As the ICANN Organization prepares, for the first time ever, to change the cryptographic keys...
UPDATED: 24 May 2018
Affiliate means, with regard to any entity, any other entity that (directly or indirectly) controls, is controlled by, or is under common control with such entity.
Agreement means the Service Level Agreement (if concluded) and/or each Order, including the Nsomnia Policies, the services specification and all other schedules thereto, pursuant to which Nsomnia shall provide the Services to Customer, which Services are indicated on the order form(s) or the order confirmation.
Customer means any natural person acting as a business professional (i.e. not as a consumer) or legal entity entering into an Order with Nsomnia with respect to the provision of Services by Nsomnia.
Confidential Information means all information not publicly known used in or otherwise relating to the Agreement, the business or affairs of a Party or an Affiliate of such Party and disclosed (whether in writing, verbally or by any other means and whether directly or indirectly) by the Disclosing Party to the Receiving Party whether before or after the Order start date.
Data Controller - means the Customer, which, alone or jointly with others, determines the purposes and means of the Processing of personal data.
Data Sub-Processor means Nsomnia processing personal data on behalf of the Data Controller.
Disclosing Party means the Party that discloses Confidential Information to the Receiving Party, as referred to in Clause 3.
Equipment means any equipment, including but not limited to: computer hardware, telecommunications hardware, accessories, attachments, alterations of and spare parts for that equipment.
GDPR means Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Nsomnia in relation to Service(s) and/or Equipment provided to Customer it means Nsonmia Networks LP, a limited partnership, incorporated under the laws of the United Kingdom of Great Britain and Northern Ireland, with its registered seat at Edinburgh, Scotland, United Kingdom.
Order means the agreement that comes into existence in the manner specified in Service Level Agreement.
Parties means Nsomnia and Customer, each a “Party”.
Personal Data means all information pertaining to an identified or identifiable natural person within the meaning of Clause 4 paragraph 1 GDPR.
Processing means any operation or set of operations performed on Personal Data as described in the GDPR.
Receiving Party means the Party that receives – or is granted access to – Confidential Information by the Disclosing Party, as referred to in Clause 3.
Services means the services to be provided by Nsomnia to Customer, as agreed and specified in an order form/order confirmation.
2. PERSONAL DATA / DATA PROTECTION
2.1 In the performance of Nsomnia’s obligations under the Agreement, Nsomnia and its Affiliates shall Process Personal Data for or on behalf of the Customer. Nsomnia does not control and never acts as Data Controller of any (personal) data and content of Customer transmitted over the network. Parties acknowledge and agree that with regard to the Processing of Personal Data on the Customer’s behalf, the Customer is the Data Controller, and Nsomnia is the Data Sub-Processor. In order to comply with the relevant data protection legislation, in particular the GDPR, with respect to the Processing of Personal Data by Nsomnia, Parties agree upon the conditions as set forth in this Clause 2.
2.2 Nsomnia shall only Process Personal Data if and to the extent such Processing is required in the performance of the Agreement by Nsomnia, and only in accordance with the instructions of the Customer and under conditions as set out by the Customer. The exception thereto is if Nsomnia is under a legal obligation to Process the Personal Data. Nsomnia shall inform the Customer of such legal obligation unless it is prohibited by law or reasons of important public interest from doing so.
2.3 Nsomnia ensures that the persons authorized by Nsomnia and/or its Affiliates to Process the Personal Data shall have access to the Personal Data as is required and necessary for the performance of Nsomnia’s obligations under the Agreement and this Clause 2.
2.4 Nsomnia shall arrange for all appropriate technical and organizational measures, to the extent such measures may be reasonably expected of Nsomnia, to protect the Personal Data from loss, loss of integrity or from any form of unlawful Processing, and shall ensure that these measures meet all requirements under the applicable data protection legislation, including but not limited Clause 32 GDPR.
2.5 In case Nsomnia engages sub-contractors in the performance of the Agreement, Nsomnia shall impose similar data protection obligations as set forth in this Clause 2 on those sub-contractors.
2.6 Nsomnia shall provide all reasonable assistance to the Customer in order for the Customer to fulfill its obligations to respond to requests by data subjects (such within the meaning of the GDPR) exercising their rights under the applicable data protection legislation.
2.7 Nsomnia shall provide all reasonable assistance to the Customer in order for the Customer to comply with its obligations pursuant to Clause 32 through 36 GDPR, taking into account the nature of the Processing and the information available to Nsomnia.
2.8 In case Nsomnia discovers a data breach that may adversely affect the protection of Personal Data Processed by Nsomnia on behalf of the Customer, Nsomnia will notify the Customer, to the extent permitted by law, as soon as reasonably possible. Nsomnia will cooperate with the Customer on the investigation of the personal data breach. The Customer shall be responsible to notify the relevant authority and/or the data subjects concerned, to the extent necessary, in case of a personal data breach.
