International Data Transfer Addendum to the EU Commission Standard Contractual Clauses

VERSION B1.0, in force 21 March 2022

This Addendum has been issued by the Information Commissioner for Parties making Restricted Transfers. The Information Commissioner considers that it provides Appropriate Safeguards for Restricted Transfers when it is entered into as a legally binding contract.

Part 1: Tables

Table 1: Parties

Start date As set forth in the Agreement between the parties that refers to this IDTA
The Parties Exporter (who sends the Restricted Transfer) Importer (who receives the Restricted Transfer)
Parties’ details Full legal name: as set forth in the Agreement between the parties that refers to this IDTA

Trading name (if different): as set forth in the Agreement between the parties that refers to this IDTA

Main address (if a company registered address): as set forth in the Agreement between the parties that refers to this IDTA

Official registration number (if any) (company number or similar identifier): as set forth in the Agreement between the parties that refers to this IDTA

Full legal name: the Innovid entity set forth in the Agreement between the parties that refers to this IDTA

Trading name (if different): as set forth in the Agreement between the parties that refers to this IDTA

Main address (if a company registered address): as set forth in the Agreement between the parties that refers to this IDTA

Official registration number (if any) (company number or similar identifier): as set forth in the Agreement between the parties that refers to this IDTA

Key Contact Full Name (optional): as set forth in the Agreement between the parties that refers to this IDTA

Job Title: as set forth in the Agreement between the parties that refers to this IDTA

Contact details including email: as set forth in the Agreement between the parties that refers to this IDTA

Full Name (optional): Arye Schreiber

Job Title: DPO

Contact details including email: privacy@innovid.com

Signature (if required for the purposes of Section ‎2)

Table 2: Selected SCCs, Modules and Selected Clauses

Addendum EU SCCs ☒ the Approved EU SCCs, including the Appendix Information and with only the following modules, clauses or optional provisions of the Approved EU SCCs brought into effect for the purposes of this Addendum:
Module Module in operation Clause 7 (Docking Clause) Clause 11
(Option)
Clause 9a (Prior Authorisation or General Authorisation) Clause 9a (Time period) Is personal data received from the Importer combined with personal data collected by the Exporter?
2 X Yes No General 14 days Yes, if applicable to nature of processing

Table 3: Appendix Information

Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in:

Annex 1A: List of Parties: Annex I
Annex 1B: Description of Transfer: Annex I
Annex II: Technical and organisational measures including technical and organisational measures to ensure the security of the data: Annex II
Annex III: List of Sub processors (Modules 2 and 3 only): Annex III

Table 4: Ending this Addendum when the Approved Addendum Changes

Ending this Addendum when the Approved Addendum changes Which Parties may end this Addendum as set out in Section ‎19:

☒Importer

☒Exporter

☐neither Party

Part 2: Mandatory Clauses

Alternative Part 2 Mandatory Clauses:

Mandatory Clauses Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section ‎‎18 of those Mandatory Clauses.