Common use of Buyer must Clause in Contracts

Buyer must. keep seller’s confidential information confidential; only use seller’s confidential information for purposes relating to this contract; and not disclose seller’s confidential information to any third party except as expressly authorised by this contract or in a notice from seller to buyer. buyer may disclose seller’s confidential information: as required by law (including under the Freedom of Information Act 1982 (Cth)); or pursuant to an accountability obligation. Unless prevented by law, buyer must inform seller about any proposed disclosure of seller’s confidential information under clause 12.2.6a). Clause 12.2.5 does not prevent buyer providing access to seller’s confidential information on a confidential basis to: buyer’s employees, contractors, auditors and advisers for purposes relating to this contract, or an agency, in relation to the operation of clause 1.4 or for a purpose relating to the agency’s functions. If a party becomes aware that it has breached its obligations under this clause 12.2, it must immediately notify the other party. Buyer’s data seller must maintain any buyer’s data it holds securely and in accordance with Item 25 of Schedule B. seller is permitted to access and use buyer’s data for the sole purpose of performing this contract. seller has no rights in relation to buyer’s data. Unless authorised by buyer in a notice to seller, seller must not conduct any data mining activities in respect of buyer’s data. Unless authorised by buyer in a notice to seller, seller must not do anything to transfer custody or ownership of buyer’s data to a third party. seller must provide buyer access to buyer’s data as requested by buyer in a notice to seller. buyer may at any time issue reasonable directions to seller in a notice to comply with archival and information management requirements for buyer’s data that are necessary or desirable to enable buyer to comply with government policy. Subject to clause 12.3.7, seller must comply with such directions. If seller (acting reasonably) considers complying with a direction under clause 12.3.6 would materially increase its costs of performing this contract, within 15 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 12.3.6. If seller gives a notice under this clause 12.3.7, seller is not required to comply with xxxxx’s direction under clause 12.3.6 until the contract variation is agreed by the parties. Upon the expiry or termination of this contract, seller must: transfer all of buyer’s data to buyer, in accordance with any reasonable directions of buyer in a notice to seller, and ensure that any electronic buyer’s data is transferred to buyer in a usable format; and unless otherwise required by law or otherwise permitted in Item 26 of Schedule B, delete all of buyer’s data from seller’s systems, provide buyer with confirmation that this has been done in a notice and return all buyer’s data that is in physical form to buyer. Records seller must maintain sufficient, accurate and up-to-date business and accounting records (including supporting documentation) of all transactions or events in relation to this contract (including records of all deliverables provided under this contract, and substantiation for all amounts claimed in any invoice issued under this contract) until the latter of 2 years after the termination or expiry of this contract and two years after the transaction or event. seller must ensure that the records maintained under clause 12.4.1: are kept securely and not deleted or otherwise disposed of without buyer’s prior written authorisation to seller in a notice; are kept in a manner that enables them to be conveniently audited; and comply with any applicable accounting standards. Transferring data off-shore seller must not transfer, store or access buyer’s confidential information outside Australia unless permitted in Item 27 of Schedule B or in a notice from buyer to seller. Item 27 of Schedule B or a notice from buyer may impose conditions on any such permission. seller must comply with any conditions in Item 27 of Schedule B or in a notice under clause 12.5.1. Security General requirements To the extent they are applicable to seller’s performance of this contract, seller must perform all of its obligations under this contract in a manner that is consistent with: the Protective Security Policy Framework and the Commonwealth Information Security Manual; and any of buyer’s security Commonwealth policies specified in Item 28 of Schedule B. When performing its obligations under this contract, seller must comply with: all security requirements specified in Item 28 of Schedule B; and subject to clause 13.1.3, any direction relating to security given by buyer in a notice to seller (which may include a direction to comply with an additional security policy or requirement). If seller (acting reasonably) considers complying with a direction under clause 13.1.2b) would materially increase its costs of performing this contract, within 5 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 13.1.2b). If seller gives a notice under this clause, seller is not required to comply with buyer’s direction under clause 13.1.2b) until the contract variation is agreed by the parties. Without limiting any other clause, seller must ensure that buyer’s data is protected against loss, damage, corruption, misuse and unauthorised access by taking security measures that are no less stringent than good industry practice. seller must immediately notify buyer if any of the following occur; seller breaches any of its obligations under this clause 13; xxxxxx becomes aware of circumstances that may reasonably suggest that it could have breached its obligations under this clause 13; seller becomes aware that any buyer’s data has been lost, stolen, misused, corrupted or accessed by an unauthorised person; xxxxxx becomes aware of circumstances that may reasonably suggest that any buyer’s data has been lost, stolen, corrupted or accessed by an unauthorised person. Physical security seller must: ensure that seller’s premises are kept secure; ensure that buyer’s data in physical form is kept in appropriate security containers for its security classification; ensure that seller’s personnel who have access to buyer’s data are briefed on security requirements for buyer’s data; and at buyer’s request in a notice, provide details of seller’s physical security measures in place to protect buyer’s data. Cyber security seller must take reasonable and prudent steps consistent with good industry practice to reduce the risk of cyber attack on seller’s systems. At buyer’s request in a notice, seller must provide details of seller’s security measures in place to reduce the risk of cyber attack on seller’s systems. If seller becomes aware of a cyber attack on seller’s systems, seller must immediately notify: buyer (and, if this notification is not done by notice, by notice within 1 business day); and if required by buyer, advise CERT Australia and/or the Australian Cyber Security Centre. Information security seller must: take reasonable and prudent steps for disaster recovery and business continuity consistent with good industry practice to ensure that buyer’s data on seller’s systems is not lost, corrupted or rendered inaccessible; ensure that access to seller’s systems is controlled so that only seller’s personnel with a need to access buyer’s data for a purpose relating to the performance of this contract are able to access buyer’s data; and ensure that seller’s systems are configured so that seller’s personnel who are not permitted under this contract to access buyer’s confidential information cannot access buyer’s confidential information. Liability Liability seller is responsible for any act or omission of seller’s personnel in relation to this contract, whether or not the act or omission is authorised by seller. Each party must use reasonable endeavours to mitigate its loss or damage relating to this contract where the other party is liable for the loss or damage (whether because of breach of this contract or otherwise). The liability of a party to the other party in relation to this contract (including under an indemnity) is reduced proportionately if the party incurring the loss or suffering the damage has contributed to the loss or damage through: a breach of its obligations under this contract; and/or a negligent or deliberately wrongful act or omission (including, in the case of seller, an act or omission by seller’s personnel, and in the case of buyer, an act or omission of buyer’s employees or officers). Limitations of liability If an amount is included at Item 29 of Schedule B, subject to clause 14.2.2, the liability of each party to the other party in relation to this contract (including under an indemnity) is limited to that amount. The limitation of liability in clause 14.2.1 does not apply to liability for any of the following: personal injury (including sickness and death); the loss of, or damage to, tangible property; for an infringement of intellectual property rights; for a breach of any obligation relating to confidentiality, privacy or security (including any obligation on seller relating to the protection of buyer’s data); for breach of statute law; a deliberately wrongful act or omission (including fraud and, in the case of seller, repudiation of this contract). Subject to clause 14.2.4, neither party is liable to the other party for loss or damage of the following types: loss of goodwill; loss of business revenue, business opportunity or business profits. Clause 14.2.3 does not prevent a party recovering from the other party loss or damage of the following type: additional internal or project costs; the cost of repairing or replacing deliverables; the cost of having additional services performed by a third party; legal fees. Subject to clause 14.2.6, seller is not responsible for a failure to meet its obligations under this contract to the extent that the failure is directly caused by inaccurate or incomplete buyer’s data which is required by seller to perform the contract. seller is only entitled to the benefit of clause 14.2.5 in relation to inaccurate or incomplete buyer’s data if seller notifies buyer immediately it becomes aware that the relevant buyer’s data is inaccurate or incomplete or is inconsistent with other buyer’s data.

