While Allies maintain autonomy and authority over their own data, including the right to determine how data is collected, stored, processed, and shared, NATO data is governed and managed according to international agreements and approved NATO policies and standards. Thus, NATO retains control and ownership over the data generated, managed, or exchanged within the Alliance without undue influence or interference from external entities. For non-classified NATO data, the execution of control may be delegated to external entities as long as these external entities are subject to the jurisdiction of a NATO Nation and can ensure that NATO Unclassified information can only be used for official purposes and only individuals, bodies or organisations that require it for official NATO purposes have access to it. Protective measures to be applied by external entities shall be set out in service level agreements, contracts, or their attachments.