3. In these Data Sharing Terms the following words and phrases shall have the following meanings, unless inconsistent with the context or as otherwise specified:
"Data Protection Legislation" means all laws, rules, regulations, directives and governmental requirements relating in any way to the privacy, confidentiality, security, integrity and protection of Personal Data in force from time to time in those parts of the world in which the parties operate and/or Process Personal Data (either directly or through a third party);
"Data Controller", "Personal Data" and "Process/Processing" shall be interpreted in accordance with applicable Data Protection Legislation; and
"Individual Data" means any and all Personal Data relating to the data subjects as provided by Tracsim, whether on or through the Site or otherwise, including non-Personal Data that may, in combination with any other data made available on the Site, amount to Personal Data.
“parties” means you and Tracsim and “party” means either you or Tracsim, as the context so requires.
“SCC” means the European Commission’s standard contractual clauses for the transfer of Personal Data from the European Union to processors established in third countries (Data Controller-to-Processor transfers), as set out in the Annex to Commission Decision 2010/87/EU.
4. Tracsim shall retain ownership of Individual Data shared with you regardless of the right to access and use granted to you and you shall not use Individual Data without Tracsim’s express written permission or in a manner inconsistent with any such permission granted to you. Further, when using Personal Data and/or Tracsim Data, you shall clearly attribute the source of such Personal Data and/or Tracsim Data in a manner approved by Tracsim.
6. You shall undertake to procure all necessary consents from the relevant data subjects and Tracsim for use of Individual Data by you for purposes beyond the current Permitted Use. If you wish to confirm whether a proposed use is a Permitted Use or wish to obtain additional consents, you may contact us and inquire accordingly.
7. You acknowledge that the Individual Data has been collected in a lawful manner in accordance with applicable Data Protection Legislation, Tracsim’s Privacy Statement (https://www.refoods.com/privacy-policy) and any personal information collection notice provided to data subjects, a copy of which shall be provided to you upon request.
9. Each party acknowledges, as independent Data Controllers, that they may respectively use third party Processors to process Personal Data in connection with the Permitted Use. In doing so, you shall comply with Tracsim’s Privacy Statement (https://www.refoods.com/privacy-policy) and will ensure that any third party Processors, authorised by you to process any Individual Data are subject to appropriate confidentiality obligations, will comply with their obligations as Processors under applicable Data Protection Legislation and will promptly notify you (who shall promptly notify Tracsim) in the event of a data breach.
10. Each party shall promptly provide the other party such reasonable cooperation, information and assistance as required from time to time to enable such other party to comply with its obligations under applicable Data Protection Legislation.
11. The parties shall not knowingly perform their obligations under these Data Sharing Terms in such a way as to cause the other party to breach any of its obligations under applicable Data Protection Legislation.
12. Each party shall at all times have in place appropriate technical and organisational security measures so that Individual Data is protected against unauthorised or unlawful processing and against accidental loss, destruction or damage.
13. If any party is provided with anonymised Individual Data, that party will not attempt to reverse-engineer, recreate, combine with any other dataset, or otherwise reidentify any data subject from the anonymized Individual Data.
14. Where you are established in the United Kingdom or the European Union or are otherwise bound by the General Data Protection Regulation 2016/679 (GDPR), you will not (and will not permit your contracted Processors to) transfer or otherwise process Individual Data outside the European Economic Area (EEA) unless it complies with section 9 above, the GDPR and any other applicable Data Protection Legislation.
15. If any Individual Data transfer between Tracsim and you legally requires execution of SCC in order for Tracsim or you to comply with applicable Data Protection Legislation, the parties will complete and execute the SCC and take all other actions required to legitimise the transfer.
16. Each party will be liable to the other party for damages it causes by any breach of these Data Sharing Terms. Liability as between the parties is limited to actual damages suffered. Indirect or consequential losses, loss of profits, loss of reputation and punitive damages are specifically excluded. Each party will be liable to data subjects for damages it causes by any breach of third-party rights under these Data Sharing Terms.
17. Without prejudice to any rights that have accrued under these Data Sharing Terms or any of its rights or remedies, either party may terminate these Data Sharing Terms with immediate effect by giving written notice to the other party if the other party commits a breach of these Data Sharing Terms.
19. No waiver of any breach of any provision of these Data Sharing Terms or performance obligations hereunder shall be effective unless specifically made in writing.