Appears in 1 contract

Samples: Digital Sourcing Contract

AutoNDA by SimpleDocs

Buyer must. keep seller’s confidential information confidential; only use seller’s confidential information for purposes relating to this contract; and not disclose seller’s confidential information to any third party except as expressly authorised by this contract or in a notice from seller to buyer. buyer may disclose seller’s confidential information: as required by law (including under the Freedom of Information Act 1982 (Cth)); or pursuant to an accountability obligation. Unless prevented by law, buyer must inform seller about any proposed disclosure of seller’s confidential information under clause 12.2.6a). Clause 12.2.5 does not prevent buyer providing access to seller’s confidential information on a confidential basis to: buyer’s employees, contractors, auditors and advisers for purposes relating to this contract, or an agency, in relation to the operation of clause 1.4 or for a purpose relating to the agency’s functions. If a party becomes aware that it has breached its obligations under this clause 12.2, it must immediately notify the other party. Buyer’s data seller must maintain any buyer’s data it holds securely and in accordance with Item 25 23 of Schedule B. seller is permitted to access and use buyer’s data for the sole purpose of performing this contract. seller has no rights in relation to buyer’s data. Unless authorised by buyer in a notice to seller, seller must not conduct any data mining activities in respect of buyer’s data. Unless authorised by buyer in a notice to seller, seller must not do anything to transfer custody or ownership of buyer’s data to a third party. seller must provide buyer access to buyer’s data as requested by buyer in a notice to seller. buyer may at any time issue reasonable directions to seller in a notice to comply with archival and information management requirements for buyer’s data that are necessary or desirable to enable buyer to comply with government policy. Subject to clause 12.3.7, seller must comply with such directions. If seller (acting reasonably) considers complying with a direction under clause 12.3.6 would materially increase its costs of performing this contract, within 15 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 12.3.6. If seller gives a notice under this clause 12.3.7, seller is not required to comply with xxxxx’s direction under clause 12.3.6 until the contract variation is agreed by the parties. Upon the expiry or termination of this contract, seller must: transfer all of buyer’s data to buyer, in accordance with any reasonable directions of buyer in a notice to seller, and ensure that any electronic buyer’s data is transferred to buyer in a usable format; and unless otherwise required by law or otherwise permitted in Item 26 of Schedule B, delete all of buyer’s data from seller’s systems, provide buyer with confirmation that this has been done in a notice and return all buyer’s data that is in physical form to buyer. Records seller must maintain sufficient, accurate and up-to-date business and accounting records (including supporting documentation) of all transactions or events in relation to this contract (including records of all deliverables provided under this contract, and substantiation for all amounts claimed in any invoice issued under this contract) until the latter of 2 years after the termination or expiry of this contract and two years after the transaction or event. seller must ensure that the records maintained under clause 12.4.1: are kept securely and not deleted or otherwise disposed of without buyer’s prior written authorisation to seller in a notice; are kept in a manner that enables them to be conveniently audited; and comply with any applicable accounting standards. Transferring data off-shore seller must not transfer, store or access buyer’s confidential information outside Australia unless permitted in Item 27 of Schedule B or in a notice from buyer to seller. Item 27 of Schedule B or a notice from buyer may impose conditions on any such permission. seller must comply with any conditions in Item 27 of Schedule B or in a notice under clause 12.5.1. Security General requirements To the extent they are applicable to seller’s performance of this contract, seller must perform all of its obligations under this contract in a manner that is consistent with: the Protective Security Policy Framework and the Commonwealth Information Security Manual; and any of buyer’s security Commonwealth policies specified in Item 28 of Schedule B. When performing its obligations under this contract, seller must comply with: all security requirements specified in Item 28 of Schedule B; and subject to clause 13.1.3, any direction relating to security given by buyer in a notice to seller (which may include a direction to comply with an additional security policy or requirement). If seller (acting reasonably) considers complying with a direction under clause 13.1.2b) would materially increase its costs of performing this contract, within 5 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 13.1.2b). If seller gives a notice under this clause, seller is not required to comply with buyer’s direction under clause 13.1.2b) until the contract variation is agreed by the parties. Without limiting any other clause, seller must ensure that buyer’s data is protected against loss, damage, corruption, misuse and unauthorised access by taking security measures that are no less stringent than good industry practice. seller must immediately notify buyer if any of the following occur; seller breaches any of its obligations under this clause 13; xxxxxx becomes aware of circumstances that may reasonably suggest that it could have breached its obligations under this clause 13; seller becomes aware that any buyer’s data has been lost, stolen, misused, corrupted or accessed by an unauthorised person; xxxxxx becomes aware of circumstances that may reasonably suggest that any buyer’s data has been lost, stolen, corrupted or accessed by an unauthorised person. Physical security seller must: ensure that seller’s premises are kept secure; ensure that buyer’s data in physical form is kept in appropriate security containers for its security classification; ensure that seller’s personnel who have access to buyer’s data are briefed on security requirements for buyer’s data; and at buyer’s request in a notice, provide details of seller’s physical security measures in place to protect buyer’s data. Cyber security seller must take reasonable and prudent steps consistent with good industry practice to reduce the risk of cyber attack on seller’s systems. At buyer’s request in a notice, seller must provide details of seller’s security measures in place to reduce the risk of cyber attack on seller’s systems. If seller becomes aware of a cyber attack on seller’s systems, seller must immediately notify: buyer (and, if this notification is not done by notice, by notice within 1 business day); and if required by buyer, advise CERT Australia and/or the Australian Cyber Security Centre. Information security seller must: take reasonable and prudent steps for disaster recovery and business continuity consistent with good industry practice to ensure that buyer’s data on seller’s systems is not lost, corrupted or rendered inaccessible; ensure that access to seller’s systems is controlled so that only seller’s personnel with a need to access buyer’s data for a purpose relating to the performance of this contract are able to access buyer’s data; and ensure that seller’s systems are configured so that seller’s personnel who are not permitted under this contract to access buyer’s confidential information cannot access buyer’s confidential information. Liability Liability seller is responsible for any act or omission of seller’s personnel in relation to this contract, whether or not the act or omission is authorised by seller. Each party must use reasonable endeavours to mitigate its loss or damage relating to this contract where the other party is liable for the loss or damage (whether because of breach of this contract or otherwise). The liability of a party to the other party in relation to this contract (including under an indemnity) is reduced proportionately if the party incurring the loss or suffering the damage has contributed to the loss or damage through: a breach of its obligations under this contract; and/or a negligent or deliberately wrongful act or omission (including, in the case of seller, an act or omission by seller’s personnel, and in the case of buyer, an act or omission of buyer’s employees or officers). Limitations of liability If an amount is included at Item 29 of Schedule B, subject to clause 14.2.2, the liability of each party to the other party in relation to this contract (including under an indemnity) is limited to that amount. The limitation of liability in clause 14.2.1 does not apply to liability for any of the following: personal injury (including sickness and death); the loss of, or damage to, tangible property; for an infringement of intellectual property rights; for a breach of any obligation relating to confidentiality, privacy or security (including any obligation on seller relating to the protection of buyer’s data); for breach of statute law; a deliberately wrongful act or omission (including fraud and, in the case of seller, repudiation of this contract). Subject to clause 14.2.4, neither party is liable to the other party for loss or damage of the following types: loss of goodwill; loss of business revenue, business opportunity or business profits. Clause 14.2.3 does not prevent a party recovering from the other party loss or damage of the following type: additional internal or project costs; the cost of repairing or replacing deliverables; the cost of having additional services performed by a third party; legal fees. Subject to clause 14.2.6, seller is not responsible for a failure to meet its obligations under this contract to the extent that the failure is directly caused by inaccurate or incomplete buyer’s data which is required by seller to perform the contract. seller is only entitled to the benefit of clause 14.2.5 in relation to inaccurate or incomplete buyer’s data if seller notifies buyer immediately it becomes aware that the relevant buyer’s data is inaccurate or incomplete or is inconsistent with other buyer’s data.

