your assessment of our compliance with the security obligations under this DPA and which may be applicable to the Services. The responses to these questionnaires and any supporting evidence provided by us will be considered confidential information.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-44e03ad8e2c6529384ae69c8aa7b9820\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.5.3. If you want to change this instruction regarding exercising the audit rights or the provision of information to demonstrate compliance with Article 28 of the GDPR, then you have the right to change this instruction to the extent required to ensure compliance, which must be requested in writing via email to&nbsp;<a href=\"mailto:privacy@employmenthero.com\">privacy@employmenthero.com<\/a>, in which case we will have no obligation to provide commercially confidential information.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.6\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.6 Return or deletion of Personal Data<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a9f8bf635804393fc8f4f90b797122a4\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.6.1 At the end of the Services, at your written request, we must securely destroy, or return Customer Personal Data to you, and delete existing copies unless Applicable Law requires storage of such Customer Personal Data.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-86c2f17076edd855b6def49a18555f28\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.6.2 We may provide written a certification of deletion regarding deletion of your Customer Personal Data if you request it in writing via email to&nbsp;<a href=\"mailto:privacy@employmenthero.com\">privacy@employmenthero.com<\/a>, and only provided that you have a right to receive a certification of deletion under Applicable Law.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.7\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.7 Limitation on liability<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-798060a5f3eb9ea8f10cf1eff8b527fb\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.7.1 The parties acknowledge and agree that our total cumulative liability, together with our Affiliates, arising out of or in relation to this DPA is subject to the liability sections of the Agreement (namely the applicable sections of the 91爆料 Platform Terms and Conditions and\/or any other specified terms and conditions of an Agreement entered into between you and us).<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-52a6a25ba82467f1b0c865966c8bd859\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.7.2 Our and our Affiliates\u2019 total liability for all claims from you and all of your affiliates arising out of or in relation to the Agreement and the DPA, will apply in the aggregate for all claims under both the Agreement and all DPAs established under the Agreement, including by you and your Affiliates, and will not be understood to apply individually and severally to you and\/or to any of your affiliates that is a contractual party to any such DPA.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2.8\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>2.8 Other general terms<\/strong><div><span style=\"border: 0px solid rgb(164, 170, 175); letter-spacing: -0.0125rem; line-height: 1.625rem;\"><\/span><\/div><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d7c0a067b259e1e7a6cb3a92b5de4e00\" style=\"padding-top:var(--wp--preset--spacing--8)\">2.8.1&nbsp;<strong>Conflict:&nbsp;<\/strong>In the event of any conflict or inconsistency between the body of this DPA and any of its Schedules (not including the specifications of the Standard Contractual Clauses), and the Standard Contractual Clauses specified in Schedule 3, the Standard Contractual Clauses will prevail (unless this would result in the invalidity of this DPA under Data Protection Laws (in which case the relevant term(s) of this DPA will prevail).<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-98cb2e84a87926d217f01f14ce9431c8\" style=\"padding-top:var(--wp--preset--spacing--4)\">2.8.2<strong>&nbsp;Changes to this DPA:&nbsp;<\/strong>We reserve the right to make any updates or changes to this DPA to reflect changes in our Services, information practices, operational requirements, or changes to laws and regulations. You should periodically review this DPA to see any amendments that have been made. If we make any significant changes to this DPA, we may provide notice to you via email or by other means of communication like in-platform or in-app notifications.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--10)\">\n<h2 class=\"wp-block-heading\" id=\"Schedule-1\"><strong>Schedule 1 \u2013&nbsp;Data Processing Information<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S1.1\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Nature and purpose of processing operations<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f31ddfe99d9442f6d4744d8d1e987a8d\" style=\"padding-top:var(--wp--preset--spacing--8)\">The nature of processing is the collection, recording, organisation, storage, adaptation, use, disclosure, or transfer of Customer Personal Data.