2.9 After expiration or termination of the Agreement, for whatever reason, Nsomnia shall delete all the Personal Data pertaining to the Customer, including copies thereof, unless Nsomnia is required to retain such Personal Data under the applicable law.
2.10 Nsomnia shall make available to the Customer all information necessary, to the extent this is possible and reasonable, to demonstrate compliance with the conditions laid down in this Clause 2. Nsomnia shall cooperate, to the extent this is possible and reasonable, with any audits conducted by the Customer or another auditor mandated by the Customer. Unless expressly agreed otherwise in writing, the costs of such audit or inspection will be borne by the Customer.
2.11 Any requests, questions regarding data protection legislation, in particular the GDPR, should be sent to email@example.com.
3.1 A Receiving Party shall: (i) keep all Confidential Information confidential, (ii) not disclose any Confidential Information to any other person without the prior written consent of the Disclosing Party, and (iii) only use and reproduce the Confidential Information for the performance of its obligations under the Agreement.
3.2 The obligations contained in clause 3.1 shall not apply to any Confidential Information which: (i) at the date of the Agreement is, or at any time after the date of the Agreement becomes, public knowledge other than through breach of the Agreement by the Receiving Party; (ii) can be shown by the Receiving Party to the reasonable satisfaction of the Disclosing Party to have been known to the Receiving Party prior to it being disclosed by the Disclosing Party to the Receiving Party; or (iii) is required to be disclosed or used by law.
3.3 The Receiving Party agrees that any and all notes, diagrams, descriptions, memoranda and other writings or electronic information obtained from the Disclosing Party and any copies, notes or excerpts thereof containing Confidential Information shall remain the property of the Disclosing Party and that said documents shall, upon request of the Disclosing Party and at the Disclosing Party’s option, be promptly returned to the Disclosing Party or destroyed upon any termination of consideration of the possible business arrangement.
4. INDIVIDUAL RIGHTS
4.1 Right to be informed:
4.1.1 Organisation name: Nsomnia Networks LP.
4.1.2 Contact details: 39/5 Granton Crescent, EH5 1BN, Edinburgh, Scotland, United Kingdom.
4.1.3 mailbox: firstname.lastname@example.org.
4.1.4 Purposes of the Processing: the performance of the Agreement by Nsomnia.
4.1.5 All Personal Data is obtained from the individual it relates to.
4.1.6 The recipient of the personal data is Nsomnia.
4.1.7 The retention period for the personal data is expiration or termination of the Agreement.
4.2 Right of access:
4.2.1 Client has a right of access to his Personal Data. It's made as a automated feature inside Nsomnia website.
4.2.2 There is no need to request access manually.
4.2.3 There is no fee.
4.3 Right of rectification:
4.3.1 Client has a right of rectification or completion his Personal Data. It's made as a automated feature inside Nsomnia website. Exception made only for email address and phone number.
4.3.2 There is no need to request access manually unless Customer wants to apply his right to email address or phone number.
4.3.3 Client should make request in writing using Nsomnia website or Nsomnia email address.
4.3.4 Nsomnia responds to a request for rectification without undue delay and within 28 days of receipt.
4.3.4 There is no fee.
4.4 Right to erasure (the right to be forgotten):
4.4.1 Client should make request in writing using Nsomnia website or Nsomnia email address.
4.4.2 Nsomnia responds to a request for erasure without undue delay and within 28 days of receipt.
4.4.3 There is no fee.
4.5 Right to restrict processing:
4.5.1 Client should make request in writing using Nsomnia website or Nsomnia email address.
4.5.2 Nsomnia responds to a request for restrict processing without undue delay and within 28 days of receipt.
4.5.3 There is no fee.
4.6 Right to data portability:
4.6.1 Client should make request in writing using Nsomnia website or Nsomnia email address.
4.6.2 Nsomnia responds to a request for data portability without undue delay and within 28 days of receipt.
4.6.3 There is no fee.
4.7 Right to object:
4.7.1 Client has an absolute right to stop his data being used for direct marketing.
4.7.2 There is no need to request stop or continue manually. It's made as a automated feature inside Nsomnia website named as “Join our mailing list”.
4.7.3 There is no fee.
5. CATEGORIES OF PERSONAL DATA
5.1 Required for the performance of the Agreement by Nsomnia: First name, Last name, E-mail address, Language.
5.2 Optional: Company name, Address line 1, Address line 2, City, State\Region, Zip code, Country, Phone number.
5.3 Collecting in automated mode: IP-addresses, access time, password, activity logging.
5.4 PCI DSS not applicable because of Nsomnia never asks Client’s credit card number or any other related details.