Yes, Cherimoya shall comply with all applicable data protection laws, including in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (the “Regulation”), if applicable.
Cherimoya will act as a processor and Customer will act as the controller(s) as defined in the Regulation. Cherimoya shall process personal data only insofar as required, and Cherimoya shall implement and observe any instructions from the Customer to ensure compliance with applicable legislation, including with respect to security, confidentiality, data subject rights, transparency and termination of data processing activities.