Appears in 1 contract

Samples: Digital Sourcing Contract

Buyer must. keep seller’s confidential information confidential; only use seller’s confidential information for purposes relating to this contract; and not disclose seller’s confidential information to any third party except as expressly authorised by this contract or in a notice from seller to buyer. buyer may disclose seller’s confidential information: as required by law (including under the Freedom of Information Act 1982 (Cth)); or pursuant to an accountability obligation. Unless prevented by law, buyer must inform seller about any proposed disclosure of seller’s confidential information under clause 12.2.6a11.2.6a). Clause 12.2.5 11.2.5 does not prevent buyer providing access to seller’s confidential information on a confidential basis to: buyer’s employees, contractors, auditors and advisers for purposes relating to this contract, or an agency, in relation to the operation of clause 1.4 or for a purpose relating to the agency’s functions. If a party becomes aware that it has breached its obligations under this clause 12.211.2, it must immediately notify the other party. Buyer’s data seller must maintain any buyer’s data it holds securely and in accordance with Item 25 26 of Schedule B. seller is permitted to access and use buyer’s data for the sole purpose of performing this contract. seller has no rights in relation to buyer’s data. Unless authorised by buyer in a notice to seller, seller must not conduct any data mining activities in respect of buyer’s data. Unless authorised by buyer in a notice to seller, seller must not do anything to transfer custody or ownership of buyer’s data to a third party. seller must provide buyer access to buyer’s data as requested by buyer in a notice to seller. buyer may at any time issue reasonable directions to seller in a notice to comply with archival and information management requirements for buyer’s data that are necessary or desirable to enable buyer to comply with government policy. Subject to clause 12.3.711.3.7, seller must comply with such directions. If seller (acting reasonably) considers complying with a direction under clause 12.3.6 11.3.6 would materially increase its costs of performing this contract, within 15 business days it must notify buyer and propose a change to the contract under clause 16.1 15.1 to give effect to buyer’s direction under clause 12.3.611.3.6. If seller gives a notice under this clause 12.3.711.3.7, seller is not required to comply with xxxxx’s direction under clause 12.3.6 11.3.6 until the contract variation is agreed by the parties. Upon the expiry or termination of this contract, seller must: transfer all of buyer’s data to buyer, in accordance with any reasonable directions of buyer in a notice to seller, and ensure that any electronic buyer’s data is transferred to buyer in a usable format; and unless otherwise required by law or otherwise permitted in Item 26 27 of Schedule B, delete all of buyer’s data from seller’s systems, provide buyer with confirmation that this has been done in a notice and return all buyer’s data that is in physical form to buyer. Records seller must maintain sufficient, accurate and up-to-date business and accounting records (including supporting documentation) of all transactions or events in relation to this contract (including records of all deliverables provided under this contract, and substantiation for all amounts claimed in any invoice issued under this contract) until the latter of 2 years after the termination or expiry of this contract and two years after the transaction or event. seller must ensure that the records maintained under clause 12.4.111.4.1: are kept securely and not deleted or otherwise disposed of without buyer’s prior written authorisation to seller in a notice; are kept in a manner that enables them to be conveniently audited; and comply with any applicable accounting standards. Transferring data off-shore seller must not transfer, store or access buyer’s confidential information outside Australia unless permitted in Item 27 28 of Schedule B or in a notice from buyer to seller. Item 27 28 of Schedule B or a notice from buyer may impose conditions on any such permission. seller must comply with any conditions in Item 27 28 of Schedule B or in a notice under clause 12.5.111.5.1. Security General requirements To the extent they are applicable to seller’s performance of this contract, seller must perform all of its obligations under this contract in a manner that is consistent with: the Protective Security Policy Framework and the Commonwealth Information Security Manual; and any of buyer’s security Commonwealth policies specified in Item 28 29 of Schedule B. When performing its obligations under this contract, seller must comply with: all security requirements specified in Item 28 29 of Schedule B; and subject to clause 13.1.312.1.3, any direction relating to security given by buyer in a notice to seller (which may include a direction to comply with an additional security policy or requirement). If seller (acting reasonably) considers complying with a direction under clause 13.1.2b12.1.2b) would materially increase its costs of performing this contract, within 5 business days it must notify buyer and propose a change to the contract under clause 16.1 15.1 to give effect to buyer’s direction under clause 