Common use of CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION Clause in Contracts

CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION. Braze maintains security incident management policies and procedures specified in the Security, Privacy and Architecture Datasheet and shall notify Customer without undue delay after becoming aware of a Personal Data Breach. Braze shall provide information to Customer necessary to enable Customer to comply with its obligations under Data Protection Laws and Regulations. The content of such communication to Customer will (i) include the nature of Processing and the information available to Braze, and (ii) take into account that under applicable Data Protection Laws and Regulations, Customer may need to notify regulators or individuals of the following: (a) a description of the nature of the Personal Data Breach including, where possible, the categories and approximate number of individuals concerned and the categories and approximate number of Personal Data records concerned; (b) a description of the likely consequences of the Personal Data Breach; and (c) a description of the measures taken or proposed to be taken to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effect. Braze shall make commercially reasonable efforts to identify the cause of such Personal Data Breach and take those steps as Braze deems necessary and reasonable in order to remediate the cause of such Personal Data Breach to the extent the remediation is within Braze’s reasonable control. The obligation to remediate the cause of a Personal Data Breach shall not apply to Personal Data Breaches that are caused by Customer or Customer’s Users.

CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION. Braze Insider maintains security incident management policies and procedures specified in the Security, Privacy and Architecture Datasheet and shall notify Customer without undue delay after becoming aware of a Personal Data Breach. Braze Insider shall provide information to Customer necessary to enable Customer to comply with its obligations under Data Protection Laws and RegulationsRegulations in relation to such Personal Data Breach. The content of such communication to Customer will (i) include the nature of Processing and the information available to BrazeInsider, and (ii) take into account that under applicable Data Protection Laws and Regulations, Customer may need to notify regulators or individuals of the following: : (a) a description of the nature of the Personal Data Breach including, where possible, the categories and approximate number of individuals concerned and the categories and approximate number of Personal Data records concerned; (b) a description of the likely consequences of the Personal Data Breach; and (c) a description of the measures taken or proposed to be taken to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effecteffects. Braze Insider shall make commercially reasonable efforts to identify the cause of such Personal Data Breach and take those steps as Braze Insider deems necessary and reasonable in order to remediate the cause of such Personal Data Breach to the extent the remediation is within BrazeInsider’s reasonable control. The obligation to remediate the cause of a Personal Data Breach shall not apply to Personal Data Breaches that are caused by Customer or Customer’s Users.

CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION. Braze maintains security incident management policies and procedures specified in the Security, Privacy and Architecture Datasheet and shall notify Customer without undue delay after becoming aware of a Personal Data Breach. Braze shall provide information to Customer necessary to enable Customer to comply with its obligations under Data Protection Laws and Regulations. The content of such communication to Customer will (i) include the nature of Processing and the information available to Braze, and (ii) take into account that under applicable Data Protection Laws and Regulations, Customer may need to notify regulators or individuals of the following: (a) a description of the nature of the Personal Data Breach including, where possible, the categories and approximate number of individuals concerned and the categories and approximate number of Personal Data records concerned; (b) a description of the likely consequences of the Personal Data Breach; and (c) a description of the measures taken or proposed to be taken to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effecteffects. Braze shall make commercially reasonable efforts to identify the cause of such Personal Data Breach and take those steps as Braze deems necessary and reasonable in order to remediate the cause of such Personal Data Breach to the extent the remediation is within Braze’s reasonable control. The obligation to remediate the cause of a Personal Data Breach shall not apply to Personal Data Breaches that are caused by Customer or Customer’s Users.

CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION. Braze maintains security incident management policies and procedures specified in the Security, Privacy and Architecture Datasheet and shall notify Customer without undue delay after becoming aware of a Personal Data Breach. Braze shall provide information to Customer necessary to enable Customer to comply with its obligations under Data Protection Laws and RegulationsRegulations in relation to such Personal Data Breach. The content of such communication to Customer will (i) include the nature of Processing and the information available to Braze, and (ii) take into account that under applicable Data Protection Laws and Regulations, Customer may need to notify regulators or individuals of the following: (a) a description of the nature of the Personal Data Breach including, where possible, the categories and approximate number of individuals concerned and the categories and approximate number of Personal Data records concerned; (b) a description of the likely consequences of the Personal Data Breach; and (c) a description of the measures taken or proposed to be taken to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effecteffects. Braze shall make commercially reasonable efforts to identify the cause of such Personal Data Breach and take those steps as Braze deems necessary and reasonable in order to remediate the cause of such Personal Data Breach to the extent the remediation is within Braze’s reasonable control. The obligation to remediate the cause of a Personal Data Breach shall not apply to Personal Data Breaches that are caused by Customer or Customer’s Users.