DPA Version: 7
Template date: February 2024 Page 1 of 5
Data Protection Agreement
Applies to Customer’s Personal Data
This Data Protection Agreement (“DPA”), forms part of the Agreement (as defined below) and applies where, and to the
extent that, Cisco Processes Personal Data as a Processor for You when providing Cisco Offers (as defined below) under the
Agreement, (each a “Party” and together the “Parties”).
This DPA will become effective on the Effective Date and remain in force for the term of Agreement.
Unless otherwise specified in this DPA, the terms of the Agreement will continue in full force and effect. All capitalized terms
not defined in Section 1 or otherwise in this DPA will have the meanings set forth in the Agreement. Any privacy or data
protection related clauses or agreement previously entered into by Cisco and You, with regards to the subject matter of this
DPA, will be superseded by and replaced with this DPA. No one other than a Party to this DPA, their successors and permitted
assignees will have any right to enforce any of its terms.
1. Definitions
1.1. “Affiliates” means, any corporation or company that directly or indirectly controls, or is controlled by, or is
under common control with the relevant party, where “control” means to: (a) own over 50% of the relevant
party; or (b) be able to direct the affairs of the relevant party through voting rights or other lawful means (e.g.,
a contract that allows control). Unless otherwise explicitly agreed by the Parties, any legal entities which become
part of the Cisco group of companies through an acquisition or merger (each an “Acquired Entity”) are not
considered Cisco Affiliates for the purposes of this DPA unless the Cisco Offers of such Acquired Entity are
available for You to purchase on the applicable Price List.
1.2. "Agreement” means the written or electronic agreement between You and the applicable Cisco entity for the
provision of the Cisco Offers to You or any other terms where the parties expressly agree to this document (e.g.:
the Cisco General Terms (“General Terms”)); or where You have purchased a Cisco Offer from a Cisco partner,
“Agreement” means, for the purposes of this DPA only, the applicable Service Description listed at
https://www.cisco.com/c/en/us/about/legal/service-descriptions.html.
1.3. “APEC” means the Asia Pacific Economic Cooperation, a regional economic forum established in 1989 to
leverage the growing interdependence of the Asia-Pacific. See http://www.apec.org for more information.
1.4. “APEC Member Economy” means the 21 members of APEC: Australia, Brunei Darussalam, Canada, Chile, China,
Hong Kong-China, Indonesia, Japan, Republic of Korea, Malaysia, Mexico, New Zealand, Papua New Guinea,
Peru, Philippines, Russia, Singapore, Chinese Taipei, Thailand, United States, and Vietnam.
1.5. “Approved Jurisdiction” means a member state of the EEA, or other jurisdiction approved as having adequate
legal protections for data by the European Commission, currently found here:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-
decisions_en.
1.6. “Cisco” means the applicable Cisco entity that is party to the Agreement.
1.7. “CCPA” means the California Consumer Privacy Act (Cal. Civ. Code §§ 1798.100 to 1798.199) as amended by the
California Privacy Rights Act (“CPRA”), and any related regulations or guidance provided by the applicable
regulators.
1.8. “Cisco Offer” means Cisco branded (a) hardware, (b) usage rights in software or cloud services, (c) technical
support included in a subscription offer and (d) incidental technology and resources acquired by You.
1.9. “Controller” means an entity that determines the purposes and means of the processing of Personal Data. It