Access Control to Use Specific Areas of Data Processing Systems. Bugcrowd commits that the persons entitled to use its data processing system are only able to access the data within the scope and to the extent covered by its access permission (authorization) and that personal data cannot be read, copied or modified or removed without authorization. This shall be accomplished by: • staff policies in respect of each staff member's access rights to the personal data; • allocation of individual terminals and/or terminal user, and identification characteristics exclusive to specific functions; • monitoring capability in respect of individuals who delete, add or modify the personal data and at least yearly monitoring and update of authorization profiles; • release of data to only authorized persons; • policies controlling the retention of backup copies; and • use of state of the art encryption technologies.
Appears in 4 contracts
Samples: Data Processing Addendum, Data Processing Addendum, Data Processing Addendum