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f1181f284930f8b014368540ad8d2f66\" style=\"padding-top:var(--wp--preset--spacing--4)\">The Customer Personal Data will be processed for the purpose of providing, and further improving the Services provided by us. This primarily includes the provision of:<\/p>\n\n\n\n<ul style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list\">\n<li>91爆料 HR and Payroll products and services including features made available through the EH Platform like AI Services identified in our AI Services Statement;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">Managed Payroll services;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">Applicant Tracking System; and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">HeroForce EoR (if we act as a Processor)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S1.2\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Categories of data subject<\/strong><\/h3>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--8)\">You (the Customers), Users including employees, contractors, applicants and other persons authorised to use the Services by a Customer of the Services provided by us and our Affiliates.<\/p>\n\n\n\n<p style=\"padding-right:0;padding-left:0\"><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S1.3\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong>Categories of data<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-8dc61b7572ec709f6ecdaa4fb9cbdf73\" style=\"padding-top:var(--wp--preset--spacing--8);padding-bottom:var(--wp--preset--spacing--8)\">This data primarily includes data relevant for processing carried out in the provision of the Services including:<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-white-color has-black-background-color has-text-color has-background has-link-color wp-elements-47d6be9ebcc504e5c11f78827ba12c2f\" id=\"S1.3.1\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Categories of Personal Data<\/strong><\/h4>\n\n\n\n<ul style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list has-neutral-100-background-color has-background has-sm-font-size\">\n<li><strong>Business account information<\/strong>&nbsp;including business name and details, logos and information relating to representatives of the business;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Individual account information<\/strong>&nbsp;including name, date of birth, age, gender, sex, marital status, profile photo;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Contact information<\/strong>&nbsp;including residential and\/or postal address, email address, telephone number, and social media handles;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Payroll information<\/strong>&nbsp;including information relating to payroll processing, salary and other compensation, timesheets and bank account information;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>General business information<\/strong>&nbsp;including information relating to employees\u2019 and the businesses goals, accomplishments, training and development, awards and performance, feedback and reviews, onboarding and offboarding details, and implementation process information;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Employment related information<\/strong>&nbsp;including occupation or job title, information relating to current and former employers, key dates relating to the current role and\/or past roles, superannuation information, salary and\/or pension details including documents such as payslips and payment summaries, timesheets, submitted form data (e.g. leave requests), interaction data with platform modules, behavioural insights, performance reviews and workplace engagement information, workplace issues and incident information citizenship and visa status for work eligibility purposes, emergency contact information, and tax information;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Recruitment related information<\/strong>&nbsp;including job vacancy details, profile photo, company details relevant to the job posting such as work location and contact emails, and the name and contact details of any personnel involved in the recruitment process; and<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Job application related information<\/strong>&nbsp;including name, contact email, job seeker profiles, CV, cover letter, profile photo, work preferences, salary expectations, education history, work history, qualifications, languages, and references.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading has-white-color has-black-background-color has-text-color has-background has-link-color wp-elements-5dc03faf1187acf9249ddde408f28b25\" id=\"S1.3.2\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Special Categories of Personal Data<\/strong><\/h4>\n\n\n\n<ul style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\" class=\"wp-block-list has-neutral-100-background-color has-background has-sm-font-size\">\n<li>You or users of the Services may submit Special Category Personal Data to the platform or app at their discretion, or we may collect such data with prior consent for the purpose of providing its Services to you or relevant end-users.