13.1.2b12.1.2b). If seller gives a notice under this clause, seller is not required to comply with buyer’s direction under clause 13.1.2b12.1.2b) until the contract variation is agreed by the parties. Without limiting any other clause, seller must ensure that buyer’s data is protected against loss, damage, corruption, misuse and unauthorised access by taking security measures that are no less stringent than good industry practice. seller must immediately notify buyer if any of the following occur; seller breaches any of its obligations under this clause 1312; xxxxxx becomes aware of circumstances that may reasonably suggest that it could have breached its obligations under this clause 1312; seller becomes aware that any buyer’s data has been lost, stolen, misused, corrupted or accessed by an unauthorised person; xxxxxx becomes aware of circumstances that may reasonably suggest that any buyer’s data has been lost, stolen, corrupted or accessed by an unauthorised person. Physical security seller must: ensure that seller’s premises are kept secure; ensure that buyer’s data in physical form is kept in appropriate security containers for its security classification; ensure that seller’s personnel who have access to buyer’s data are briefed on security requirements for buyer’s data; and at buyer’s request in a notice, provide details of seller’s physical security measures in place to protect buyer’s data. Cyber security seller must take reasonable and prudent steps consistent with good industry practice to reduce the risk of cyber attack on seller’s systems. At buyer’s request in a notice, seller must provide details of seller’s security measures in place to reduce the risk of cyber attack on seller’s systems. If seller becomes aware of a cyber attack on seller’s systems, seller must immediately notify: buyer (and, if this notification is not done by notice, by notice within 1 business day); and if required by buyer, advise CERT Australia and/or the Australian Cyber Security Centre. Information security seller must: take reasonable and prudent steps for disaster recovery and business continuity consistent with good industry practice to ensure that buyer’s data on seller’s systems is not lost, corrupted or rendered inaccessible; ensure that access to seller’s systems is controlled so that only seller’s personnel with a need to access buyer’s data for a purpose relating to the performance of this contract are able to access buyer’s data; and ensure that seller’s systems are configured so that seller’s personnel who are not permitted under this contract to access buyer’s confidential information cannot access buyer’s confidential information. Liability Liability seller is responsible for any act or omission of seller’s personnel in relation to this contract, whether or not the act or omission is authorised by seller. Each party must use reasonable endeavours to mitigate its loss or damage relating to this contract where the other party is liable for the loss or damage (whether because of breach of this contract or otherwise). The liability of a party to the other party in relation to this contract (including under an indemnity) is reduced proportionately if the party incurring the loss or suffering the damage has contributed to the loss or damage through: a breach of its obligations under this contract; and/or a negligent or deliberately wrongful act or omission (including, in the case of seller, an act or omission by seller’s personnel, and in the case of buyer, an act or omission of buyer’s employees or officers). Limitations of liability If an amount is included at Item 29 30 of Schedule B, subject to clause 14.2.213.2.2, the liability of each party to the other party in relation to this contract (including under an indemnity) is limited to that amount. The limitation of liability in clause 14.2.1 13.2.1 does not apply to liability for any of the following: personal injury (including sickness and death); the loss of, or damage to, tangible property; for an infringement of intellectual property rights; for a breach of any obligation relating to confidentiality, privacy or security (including any obligation on seller relating to the protection of buyer’s data); for breach of statute law; a deliberately wrongful act or omission (including fraud and, in the case of seller, repudiation of this contract). Subject to clause 14.2.413.2.4, neither party is liable to the other party for loss or damage of the following types: loss of goodwill; loss of business revenue, business opportunity or business profits. Clause 14.2.3 13.2.3 does not prevent a party recovering from the other party loss or damage of the following type: additional internal or project costs; the cost of repairing or replacing deliverables; the cost of having additional services performed by a third party; legal fees. Subject to clause 14.2.613.2.6, seller is not responsible for a failure to meet its obligations under this contract to the extent that the failure is directly caused by inaccurate or incomplete buyer’s data which is required by seller to perform the contract. seller is only entitled to the benefit of clause 14.2.5 13.2.5 in relation to inaccurate or incomplete buyer’s data if seller notifies buyer immediately it becomes aware that the relevant buyer’s data is inaccurate or incomplete or is inconsistent with other buyer’s data.

