Common use of Access Control to Personal Data Processing Systems (Logical Clause in Contracts

Access Control to Personal Data Processing Systems (Logical. XXXXxx.xxx has implemented suitable measures to prevent its Personal Data Processing systems from being used by unauthorized persons. This is accomplished by: ● Establishing the identification of the terminal and/or the terminal user to the XXXXxx.xxx systems; ● Automatic time-out of user terminal if left idle. Identification and password required to reopen; ● Automatic lock out of the user ID when several erroneous passwords are entered. Events are logged and logs are reviewed on a regular basis; ● Utilizing firewall, router and VPN-based access controls to protect the private service networks and back-end-servers; ● Ad hoc monitoring infrastructure security; ● Regularly examining security risks by internal employees and third party auditors; ● Issuing and safeguarding of identification codes; ● Role-based access control implemented in a manner consistent with principle of least privilege; ● Access to host servers, applications, databases, routers, switches, etc., is logged; ● Making use of commercial and custom tools to collect and examine its Platform and system logs for anomalies.

Access Control to Personal Data Processing Systems (Logical. XXXXxx.xxx Platformly has implemented suitable measures to prevent its Personal Data Processing systems from being used by unauthorized persons. This is accomplished by: ● Establishing the identification of the terminal and/or the terminal user to the XXXXxx.xxx Platformly systems; ● Automatic time-out of user terminal if left idle. Identification and password required to reopen; ● Automatic lock out of the user ID when several erroneous passwords are entered. Events are logged and logs are reviewed on a regular basis; ● Utilizing firewall, router and VPN-based access controls to protect the private service networks and back-end-servers; ● Ad hoc monitoring infrastructure security; ● Regularly examining security risks by internal employees and third party auditors; ● Issuing and safeguarding of identification codes; ● Role-based access control implemented in a manner consistent with principle of least privilege; ● Access to host servers, applications, databases, routers, switches, etc., is logged; ● Making use of commercial and custom tools to collect and examine its Platform and system logs for anomalies.

Access Control to Personal Data Processing Systems (Logical. XXXXxx.xxx Xxxxxxxx.xx has implemented suitable measures to prevent its Personal Data Processing systems from being used by unauthorized persons. This is accomplished by: ● Establishing the identification of the terminal and/or the terminal user to the XXXXxx.xxx Xxxxxxxx.xx systems; ● Automatic time-out of user terminal if left idle. Identification and password required to reopen; ● Automatic lock out of the user ID when several erroneous passwords are entered. Events are logged and logs are reviewed on a regular basis; ● Utilizing firewall, router and VPN-based access controls to protect the private service networks and back-end-servers; ● Ad hoc monitoring infrastructure security; ● Regularly examining security risks by internal employees and third party auditors; ● Issuing and safeguarding of identification codes; ● Role-based access control implemented in a manner consistent with principle of least privilege; ● Access to host servers, applications, databases, routers, switches, etc., is logged; ● Making use of commercial and custom tools to collect and examine its Platform and system logs for anomalies.