The “Regulation” means the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 06 April 2016. The Regulation replaces the Data Protection Directive 95/46/EC and is designed to harmonize data privacy laws across Europe for the protection of individuals with regard to the processing of personal data and the free movement of such data. Where appropriate, terms used in this statement shall have meanings ascribed to them in the Regulation.

In the event that either party (the “Receiving Party”), its agents, contractors or employees are permitted access to personal data held by the other party for any reason or are supplied with or otherwise provided personal data by the other party for any purpose, the Receiving Party, its agents, contractors or employees shall: (i) use and/or hold such personal data only for the purposes and in the manner directed by the other party and shall not otherwise modify, amend or alter the contents of such personal data unless specifically authorized in writing by the other party and shall take all such steps as may be necessary to safeguard such personal data; (ii) comply in all respects with the Regulation as well as local applicable law and shall not do or permit anything to be done which might jeopardize or contravene the terms of the other party’s notification under the Regulation or local applicable law; (iii) indemnify the other party against all liability, damages, costs, claims and expense which it may incur by reason of any default under this clause or any breach of the Regulation or local applicable law attributable to or caused, directly or indirectly, by Receiving Party, its employees, agents or contractors, including without limitation, the failure to prevent disclosure thereof in contravention of the Regulation or local applicable law.