Appears in 1 contract

Samples: Digital Sourcing Contract

Buyer must. keep seller’s confidential information confidential; only use seller’s confidential information for purposes relating to this contract; and not disclose seller’s confidential information to any third party except as expressly authorised by this contract or in a notice from seller to buyer. buyer may disclose seller’s confidential information: as required by law (including under the Freedom of Information Act 1982 (Cth)); or pursuant to an accountability obligation. Unless prevented by law, buyer must inform seller about any proposed disclosure of seller’s confidential information under clause 12.2.6a11.2.6a). Clause 12.2.5 11.2.5 does not prevent buyer providing access to seller’s confidential information on a confidential basis to: buyer’s employees, contractors, auditors and advisers for purposes relating to this contract, or an agency, in relation to the operation of clause 1.4 or for a purpose relating to the agency’s functions. If a party becomes aware that it has breached its obligations under this clause 12.211.2, it must immediately notify the other party. Buyer’s data seller must maintain any buyer’s data it holds securely and in accordance with Item 25 26 of Schedule B. seller is permitted to access and use buyer’s data for the sole purpose of performing this contract. seller has no rights in relation to buyer’s data. Unless authorised by buyer in a notice to seller, seller must not conduct any data mining activities in respect of buyer’s data. Unless authorised by buyer in a notice to seller, seller must not do anything to transfer custody or ownership of buyer’s data to a third party. seller must provide buyer access to buyer’s data as requested by buyer in a notice to seller. buyer may at any time issue reasonable directions to seller in a notice to comply with archival and information management requirements for buyer’s data that are necessary or desirable to enable buyer to comply with government policy. Subject to clause 12.3.711.3.7, seller must comply with such directions. If seller (acting reasonably) considers complying with a direction under clause 12.3.6 would materially increase its costs of performing this contract, within 15 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 12.3.6. If seller gives a notice under this clause 12.3.7, seller is not required to comply with xxxxx’s direction under clause 12.3.6 until the contract variation is agreed by the parties. Upon the expiry or termination of this contract, seller must: transfer all of buyer’s data to buyer, in accordance with any reasonable directions of buyer in a notice to seller, and ensure that any electronic buyer’s data is transferred to buyer in a usable format; and unless otherwise required by law or otherwise permitted in Item 26 of Schedule B, delete all of buyer’s data from seller’s systems, provide buyer with confirmation that this has been done in a notice and return all buyer’s data that is in physical form to buyer. Records seller must maintain sufficient, accurate and up-to-date business and accounting records (including supporting documentation) of all transactions or events in relation to this contract (including records of all deliverables provided under this contract, and substantiation for all amounts claimed in any invoice issued under this contract) until the latter of 2 years after the termination or expiry of this contract and two years after the transaction or event. seller must ensure that the records maintained under clause 12.4.1: are kept securely and not deleted or otherwise disposed of without buyer’s prior written authorisation to seller in a notice; are kept in a manner that enables them to be conveniently audited; and comply with any applicable accounting standards. Transferring data off-shore seller must not transfer, store or access buyer’s confidential information outside Australia unless permitted in Item 27 of Schedule B or in a notice from buyer to seller. Item 27 of Schedule B or a notice from buyer may impose conditions on any such permission. seller must comply with any conditions in Item 27 of Schedule B or in a notice under clause 12.5.1. Security General requirements To the extent they are applicable to seller’s performance of this contract, seller must perform all of its obligations under this contract in a manner that is consistent with: the Protective Security Policy Framework and the Commonwealth Information Security Manual; and any of buyer’s security Commonwealth policies specified in Item 28 of Schedule B. When performing its obligations under this contract, seller must comply with: all security requirements specified in Item 28 of Schedule B; and subject to clause 13.1.3, any direction relating to security given by buyer in a notice to seller (which may include a direction to comply with an additional security policy or requirement). If seller (acting reasonably) considers complying with a direction under clause 13.1.2b) would materially increase its costs of performing this contract, within 5 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 13.1.2b). If seller gives a notice under this clause, seller is not required to comply with