2. Scope and Responsibility

2.1. The Client and ABBYY acknowledge that for the purpose of the Data Protection Laws, the Client is the controller and ABBYY is the processor. In some circumstances, Client may be a processor, in which case Client appoints ABBYY as Client’s sub-processor, which shall not change the obligations of either Client or ABBYY under this DPA, as ABBYY will always remain a processor with respect to the Client in such event.

2.2. Client retains control of the Personal Data and remains responsible for its compliance with its obligations under the applicable Data Protection Laws, including providing any required notices and obtaining any required consents for the lawful collection and processing of Personal Data made available to or otherwise transferred to ABBYY, and for the processing instructions it gives to the Processor.

2.3. Processor shall process Personal Data on behalf of Client. Processing shall include such actions as may be specified in the Agreement and in the scope of work. Within the scope of the Agreement, Client shall be solely responsible for complying with the statutory requirements relating to data protection, in particular regarding the transfer of Personal Data to the Processor and the Processing of Personal Data by Processor.

2.4. Based on this responsibility, Client shall be entitled to request that Processor, subject to the Data Protection Laws, rectifies, deletes, blocks and makes available Personal Data during and after the term of the Agreement at Client’s cost. Processor shall promptly comply with any of Client’s request or instruction requiring the Processor to amend, transfer, delete or otherwise process the Personal Data, or to stop, mitigate or remedy any unauthorized Processing.

2.5. The provisions of this DPA shall also apply if testing or maintenance of automatic processes or of Processing equipment is performed on behalf of Client.