New EU Standard Contractual Clauses and UK International Data Transfer Agreement
As a result of recent changes in the European Union (EU) and the United Kingdom (UK) regarding global data transfers, HCLSoftware has updated its Data Processing Addendum (DPA) to include the European Commission’s new Standard Contractual Clauses (SCCs). The DPA is also being updated to reflect the new UK International Data Transfer Agreement (UK IDTA).
HCLSoftware has continuously relied on the SCCs to enable the lawful transfer of personal data from the European Economic Area (EEA) to other countries outside the EEA, including to countries which are not deemed to have adequate privacy protection. Personal data is generally transferred for purposes of enabling HCLSoftware to provide customer support on a worldwide basis, and to enable cloud hosting and managed services, if provided in the contract.
Any software contracts we have entered into with our customers after September 1, 2021 which contain a DPA will already have the compliant EU SCCs attached. However, if you are a customer who has an existing DPA with us which predates September 1, 2021, or if you would like to have the UK IDTA terms apply, you will need to enter into a new agreement with us to ensure compliance with the requirements.
To this end, we have created a Data Transfer Amendment to our DPA which incorporates the new EU SCCs as well as the UK IDTA. This document, which has been pre-signed on behalf of HCL, can be downloaded from our Master Agreements webpage. Please follow the instructions at the top of the Amendment regarding completion, countersignature and return of the document.
The signed Amendment may be uploaded and sent to HCLSWPrivacy@hcl.com, indicating your company name and account number in the Subject line. Please keep a fully signed copy for our own files.
Customers can also review our Technical and Organizational Measures (“TOMs”) and our Information Security Practices on this Trust Center site which represent some of the supplemental safeguards we implement to help protect personal data.
For the avoidance of doubt, signature of this Amendment shall be deemed to constitute signature and acceptance of the updated EU SCCs. Where a customer wishes to separately execute the updated EU SCCs and UK IDTA, it may do so by completing and signing the EU SCCs (also found on the Master Agreements webpage) as the data exporter and returning the document to HCL for countersignature. Please note that if a company has not signed this Amendment by December 27, 2022 and continues to license programs from HCL and receive support and other services, HCL will consider the customer to have agreed to the updated EU SCCs and UK IDTA.
If you have any questions regarding this, please do not hesitate to contact HCLSoftware’s privacy team at HCLSWPrivacy@hcl.com