buyer’s direction under clause 13.1.2b) until the contract variation is agreed by the parties. Without limiting any other clause, seller must ensure that buyer’s data is protected against loss, damage, corruption, misuse and unauthorised access by taking security measures that are no less stringent than good industry practice. seller must immediately notify buyer if any of the following occur; seller breaches any of its obligations under this clause 13; xxxxxx becomes aware of circumstances that may reasonably suggest that it could have breached its obligations under this clause 13; seller becomes aware that any buyer’s data has been lost, stolen, misused, corrupted or accessed by an unauthorised person; xxxxxx becomes aware of circumstances that may reasonably suggest that any buyer’s data has been lost, stolen, corrupted or accessed by an unauthorised person. Physical security seller must: ensure that seller’s premises are kept secure; ensure that buyer’s data in physical form is kept in appropriate security containers for its security classification; ensure that seller’s personnel who have access to buyer’s data are briefed on security requirements for buyer’s data; and at buyer’s request in a notice, provide details of seller’s physical security measures in place to protect buyer’s data. Cyber security seller must take reasonable and prudent steps consistent with good industry practice to reduce the risk of cyber attack on seller’s systems. At buyer’s request in a notice, seller must provide details of seller’s security measures in place to reduce the risk of cyber attack on seller’s systems. If seller becomes aware of a cyber attack on seller’s systems, seller must immediately notify: buyer (and, if this notification is not done by notice, by notice within 1 business day); and if required by buyer, advise CERT Australia and/or the Australian Cyber Security Centre. Information security seller must: take reasonable and prudent steps for disaster recovery and business continuity consistent with good industry practice to ensure that buyer’s data on seller’s systems is not lost, corrupted or rendered inaccessible; ensure that access to seller’s systems is controlled so that only seller’s personnel with a need to access buyer’s data for a purpose relating to the performance of this contract are able to access buyer’s data; and ensure that seller’s systems are configured so that seller’s personnel who are not permitted under this contract to access buyer’s confidential information cannot access buyer’s confidential information. Liability Liability seller is responsible for any act or omission of seller’s personnel in relation to this contract, whether or not the act or omission is authorised by seller. Each party must use reasonable endeavours to mitigate its loss or damage relating to this contract where the other party is liable for the loss or damage (whether because of breach of this contract or otherwise). The liability of a party to the other party in relation to this contract (including under an indemnity) is reduced proportionately if the party incurring the loss or suffering the damage has contributed to the loss or damage through: a breach of its obligations under this contract; and/or a negligent or deliberately wrongful act or omission (including, in the case of seller, an act or omission by seller’s personnel, and in the case of buyer, an act or omission of buyer’s employees or officers). Limitations of liability If an amount is included at Item 29 of Schedule B, subject to clause 14.2.2, the liability of each party to the other party in relation to this contract (including under an indemnity) is limited to that amount. The limitation of liability in clause 14.2.1 does not apply to liability for any of the following: personal injury (including sickness and death); the loss of, or damage to, tangible property; for an infringement of intellectual property rights; for a breach of any obligation relating to confidentiality, privacy or security (including any obligation on seller relating to the protection of buyer’s data); for breach of statute law; a deliberately wrongful act or omission (including fraud and, in the case of seller, repudiation of this contract). Subject to clause 14.2.4, neither party is liable to the other party for loss or damage of the following types: loss of goodwill; loss of business revenue, business opportunity or business profits. Clause 14.2.3 does not prevent a party recovering from the other party loss or damage of the following type: additional internal or project costs; the cost of repairing or replacing deliverables; the cost of having additional services performed by a third party; legal fees. Subject to clause 14.2.6, seller is not responsible for a failure to meet its obligations under this contract to the extent that the failure is directly caused by inaccurate or incomplete buyer’s data which is required by seller to perform the contract. seller is only entitled to the benefit of clause 14.2.5 in relation to inaccurate or incomplete buyer’s data if seller notifies buyer immediately it becomes aware that the relevant buyer’s data is inaccurate or incomplete or is inconsistent with other buyer’s data.

