Personal Data Protection Act.
- This Clause shall apply where Party B undertakes any Processing of data, documents, materials or information in or from Singapore（as “Services”）.
- Both [Party A]2 and [Party B]2 acknowledge and agree that with regard to the Processing of Personal Data, [Party B] is a Data Intermediary (as defined in the PDPA) acting on behalf of [Party A], and [Party B] Processes any Personal Data disclosed by [Party A] to [Party B] for and on [Party A]’s behalf and that this Agreement constitutes contract evidenced or made in writing for such purposes. [Party A] agrees and undertakes that it is fully responsible for complying with applicable law, requirements and obligations, including under the PDPA, in relation to any Personal Data which it may require Party B to Process pursuant to this Agreement, and any additional costs or expenses to be incurred by Party B in connection with meeting any requirements arising under the PDPA shall be borne exclusively by Party A.
- Without limiting the generality of the foregoing, [Party A] acknowledges and agrees that in its use of the [Services]:
（a）where [Party A] discloses Personal Data to [Party B], [Party A] has the sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which [Party A] acquired Personal Data, and [Party A] represents and warrants to [Party B] that [Party A] has obtained all necessary consents and/or notices under applicable law, including the PDPA, from each individual to whom the Personal Data relates for the disclosure of such individual’s Personal Data to [Party B] and for [Party B]'s collection, use, disclosure and/or Processing, and that such consents and/or notices have not been withdrawn;
（b）[Party A] represents and warrants to [Party B] that [Party A] has at all times complied with and will continue to comply with the requirements of the PDPA, in respect of the collection, use, disclosure, Processing and/or other handling of Personal Data, including complying with any applicable requirement to provide notice to individuals of the use of [Party B] as Data Intermediary;
（c）Personal Data received via or from Singapore, may be transferred to, and collected, used, disclosed and/or Processed in the country in which [Party B], its affiliates and/or its sub-contractors maintain facilities for the [Services], and [Party A] represents and warrants to [Party B] that [Party A] has obtained all necessary consents and/or notices under applicable law, including the PDPA, from each individual to whom the Personal Data relates for the transfer of Personal Data out of Singapore in connection with [Party A]’s use of the [Services], and that such consents and/or notices have not been withdrawn.
- [Party A] represents, warrants and undertakes not to transmit and/or upload, in its use of the [Services] any data, documents, materials or information which is or may be (a) subject to any controls, restrictions or prohibitions relating to its communication, dissemination or export from Singapore, including without limitation, under the Official Secrets Act 1935, the Strategic Goods (Control) Act 2002, nor (b) defamatory, abusive, obscene, threatening, malicious or otherwise objectionable or illegal or in breach or violation of any applicable laws, regulations, licensing requirements or codes of conduct, or which infringes the rights of any party, including without limitation, contractual, moral and/or privacy rights. Party A shall fully indemnify Party B against any loss, claim, penalty or damage Party B may suffer on account of any breach of this Clause.
In this Clause, unless the context otherwise requires:
|is referring to the enterprise user/counterparty.
|is referring to Baidu Cloud.
|“PDPA”||means the Singapore Personal Data Protection Act 2012.
|“Personal Data”||means data, whether true or not, about an individual who can be identified either from that data or from that data when combined with other information to which an entity has access or is likely to have access.