2. Scope and Responsibility

2.1. The Client and ABBYY acknowledge that for the purpose of the Data Protection Laws, the Client is the Controller and ABBYY is the Processor. In some circumstances, Client may be a Processor, in which case Client appoints ABBYY as Client’s sub-processor, which shall not change the obligations of either Client or ABBYY under this DPA, as ABBYY will always remain a Processor with respect to the Client in such event.

2.2. Client retains control of the Personal Data and remains responsible for its compliance with its obligations under the applicable Data Protection Laws, including providing any required notices and obtaining any required consents for the lawful Processing of Personal Data made available to or otherwise transferred to ABBYY, and for the processing instructions it gives to ABBYY.

2.3. ABBYY shall process Personal Data on behalf of Client. Processing shall include such actions as may be specified in the Agreement and in the scope of work. Within the scope of the Agreement, Client shall be solely responsible for complying with the statutory requirements relating to the lawfulness of the data processing.

2.4. Based on this responsibility, Client shall be entitled to request that ABBYY, subject to the Data Protection Laws, rectifies, deletes, blocks and makes available Personal Data during and after the term of the Agreement at Client’s cost. ABBYY shall promptly comply with any of Client’s request or instruction requiring the ABBYY to amend, transfer, delete or otherwise process the Personal Data, or to stop, mitigate or remedy any unauthorized Processing.

2.5. The provisions of this DPA shall also apply if testing or maintenance of automatic processes or of Processing equipment is performed on behalf of Client.