The parties agree that:
For the avoidance of doubt in relation to the foregoing, the Supplier shall exercise such rights of access and use of the Customer Data in reliance on the warranties given by the Customer in terms set out in Your Data section.
The Customer warrants and undertakes to the Supplier that:
The Supplier shall use commercially reasonable endeavours to follow its archiving procedures for Customer Data and in the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure referred to above. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party
The Supplier shall, in providing the Applications, comply with its policy relating to the privacy and security of the Customer Data (if any).
For the purposes of the Supplier’s provision of any of the Applications to the Customer, in the event that the Supplier processes any personal data on the Customer's behalf when performing its obligations under this agreement, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case:
Customer acknowledges and agrees that the personal data may be transferred or stored outside the EEA or the country where the Customer is located in order to:
Customer shall ensure that the Customer is entitled to transfer the relevant personal data to the Supplier so that the Supplier may lawfully use, process and transfer the personal data in accordance with this agreement on the Customer's behalf (or otherwise);
Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation; and
each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage.