2.1 In these Controller Terms:
“Additional Terms” means the additional terms referred to in Appendix 1, which reflect the parties’ agreement on the terms governing the processing of Controller Personal Data in connection with certain Applicable Data Protection Legislation.
“Affiliate” means an entity that directly or indirectly controls, is controlled by, or is under common control with, a party.
“Applicable Data Protection Legislation” means, as applicable to the processing of Controller Personal Data, any national, federal, EU, state, provincial or other privacy, data security or data protection law or regulation, including European Data Protection Legislation, the LGPD and US State Privacy Laws.
“Controller Data Subject” means a data subject to whom Controller Personal Data relates.
“Controller Personal Data” means personal data that is processed by a party under the Agreement in connection with its provision or use (as applicable) of the Controller Services.
“Controller Services” means the Google products or services that incorporate these Controller Terms by reference in their terms of service or other agreements, including the “Controller Services” listed at business.safety.google/services.
“End Controller” means, for each party, the ultimate controller of Controller Personal Data.
“EU GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
“European Data Protection Legislation” means, as applicable: (a) the GDPR; and/or (b) the Swiss FDPA.
“GDPR” means, as applicable: (a) the EU GDPR; and/or (b) the UK GDPR.
“Google” means the Google Entity that is party to the Agreement.
“Google Entity” means Google LLC, Google Ireland Limited or any other Affiliate of Google LLC.
“LGPD” means the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais).
“Swiss FDPA” means, as applicable, the Federal Data Protection Act of 19 June 1992 (Switzerland) (with the Ordinance to the Federal Data Protection Act of 14 June 1993), or the revised Federal Data Protection Act of 25 September 2020 (with the Ordinance to the Federal Data Protection Act of 31 August 2022).
“Terms Effective Date” means the date on which Partner clicked to accept or the parties otherwise agreed to these Controller Terms.
“UK GDPR” means the EU GDPR as amended and incorporated into UK law under the UK European Union (Withdrawal) Act 2018, and applicable secondary legislation made under that Act.
“US State Privacy Laws” means US privacy, data security, and data protection laws and regulations applicable to the personal information processed by a party under the Agreement, including without limitation (i) the California Consumer Privacy Act of 2018 (including as amended by the California Privacy Rights Act of 2020) together with all implementing regulations (“CCPA") (ii) Virginia’s Consumer Data Protection Act, Va. Code Ann. § 59.1-575 et seq.; and (iii) the Colorado Privacy Act, Colo. Rev. Stat. § 6-1-1301 et seq. together with all implementing regulations; (iv) Connecticut’s Act Concerning Data Privacy and Online Monitoring, Pub. Act No. 22015; and (v) the Utah Consumer Privacy Act, Utah Code Ann. § 13-61-101 et seq.
2.2 The terms “controller”, “data subject”, “personal data”, “processing” and “processor” as used in these Controller Terms have the meanings given by either (a) Applicable Data Protection Legislation; or (b) absent any such meaning or law, the GDPR.
2.3 The words “include” and “including” mean “including but not limited to”. Any examples in these Controller Terms are illustrative and not the sole examples of a particular concept.
2.4 Any reference to a legal framework, statute or other legislative enactment is a reference to it as amended or re-enacted from time to time.
2.5 To the extent any translated version of these Controller Terms is inconsistent with the English version, the English version will govern.