1.1 “Affiliate(s)” means any entity which directly or indirectly controls, is controlled by, or is under common control with, the subject entity.
1.2 “California Personal Information” means Personal Data that is subject to the protection of, and as defined under, the CPRA.
1.3 “Consumer”, “Business”, “Sell”, “Service Provider” and “Share” will have the meanings given to them in the CPRA.
1.4 “Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
1.5 “CPRA” means California Civil Code Sec. 1798.100 et seq. (also known as the California Privacy Rights Act of 2020), as may be amended, repealed, consolidated, or replaced from time to time.
1.6 “Data Protection Laws” means all applicable worldwide legislation relating to data protection and privacy which applies to the respective party as they relate to Processing Personal Data under the Agreement, including without limitation European Data Protection Laws, the CPRA and the data protection and privacy laws of Canada, China, Australia and Singapore; in each case as amended, repealed, consolidated, or replaced from time to time.
1.7 “Data Subject” means the identified or identifiable natural person to whom Personal Data relates.
1.8 “DPA Effective Date” means the earlier of the (i) effective date of the Agreement; or (ii) the date (x) when Customer clicks a “Create Contract” check box or similar button that includes a link to these terms on the marketplace of a Cloud Platform if applicable; or (y) last signature date of this DPA.
1.9 “Europe” means the European Union, the European Economic Area and/or their member states, Switzerland, and the United Kingdom.
1.10 “European Data” means Personal Data that is subject to the protection of European Data Protection Laws.
1.11 “European Data Protection Laws” means data protection laws applicable in Europe, including: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; and (iii) applicable national implementations of (i) and (ii); or (iii) the UK GDPR and the Data Protection Act 2018; and (iv) Swiss Federal Data Protection Act on 19 June 1992 and its Ordinance (“Swiss DPA”); in each case, as may be amended, superseded or replaced.
1.12 “Instructions” means the written, documented instructions issued by a Controller to a Processor that direct the same to perform a specific or general action with regard to Personal Data (including, but not limited to, depersonalizing, blocking, deletion, making available).
1.13 “Permitted Affiliates” means any of your Affiliates that (i) are permitted to use the Services pursuant to the Agreement but have not signed their own separate agreement with Teradata and are not a “Customer”, as defined under the Agreement, and that (ii) qualify as a Controller of Personal Data Processed by Teradata.
1.14 “Personal Data” means any information relating to an identified or identifiable individual where such information is contained within Customer Data and is protected similarly as personal data, personal information, or personally identifiable information under applicable Data Protection Laws.
1.15 “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored, or otherwise Processed by us and/or our Sub-Processors in connection with the provision of the Services. “Personal Data Breach” will not include unsuccessful attempts or activities that do not lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.
1.16 “Privacy Shield” means the EU-U.S. and Swiss-US Privacy Shield self-certification program operated by the U.S. Department of Commerce and approved by the European Commission pursuant to its Decision of July 12, 2016 and by the Swiss Federal Council on January 11, 2017, respectively; as may be amended, superseded, or replaced.
1.17 “Privacy Shield Principles” means the Privacy Shield Principles (as supplemented by the Supplemental Principles) contained in Annex II to the European Commission Decision of July 12, 2016; as may be amended, superseded, or replaced.
1.18 “Processing” means any operation or set of operations which is performed on Personal Data, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, or erasure of Personal Data, whether or not by automated means. The terms “Process”, “Processes” and “Processed” will be construed accordingly.
1.19 “Processor” means a natural or legal person, public authority, agency, or other body which Processes Personal Data on behalf of the Controller.
1.20 “Purposes” means (i) Teradata’s provision of the Services as described in the Agreement and this DPA; and (ii) further documented, reasonable Instructions, if any, from Customer agreed upon by the Parties.
1.21 “Service(s)” means any Teradata services or products to the extent that they conduct Processing on behalf of Customer, including any services under any master services agreement or cloud services under any cloud service agreement.
1.22 “Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Decision (EU) 2021/914 of 4 June 2021 Module Two: Transfer Controller to Processor (C2P), found at ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en, as may be amended, superseded, or replaced.
1.23 “Sub-Processor” means any Processor engaged by us or Teradata Affiliates to assist in fulfilling our obligations with respect to the provision of the Services under the Agreement. Sub-Processors may include third parties or Teradata Affiliates but will exclude any Teradata employee or consultant.
1.24 “UK Clauses” means the UK International Data Transfer Agreement VERSION A1.0, in force 21 March 2022, as may be amended, superseded or replaced.
1.25 “Usage Data” means any data that Teradata may collect and use regarding Customer’s use of Teradata’s Services to extent that such Usage Data is used to develop, improve, support, and operate such Services.