This data processing addendum (“addendum”) completes the end-user license agreement found on cloudcheckr.com/end-user-license-agreement, as has been updated from time to time between the customer and CloudCheckr, or another written or electronic agreement between the customer and CloudCheckr that regulates the use of services by the customer (the “agreement”) between CloudCheckr Inc. and its affiliates (CloudCheckr) and the organization (customer) you represent. This addendum applies when CloudCheckr processes the customer`s personal data as part of the provision of services to the customer. Terms that are not defined differently have the meaning given to them in the agreement. Unless further amended, the terms of the agreement remain fully applicable and effective. Customers also have the option to sign up for an enterprise contract with AWS. Enterprise agreements offer customers the opportunity to adapt agreements that best meet their needs. For more information on enterprise agreements, please contact your sales agent. AWS allows customers to purchase all their services under consistent and predictable models. Companies can work with one or more accounts to give departments, associated companies and departments the necessary level of control. AWS offers businesses several opportunities to use services based on your business needs. Traditional on-demand instances allow you to pay for capacity on time without long-term obligations or prepayment. This model offers the greatest flexibility and is ideal for new initiatives that do not require basic resources.
Reserved instances are ideal for fixed-use or predictable applications and can offer up to 75% off on-demand prices. If the customer or, if applicable, the relevant end user reasonably believes that CloudCheckr must process the customer`s personal data taking into account the nature, scope, context and purposes of cloudCheckr processing, the customer or the competent end user may pose a high risk to the rights and freedoms of individuals, and CloudCheckr will provide CloudCheckr, in the event of an appropriate notification to CloudCheckr, with appropriate assistance for 10 business days to the customer or the affected end-user during CloudCheckr`s normal opening hours, with any privacy impact analysis and prior consultation with supervisory authorities or other relevant data protection authorities, at least only with respect to the processing of personal data. CloudCheckr takes appropriate steps to: ensure the reliability of a CloudCheckr employee, agent or contractor who may have access to the customer`s personal data and, in any event, ensure that access is strictly accessible to persons with staff restrictions who know and/or must access the Relevant Personal Data of the Client, to the extent strictly necessary for the purposes of the agreement, and to comply with the laws in force under that person`s obligations, to ensure that such data is confidential. Appendix A ANNEXE 2 TO THE CONVENTIONCLAUSES NORME Description of the technical and organizational security measures implemented by the data importer in accordance with points 4(d) and 5 (c) (or documents/ancillary regulations): CloudCheckr`s technical and organizational security measures are the measures described in CloudCheckr`s confidential SOC 2 report and made available to the customer by CloudCheckr on request.