Unless where otherwise stated, definitions used in this clause shall have the meanings set out in the Agreement;
“Agreement”: the Order Confirmation Form and Terms and Conditions (including this Data Protection clause) between Licensor and Customer;
“personal data”, “controller”, “processor”, “processing”, “data subject” and “supervisory authority” shall have the meanings ascribed to them under the GDPR, as applicable;
“Customer Data” means the personal data in whatever form or medium which is supplied, or in respect of which access is granted, to Licensor under this Agreement which shall be confined to the following categories of personal data: the first and last name, email address, location, phone number, job title and where necessary the bank account details of the Customer or where relevant its employees or contractors who wish to access the Licensed Products;
“Data Protection Law” means where applicable, the General Data Protection Regulation ((EU) 2016/679) (GDPR), the European Privacy and Electronic Communications Directive (Directive 2002/58/EC), as amended or replaced from time to time and all other national, international, regional, federal or other laws related to data protection and privacy that are applicable to any territory where Licensor processes personal data or is established;
“Reportable Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer Data transmitted, stored or otherwise processed;
“Third Party Recipient” means any contractor, subcontractor or other party engaged by Licensor in relation to its performance of the Agreement who is or will be processing Customer Data, whether as a controller or processor and who may be located outside of the European Economic Area.