Data Breach Response a. Upon becoming aware of a Data Breach, MailMunch will notify Customer without undue delay and provide timely information relating to the Data Breach as it becomes known or as is reasonably requested by Customer. The obligations herein shall not apply to incidents that are caused by Customer or Customer's Users.
Data Breach Response a. If the nature of the Work involves Contractor Group equipment, software, product(s), host(s), network(s), or environment(s) that may expose University Data to a potential Data Breach, then Contractor shall have an appropriate incident response plan. University may, at its discretion, request Contractor to participate in response planning for Data Breach scenarios and/or “lessons learned” activities following an event that was or might have been a Data Breach.
Data Breach Response. 1. The Contractor shall have sufficient capabilities for detecting, identifying, and responding to a Data Breach.
Data Breach Response. If the nature of Vendor’s business involves Vendor’s equipment, software, products, hosts, networks or environments that may expose NMU IT Data or Confidential Information to a potential data breach, then Vendor shall have in place at all times a commercially reasonable incident response plan, which shall be made available to NMU for review upon request. If Vendor has any reason to believe that a data breach may have occurred on any of Vendor’s equipment, software, products, hosts, networks or environments, Vendor shall immediately provide notice to NMU of all pertinent details related to the same while also taking such immediate actions as may be necessary to preserve relevant evidence, identify the nature of the event and contain any data breach. If it appears to NMU, in its sole discretion, that services or technology provided by Vendor are a source of the data breach and present an unreasonable risk, then, in addition to any other remedies, NMU may opt to discontinue use of that source of the data breach and NMU’s corresponding payment obligations under the Contract shall be adjusted equitably. NMU shall have full control over determining notification requirements in the event of a potential or actual data breach affecting any of its Confidential Information or IT Data.
Data Breach Response. Contractor may need to communicate with outside parties regarding a Data Breach, which may include contacting law enforcement and seeking external expertise as mutually agreed upon, defined by law or contained in this Contract. Discussing Data Breaches with USBE should be handled on an urgent as-needed basis, as part of Contractor’s communication and mitigation processes, defined by law or contained in this Contract.
Data Breach Response. While we use industry-standard practices to safeguard data, no service can guarantee absolute data security. We have a Breach Response Plan, which we will follow if we ever discover that Personal Data has been accessed improperly. As part of our response, we will: take action to stop further data loss or unauthorized access; investigate how the breach occurred; promptly contact all affected users via email; and contact law enforcement and government agencies when appropriate. Data Retention and Deletion XtraMath retains Personal Data only for as long as necessary to ensure continuity of math skill-building for students, and for the convenience of parents and teachers. We close user accounts, and delete all associated identifiable data, upon request. Most types of data are also deleted automatically after a certain amount of time has passed. For details, see Appendix B, Record of Data Processing. We may retain de-identified, aggregate data, which cannot identify any individual user, for research and program improvement purposes. Such data is deleted once no longer necessary for these purposes.We will provide certification of data deletion upon request. DATA BREACH RESPONSE Compliance with Data Privacy Laws While we use industry-standard practices to safeguard data, no service can guarantee absolute data security. We have a Breach Response Plan, which we will follow if we ever discover that Personal Data has been accessed improperly. As part of our response, we will: take action to stop further data loss or unauthorized access; investigate how the breach occurred; promptly contact all affected users via email; and contact law enforcement and government agencies when appropriate. UNITED STATES • Children’s Online Privacy Protection Act (COPPA): As a non-profit organization, XtraMath is not subject to COPPA. Nevertheless, we fully comply with the law as if we were subject to it. Children under the age of 13 may not create accounts. We only collect usage and performance data from students as a result of their performing educational activities, and we only use that data for educational purposes. If we gain actual knowledge that a child is using XtraMath without the appropriate consent, we terminate the account.
Data Breach Response a. If the nature of the Work involves Vendor Group equipment, software, product(s), host(s), network(s), or environment(s) that may expose University Data to a potential Data Breach, then Vendor shall have an appropriate incident response plan. University may, at its discretion, require Vendor to participate in response planning for Data Breach scenarios and/or “lessons learned” activities following an event that was or might have been a Data Breach.
Data Breach Response a. Upon becoming aware of a Data Breach, ConvertKit will notify Customer without undue delay and provide timely information relating to the Data Breach as it becomes known or as is reasonably requested by Customer. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.
