Terms & Conditions
© CQ-Roll Call, Inc.All rights reserved.
All material appearing on this site is copyrighted. All rights reserved. CQ Roll Call, Inc., does not convey any license, right, title or interest in any information — including information provided to CQ Roll Call from third parties — transmitted via any CQ Roll Call publication or electronic transmission unless previously specified in writing. No part of any CQ-Roll Call publication or transmission may be republished, reproduced, transmitted, downloaded or distributed by any means, whether electronic or mechanical, without prior written permission of CQ-Roll Call, Inc. Unauthorized reproduction or transmission of CQ-Roll Call copyrighted material is a violation of federal law carrying civil fines of up to $100,000 and serious criminal sanctions or imprisonment.
Advertising Terms & Conditions Appendix
GDPR Data Protection
- The parties acknowledge that each will be an independent Data Controller or a Data Processor in order to fulfil their obligations from time to time under the Agreement. Each of the parties warrant and undertake that they will comply with the requirements of applicable data protection laws and regulations from time to time including the Data Protection Act 1998 of the United Kingdom, Regulation (EU) 2016/679 (the General Data Protection Regulation 2016 or “GDPR”)) and similar regulations in other jurisdictions and that the parties will acquire all third party rights and consents necessary to fulfil its responsibilities under this Agreement (as applicable). Any references herein to Data Controller or Data Processor will have the same meaning as is defined in the GDPR, and such references will apply to each party as the specific circumstances require.
- Further, should the Data Processor receive and/or process Personal Data (as defined below) as part of the services, the Data Controller acknowledges and agrees that such Personal Data of EU citizens may be accessed or sent outside of the European Economic Area in accordance with data processing and security standards.
- The Data Processor acknowledges that any customer or other personal or personally identifiable information received by it from or collected or developed by it for or on behalf of Data Controller or any part of it (“Personal Data”) will constitute confidential and proprietary information of Data Controller and that its use and security is governed by law. Without prejudice to the generality of paragraphs 1 and 2 above, the Data Processor will therefore treat the Personal Data accordingly and without limitation agrees and warrants that:
- it will keep Personal Data confidential and only process the Personal Data in accordance with and for the purposes set out in, instructions received from time to time from Data Controller persons acting on Data Controller’s behalf or Data Controller’s employees for the purpose of processing Personal Data under the Agreement;
- it has and will at all times during the term of this agreement have, appropriate technical and organizational measures in place to protect any Personal Data against unauthorised or unlawful processing and against accidental loss, destruction or damage. The Data Processor further agrees and warrants that it will have taken all reasonable steps to ensure: (i) the reliability of any of the Data Processor ’s staff who will have access to Personal Data and (ii) that Personal Data will only be available to such staff members who need to have access to it and have been trained to a suitable standard for compliance with applicable laws;
- it will allow Data Controller or its representative access to any relevant premises owned or controlled by the Data Processor on reasonable notice to inspect its procedures, including as described at (ii) above;
- it will consider all reasonable suggestions which Data Controller may put to the Data Processor to ensure that the level of protection the Data Processor provides for Personal Data is in accordance with these terms and the GDPR;
- it will ensure that the Data Processor and any third parties it uses in accordance with the Agreement have appropriate privacy notices, consents and mechanics to deal with data subject’s rights and to process Personal Data in order to perform the services under the Agreement, in each case in accordance with the GDPR and all applicable laws;
- it will deal promptly and properly with all enquiries from Data Controller relating to its processing or use of the Personal Data;
- it will notify Data Controller forthwith if a legally binding request for disclosure of the Personal Data is made, or if the subject of any Personal Data (“Data Subject”) makes a request for disclosure of the Personal Data or exercises any of a Data Subject’s other rights under the GDPR in respect of his/her Personal Data; Data Processor will not respond to any such Data Subject request without the prior written consent of Data Controller;
- it will, in any of the circumstances in (vii) above co-operate and provide assistance and information as reasonably requested by Data Controller to enable Data Controller to comply with all its obligations under the GDPR;
- if it sub-contracts to any third party any of its obligations to process Personal Data on behalf of Data Controller, it will only do so after the Data Processor has confirmed who the subcontractor is and Data Controller has had the opportunity (whether or not it exercises that opportunity) to assess-subcontractors technical and organizational measures against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data; and
- on termination of the Agreement or at the earlier request of Data Controller, the Data Processor will return all the Personal Data and copies thereof, whether or not in machine readable form, to Data Controller and/or destroy such Personal Data and certify Data Controller that it has done so, unless legislation imposed on the Data Processor prevents it from doing so. In that case, the Data Processor warrants that it: (i) will maintain the confidentiality of the Personal Data and will not process or use it any more except as instructed by Data Controller, and (ii) will destroy the Personal Data within a reasonable time period after such legislation ceases to prevent such action.