Data Access Controls Sample Clauses

Data Access Controls. Data Processor shall take reasonable measures to provide that Personal Data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the

Data Access Controls. Zendesk takes reasonable measures to provide that Service Data is accessible and manageable only by properly authorised staff.

Data Access Controls. Our Sub-processors will take reasonable measures to ensure that Service Data is accessible and manageable only by properly authorised staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to access Service Data only have access to Service Data to which they have privilege of access; and, that Service Data cannot be read, copied, modified or removed without authorisation in the course of processing. Vendor will implement and maintain an access policy under which access to its system environment, to data processing systems, to Service Data, and other data is restricted to authorised personnel only.

Data Access Controls. Vendor shall take reasonable measures to provide that personal data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the personal data to which they have privilege of access; and, that personal data cannot be read, copied, modified or removed without authorization in the course of processing.

Data Access Controls. Aircall shall take reasonable measures to provide that Personal Data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the Personal Data to which they have the privilege of access; and, that Personal Data cannot be read, copied, modified or removed without authorization in the course of Processing.

Data Access Controls. Q4, as a Data processor, shall take reasonable measures to provide that Personal Data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the Personal Data to which they have privilege of access.

Data Access Controls. Contractor will provide access to Purchasing Entity’s Data only to those Contractor employees, contractors and subcontractors (“Contractor Staff”) who need to access the Data to fulfill Contractor’s obligations under this Agreement. Contractor shall not access a Purchasing Entity’s user accounts or Data, except on the course of data center operations, response to service or technical issues, as required by the express terms of this Master Agreement, or at a Purchasing Entity’s written request.

Data Access Controls. Third-party service providers shall take reasonable measures to provide that Service Data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to access Service Data only have access to Service Data to which they have privilege of access; and, that Service Data cannot be read, copied, modified or removed without authorization in the course of processing.

Data Access Controls. Vendor shall take reasonable measures to provide that personal data is accessible and manageable only by properly authorized staff, direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the personal data to which they have privilege of access; and, that personal data cannot be read, copied, modified or removed without authorization in the course of processing. Cybersecurity controls: Vendor has implemented a cyber security defense strategy in several layers as a protection against unauthorized access. Vendor will utilize one or more of the following if reasonable and appropriate: a. Firewalls; b. Web Application Firewall (WAF); c. Security Monitoring Centre; d. Antivirus software; e. Backup and recovery; f. Penetration testing; g. Intrusion detection; Transmission Controls Vendor shall take reasonable measures to ensure that it is possible to check and establish to which entities the transfer of personal data by means of data transmission facilities is envisaged so personal data cannot be read, copied, modified or removed without authorization during electronic transmission or transport. Data in-transit will be encrypted using industry standard algorithms and certificates e.g HTTPS encryption, secure communication tunnels (VPN), etc. Exceptions may include data in-transit between components of the Vendor solution within a suitably secure environment. E.g Between an application server and database server in a secure data center. Data at rest is protected through encryption of stored data using industry standard solutions e.g. BitLocker. Input Controls Vendor shall take reasonable measures to provide that it is possible to check and establish whether and by whom personal data has been entered into data processing systems, modified or removed. Vendor shall take reasonable measures to ensure that a. the personal data source is under the control of customer; and b. personal data integrated into Vendor’s systems is managed by a secured\encrypted transfer mechanism from the customer. Data Backup Vendor shall ensure that back-ups are taken on a regular basis, are secured, and encrypted when storing personal data to protect against accidental destruction or loss when hosted by outsourced cloud infrastructure providers. Vendor will on a periodic basis ensure that it is possible to restore access to and availability of personal data in a...

Data Access Controls. Box commits that Box Personnel entitled to use Box’s data processing systems will only access data within the scope and to the extent covered by the respective access permission (authorization). This will be accomplished by: