STANDARD CONTRACTUAL CLAUSES ADDENDUM

This SCC Addendum supplements the DPA (/policies/dpa.html) and applies where Xirsys transfers Client Personal Data from the EEA/UK/Switzerland to a third country lacking an adequacy decision.

1) EU SCCs (2021) & UK Addendum

2) Annex I (Summary)

3) Annex II (Technical & Organizational Measures)

4) Sub-processors (Annex III)

A current list of approved sub-processors (e.g., cloud hosting, support, payments) is available from Xirsys upon request. Controller authorizes these sub-processors; Xirsys will notify Controller of material changes with an opportunity to object consistent with the SCCs/DPA.

5) Conflicts

In case of conflict between the SCCs and any other agreement, the SCCs control to the extent of the conflict for cross-border transfers.

Last Updated: September 16, 2025