My WebLink
|
Help
|
About
|
Sign Out
Home
WorkDay_-_MSA_-_ERP_453086
CityHall
>
City Clerk
>
City Council
>
Agreements
>
2024
>
WorkDay_-_MSA_-_ERP_453086
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
9/15/2025 8:56:56 PM
Creation date
8/7/2024 9:14:27 AM
Metadata
Fields
Template:
CM City Clerk-City Council
CM City Clerk-City Council - Document Type
Agreement
Document Date (6)
7/22/2024
Retention
PERM
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
43
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Confidential <br />©2022 Workday (UDPE Global v22.3) Page 3 <br />City of San Leandro <br />3.2 Notification of New Subprocessors. Workday shall make available to Customer a Subprocessor List and <br />provide Customer with a mechanism to obtain notice of any updates to the Subprocessor List. At least thirty (30) days <br />prior to authorizing any new Subprocessor to Process Personal Data, Workday shall provide notice to Customer by <br />updating the Subprocessor List. <br />3.3 Subprocessor Objection Right. This Section 3.3 shall apply only where and to the extent that Customer is <br />established within the EEA, the UK or Switzerland or where otherwise required by Data Protection Laws applicable to <br />new Subprocessor t <br />to Section 3.2 above, provide written notice of such objection to Workday. Should Workday choose to retain the objected- <br />to Subprocessor, Workday will notify Customer at least fourteen (14) days before authorizing the Subprocessor to <br />Process Personal Data and Customer may terminate the relevant portion(s) of the Covered Service within thirty (30) days. <br />Upon any termination by Customer pursuant to this Section, Workday shall refund Customer any prepaid fees for the <br />terminated portion(s) of the Covered Service that were to be provided after the effective date of termination. <br />4. Data Subject Rights <br />4.1 Assistance with Data Subject Requests. Workday will, in a manner consistent with the functionality of the <br />to respond to Data Subject requests to exercise their rights under applicable Data Protection Laws Data Subject <br />Requests <br />4.2 Handling of Data Subject Requests.For the avoidance of doubt, Customer is responsible for responding to <br />Data Subject Requests. If Workday receives a Data Subject Request or other complaint from a Data Subject regarding the <br />Processing of Personal Data, Workday will promptly forward such request or complaint to Customer, provided the Data <br />Subject has given sufficient information for Workday to identify Customer. <br />5. Workday Personnel <br />Workday shall require screening of its personnel who may have access to Personal Data and shall require such personnel <br />(i)to receive appropriate <br />training on their responsibilities regarding the handling and safeguarding of Personal Data; and (iii) to be subject to <br />confidentiality obligations which shall survive the termination of employment. <br />6. Personal Data Breach <br />If Workday becomes aware of a Personal Data Breach, it shall without undue delay notify Customer in accordance with <br />the Security Breach provisions of the MSA. Workday shall take appropriate measures to address and mitigate the adverse <br />effects of the Personal Data Breach. To the extent Customer requires additional information from Workday to meet its <br />Personal Data Breach notification obligations under applicable Data Protection Laws, Workday shall provide reasonable <br />assistance to provide such information to Customer taking into account the nature of Processing and the information <br />available to Workday. <br />7. Security of Processing <br />Workday shall implement and maintain appropriate technical and organizational measures to protect Personal Data <br />against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data as <br />described in the Universal Security Exhibit. <br />8. Audit <br />-current SOC 1 and SOC 2 audit reports (or comparable <br />industry-certifications will be used to satisfy any audit or inspection <br />requests by or on behalf of Customer, and Workday shall make such reports available to Customer. If Customer requires <br />additional information, including information necessary to demonstrate compliance with this DPE, or an audit related to the <br />Program. <br />Docusign Envelope ID: B7B2CF4A-C414-47B2-BF08-2BCDA4573B8E
The URL can be used to link to this page
Your browser does not support the video tag.