&nbsp;<\/li>\n\n\n\n<li style=\"padding-top:var(--wp--preset--spacing--4)\">This data primarily includes:\n<ul class=\"wp-block-list\">\n<li class=\"has-sm-font-size\" style=\"padding-top:var(--wp--preset--spacing--4);line-height:1.4\">sensitive information provided in compliance documentation stored on the Services by you or end-users;<\/li>\n\n\n\n<li class=\"has-sm-font-size\" style=\"padding-top:var(--wp--preset--spacing--2);line-height:1.4\">ID documents and information provided within such documents that may include details about ethnicity or race, religious beliefs;<\/li>\n\n\n\n<li class=\"has-sm-font-size\" style=\"padding-top:var(--wp--preset--spacing--2);line-height:1.4\">health information such as disability information, health status relevant to administration of long-term disability or other medical benefit programs, vaccination history, medical reports, return or work\/adjustment reports and workplace injury reports; and<\/li>\n\n\n\n<li class=\"has-sm-font-size\" style=\"padding-top:var(--wp--preset--spacing--2);line-height:1.4\">work eligibility information such as immigration status, visa status and details, and criminal history and background.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S1.4\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Duration of Processing<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-cbb702aac7dc31a43800d8e30440bfb4\" style=\"padding-top:var(--wp--preset--spacing--8)\">We will process Customer Personal Data for the duration of the Agreement (or longer to the extent permitted by Applicable Law).<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--10)\">\n<h2 class=\"wp-block-heading\" id=\"Schedule-2\"><strong>Schedule 2 \u2013&nbsp;Technical and Organisational Measures<\/strong><\/h2>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-81d223fba47b4bbf475e4917c1665405\" style=\"padding-top:var(--wp--preset--spacing--8)\">The Technical and Organisational Measures are detailed in our\u00a0<a href=\"https:\/\/security.employmenthero.com\/?_gl=1*f9f0wz*_ga*NzM4NDg0NTkwLjE2OTE3MjkyODY.*_ga_FL9S0RVS1E*MTY5MjA4NDIwMi4zMS4wLjE2OTIwODQyMDIuMC4wLjA.\">Security Portal<\/a>.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\" style=\"padding-top:var(--wp--preset--spacing--10)\">\n<h2 class=\"wp-block-heading\" id=\"Schedule-3\"><strong>Schedule 3 \u2013&nbsp;Annexes to the EU SCCs and Appendices to the UK SCCs<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S3.1\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Annex I\/ Appendix 1:<\/strong><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"S3.1.A\" style=\"padding-top:var(--wp--preset--spacing--5)\"><strong>A: List of parties<\/strong><\/h4>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-7f2a14be3e709dc468ce45d8a6c98ebe\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong><span style=\"text-decoration: underline;\">Data exporter:<\/span><\/strong><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-118302479b07c4efcdcd4666fcb057a0\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Name:<\/strong>&nbsp;Customer<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a3b3327ca1f85fa0a4c59fb99245a001\" style=\"padding-top:var(--wp--preset--spacing--4)\">Activities relevant to the data transferred under these Clauses: Provision of the Services, all data processing categorised as \u2018C2P\u2019 where the Controller is located inside, and the Processor is located outside the EU\/EEA or the UK.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-ff127ae2b7fb940bcf5ceb0ad7985582\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Role (controller\/processor):<\/strong>&nbsp;controller<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-b8c40deecde35a82006eb3a3416f26d2\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong><span style=\"text-decoration: underline;\">Data importer:<\/span><\/strong><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-5e63313019d80e269748b0c81b039fbc\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Name:<\/strong>&nbsp;91爆料<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4e1b2fd0895d6d8dbc8de531024fd646\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Address:<\/strong>&nbsp;Set forth in the applicable Customer Services Agreement<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a6d4b810dc911ed44857cd472fbd7a83\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Contact email:<\/strong>&nbsp;<a href=\"mailto:privacy@employmenthero.com\">privacy@employmenthero.com<\/a><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-330ebc04961a96f671e0cc5728152b97\" style=\"padding-top:var(--wp--preset--spacing--4)\">Activities relevant to the data transferred under these clauses: Provision of the Services and all data processing categorised as \u2018C2P\u2019, where the Controller is located inside, and the Processor is located outside the EU\/EEA or the UK.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-1bbbbcd61709d9ca1a745f1826d573bc\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Role (controller\/processor):<\/strong>&nbsp;processor<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"S3.1.B\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>B: Description of transfers<\/strong><\/h4>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-6804ab762034c534783ed8168359de01\" style=\"padding-top:var(--wp--preset--spacing--8)\"><span style=\"text-decoration: underline;\">MODULE TWO: CONTROLLER TO PROCESSOR<\/span><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-895301e562bdf4d9214097ebde4343df\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Nature of Processing:&nbsp;<\/strong>See Schedule 1 above..