Schedule 6F (Provider Data Processing Agreement)

3.2 The duties of the sub-processor. Mailchimp shall: (i) enter into a written agreement with each processor that includes data protection obligations that provide at least the same level of protection of customer data as in this DPA, to the extent that this applies to the type of service provided by that processor; and (ii) remain responsible for such subcontractor`s compliance with the obligations of this DPA and for any act or omission of such subcontractor that leads Mailchimp to breach any of its obligations under this DPA. 6.1 Data Center Sites. Subject to Section 6.2, Customer acknowledges that Mailchimp may transfer and process its Customers` Data in the United States and the United States and anywhere else in the world where Mailchimp, its related companies, or subcontractors perform data processing operations. Mailchimp ensures at all times that these transfers are made in accordance with the requirements of data protection law and this DPA. 4.2 Confidentiality of processing. Mailchimp ensures that any person authorized by Mailchimp to process customer data (including its employees, representatives, and subcontractors) is subject to an appropriate obligation of confidentiality (whether a contractual or legal obligation). 2.2 Assignment of purposes. Mailchimp only processes Customer Data in accordance with customer`s documented legal instructions, as set forth in this DPA, to the extent necessary to comply with applicable law or as agreed in writing by other means (“Permitted Purposes”). The parties agree that the agreement contains the customer`s complete and final instructions to Mailchimp with respect to the processing of customer data and that processing outside the scope of these instructions (if any) must be subject to prior written agreement between the parties.

8.1 Requests from the data subject. As part of the Service, Mailchimp makes available to Customer a series of self-service features that Customer may use to retrieve, correct, delete, or restrict the use of Customer Data that Customer may use to support Customer at no additional cost as part of customer`s obligations under data protection law with respect to responding to data subjects` requests for the customer account. In addition, taking into account the type of processing, Mailchimp will provide the customer with appropriate additional assistance, to the extent possible, so that the customer can fulfill its data protection obligations with regard to the rights of the data subject, in accordance with data protection legislation. If such a request is made directly to Mailchimp, Mailchimp will not respond directly to such communication without the customer`s prior permission, unless it is appropriate (e.g. .B. to order the data subject to contact the customer) or prescribed by law. . . .