Appears in 1 contract

Samples: Digital Sourcing Contract

AutoNDA by SimpleDocs

Buyer must. keep seller’s confidential information confidential; only use seller’s confidential information for purposes relating to this contract; and not disclose seller’s confidential information to any third party except as expressly authorised by this contract or in a notice from seller to buyer. buyer may disclose seller’s confidential information: as required by law (including under the Freedom of Information Act 1982 Xxx 0000 (Cth)); or pursuant to an accountability obligation. Unless prevented by law, buyer must inform seller about any proposed disclosure of seller’s confidential information under clause 12.2.6a)12.2.6jjjjjjj. Clause 12.2.5 does not prevent buyer providing access to seller’s confidential information on a confidential basis to: buyer’s employees, contractors, auditors and advisers for purposes relating to this contract, or an agency, in relation to the operation of clause 1.4 or for a purpose relating to the agency’s functions. If a party becomes aware that it has breached its obligations under this clause 12.2, it must immediately notify the other party. Buyer’s data seller must maintain any buyer’s data it holds securely and in accordance with Item 25 29 of Schedule B. seller is permitted to access and use buyer’s data for the sole purpose of performing this contract. seller has no rights in relation to buyer’s data. Unless authorised by buyer in a notice to seller, seller must not conduct any data mining activities in respect of buyer’s data. Unless authorised by buyer in a notice to seller, seller must not do anything to transfer custody or ownership of buyer’s data to a third party. seller must provide buyer access to buyer’s data as requested by buyer in a notice to seller. buyer may at any time issue reasonable directions to seller in a notice to comply with archival and information management requirements for buyer’s data that are necessary or desirable to enable buyer to comply with government policy. Subject to clause 12.3.7, seller must comply with such directions. If seller (acting reasonably) considers complying with a direction under clause 12.3.6 would materially increase its costs of performing this contract, within 15 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 12.3.6. If seller gives a notice under this clause 12.3.7, seller is not required to comply with xxxxx’s direction under clause 12.3.6 until the contract variation is agreed by the parties. Upon the expiry or termination of this contract, seller must: transfer all of buyer’s data to buyer, in accordance with any reasonable directions of buyer in a notice to seller, and ensure that any electronic buyer’s data is transferred to buyer in a usable format; and unless otherwise required by law or otherwise permitted in Item 26 of Schedule B, delete all of buyer’s data from seller’s systems, provide buyer with confirmation that this has been done in a notice and return all buyer’s data that is in physical form to buyer. Records seller must maintain sufficient, accurate and up-to-date business and accounting records (including supporting documentation) of all transactions or events in relation to this contract (including records of all deliverables provided under this contract, and substantiation for all amounts claimed in any invoice issued under this contract) until the latter of 2 years after the termination or expiry of this contract and two years after the transaction or event. seller must ensure that the records maintained under clause 12.4.1: are kept securely and not deleted or otherwise disposed of without buyer’s prior written authorisation to seller in a notice; are kept in a manner that enables them to be conveniently audited; and comply with any applicable accounting standards. Transferring data off-shore seller must not transfer, store or access buyer’s confidential information outside Australia unless permitted in Item 27 of Schedule B or in a notice from buyer to seller. Item 27 of Schedule B or a notice from buyer may impose conditions on any such permission. seller must comply with any conditions in Item 27 of Schedule B or in a notice under clause 12.5.1. Security General requirements To the extent they are applicable to seller’s performance of this contract, seller must perform all of its obligations under this contract in a manner that is consistent with: the Protective Security Policy Framework and the Commonwealth Information Security Manual; and any of buyer’s security Commonwealth policies specified in Item 28 of Schedule B. When performing its obligations under this contract, seller must comply with: all security requirements specified in Item 28 of Schedule B; and subject to clause 13.1.3, any direction relating to security given by buyer in a notice to seller (which may include a direction to comply with an additional security policy or requirement). If seller (acting reasonably) considers complying with a direction under clause 13.1.2b) would materially increase its costs of performing this contract, within 5 business days it must notify buyer and propose a change to the contract under clause 16.1 to give effect to buyer’s direction under clause 13.1.2b). If seller gives a notice under this clause, seller is not required to comply with buyer’s