<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Purpose of Processing:&nbsp;<\/strong>See Schedule 1 above.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Categories of Data Subjects:&nbsp;<\/strong>See Schedule 1 above.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Categories of Personal data Transferred:&nbsp;<\/strong>See Schedule 1 above.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Sensitive data transferred (if applicable):&nbsp;<\/strong>See Schedule 1 above.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>Frequency of transfer:&nbsp;<\/strong>Continuous.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period (EU standard contractual clauses only):<\/strong>&nbsp;in accordance with relevant data retention\/deletion obligations.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-b8cbb97dcf650cf25eea3378347bfe69\" style=\"padding-top:var(--wp--preset--spacing--4)\"><strong>For transfers to sub- processors, the subject matter, nature and duration of the processing (EU standard contractual clauses only):&nbsp;<\/strong>As set out in Schedule 1.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"S3.1.C\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>C: Competent supervisory authority<\/strong><\/h4>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-ca237b1b946336d21446e9f56a9e2818\" style=\"padding-top:var(--wp--preset--spacing--8)\">Irish Data Protection Commission<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-4681212b84beeed2123ddb8637b6108d\" style=\"padding-top:var(--wp--preset--spacing--4)\">21 Fitzwilliam Square<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\">South Dublin 2<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\">Republic of Ireland<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\">D02 RD28<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-7d6b0380a4bda5cd126ffa10fce368fc\" style=\"padding-top:var(--wp--preset--spacing--4)\"><a href=\"mailto:dpo@dataprotection.ie\">dpo@dataprotection.ie<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S3.2\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Annex II\/ Appendix 2: Technical and organisational measures<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-b569007314bcde4e7bd3a72897195d71\" style=\"padding-top:var(--wp--preset--spacing--8)\">Data importer has implemented and will maintain appropriate technical and organisational measures to protect Customer Personal Data (as defined in the DPA) against the unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, Personal Data. The measures described in Schedule 2 of the DPA are hereby incorporated into this Appendix 2 by this reference and are binding on the data importer as if they were set forth in this Appendix 2 in their entirety.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"S3.3\" style=\"padding-top:var(--wp--preset--spacing--10)\"><strong>Annex III of the EU Standard Contractual Clauses<\/strong><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-42fdb46e052daf4cc49fad643ee47696\" style=\"padding-top:var(--wp--preset--spacing--8)\"><strong><span style=\"text-decoration: underline;\">List of Sub-Processors<\/span><\/strong><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-60bcfced4e6356ace61a2c2eb44b969e\" style=\"padding-top:var(--wp--preset--spacing--4)\">You can find a list of all 91爆料 Sub-Processors&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/privacy-policy\/data-processing\/subprocessors\/\">here<\/a>.<\/p>\n\n\n\n<p style=\"padding-top:var(--wp--preset--spacing--4)\"><strong><span style=\"text-decoration: underline;\">List of 91爆料 Affiliates<\/span><\/strong><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-7c177f5e562b3e062c88ac0c91fa649b\" style=\"padding-top:var(--wp--preset--spacing--4)\">You can find a list of all 91爆料 Affiliates&nbsp;<a href=\"https:\/\/employmenthero.com\/legals\/privacy-policy\/data-processing\/affiliates\/\">here<\/a>.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Data Processing Addendum These are our data processing terms that apply between 91爆料 and the Customer Contents Overview Background Schedule 2 \u2013&nbsp;Technical and Organisational Measures Overview This Data Processing Addendum explains our data processing activities carried out as a Data Processor on behalf of our Customers. Previous versions of this document can be found&nbsp;here. [&hellip;]<\/p>\n","protected":false},"featured_media":0,"parent":26028,"menu_order":0,"template":"","class_list":["post-25032","legals","type-legals","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/employmenthero.com\/sg\/wp-json\/wp\/v2\/legals\/25032","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/employmenthero.com\/sg\/wp-json\/wp\/v2\/legals"}],"about":[{"href":"https:\/\/employmenthero.com\/sg\/wp-json\/wp\/v2\/types\/legals"}],"up":[{"embeddable":true,"href":"https:\/\/employmenthero.com\/sg\/wp-json\/wp\/v2\/legals\/26028"}],"wp:attachment":[{"href":"https:\/\/employmenthero.com\/sg\/wp-json\/wp\/v2\/media?parent=25032"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}