direction under clause 13.1.2b) until the contract variation is agreed by the parties. Without limiting any other clause, seller must ensure that buyer’s data is protected against loss, damage, corruption, misuse and unauthorised access by taking security measures that are no less stringent than good industry practice. seller must immediately notify buyer if any of the following occur; seller breaches any of its obligations under this clause 13; xxxxxx becomes aware of circumstances that may reasonably suggest that it could have breached its obligations under this clause 13; seller becomes aware that any buyer’s data has been lost, stolen, misused, corrupted or accessed by an unauthorised person; xxxxxx becomes aware of circumstances that may reasonably suggest that any buyer’s data has been lost, stolen, corrupted or accessed by an unauthorised person. Physical security seller must: ensure that seller’s premises are kept secure; ensure that buyer’s data in physical form is kept in appropriate security containers for its security classification; ensure that seller’s personnel who have access to buyer’s data are briefed on security requirements for buyer’s data; and at buyer’s request in a notice, provide details of seller’s physical security measures in place to protect buyer’s data. Cyber security seller must take reasonable and prudent steps consistent with good industry practice to reduce the risk of cyber attack on seller’s systems. At buyer’s request in a notice, seller must provide details of seller’s security measures in place to reduce the risk of cyber attack on seller’s systems. If seller becomes aware of a cyber attack on seller’s systems, seller must immediately notify: buyer (and, if this notification is not done by notice, by notice within 1 business day); and if required by buyer, advise CERT Australia and/or the Australian Cyber Security Centre. Information security seller must: take reasonable and prudent steps for disaster recovery and business continuity consistent with good industry practice to ensure that buyer’s data on seller’s systems is not lost, corrupted or rendered inaccessible; ensure that access to seller’s systems is controlled so that only seller’s personnel with a need to access buyer’s data for a purpose relating to the performance of this contract are able to access buyer’s data; and ensure that seller’s systems are configured so that seller’s personnel who are not permitted under this contract to access buyer’s confidential information cannot access buyer’s confidential information. Liability Liability seller is responsible for any act or omission of seller’s personnel in relation to this contract, whether or not the act or omission is authorised by seller. Each party must use reasonable endeavours to mitigate its loss or damage relating to this contract where the other party is liable for the loss or damage (whether because of breach of this contract or otherwise). The liability of a party to the other party in relation to this contract (including under an indemnity) is reduced proportionately if the party incurring the loss or suffering the damage has contributed to the loss or damage through: a breach of its obligations under this contract; and/or a negligent or deliberately wrongful act or omission (including, in the case of seller, an act or omission by seller’s personnel, and in the case of buyer, an act or omission of buyer’s employees or officers). Limitations of liability If an amount is included at Item 29 of Schedule B, subject to clause 14.2.2, the liability of each party to the other party in relation to this contract (including under an indemnity) is limited to that amount. The limitation of liability in clause 14.2.1 does not apply to liability for any of the following: personal injury (including sickness and death); the loss of, or damage to, tangible property; for an infringement of intellectual property rights; for a breach of any obligation relating to confidentiality, privacy or security (including any obligation on seller relating to the protection of buyer’s data); for breach of statute law; a deliberately wrongful act or omission (including fraud and, in the case of seller, repudiation of this contract). Subject to clause 14.2.4, neither party is liable to the other party for loss or damage of the following types: loss of goodwill; loss of business revenue, business opportunity or business profits. Clause 14.2.3 does not prevent a party recovering from the other party loss or damage of the following type: additional internal or project costs; the cost of repairing or replacing deliverables; the cost of having additional services performed by a third party; legal fees. Subject to clause 14.2.6, seller is not responsible for a failure to meet its obligations under this contract to the extent that the failure is directly caused by inaccurate or incomplete buyer’s data which is required by seller to perform the contract. seller is only entitled to the benefit of clause 14.2.5 in relation to inaccurate or incomplete buyer’s data if seller notifies buyer immediately it becomes aware that the relevant buyer’s data is inaccurate or incomplete or is inconsistent with other buyer’s data.

Appears in 1 contract

Samples: Digital Sourcing Contract

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!