DATA CONTROLLER OBLIGATIONS. 1.2.1 Each Party shall in relation to the Processing of the Personal Data comply with its respective obligations under the Data Protection Laws.
1.2.2 Without limiting the generality of the obligation set out in Paragraph 1.2.1, in particular, each Party shall:
(a) where required to do so make due notification to the ICO;
(b) ensure it is not subject to any prohibition or restriction which would:
(i) prevent or restrict it from disclosing or transferring the Personal Data to the other Party as required under this Agreement;
(ii) prevent or restrict it from granting the other Party access to the Personal Data as required under this Agreement; or
(iii) prevent or restrict either Party from Processing the Personal Data, as envisaged under this Agreement;
(c) ensure that all fair processing notices have been given (and/or, as applicable, consents obtained) and are sufficient in scope to enable each Party to Process the Personal Data as required in order to obtain the benefit of its rights and to fulfil its obligations under this Agreement in accordance with the Data Protection Laws;
(d) ensure that all Personal Data disclosed or transferred to, or accessed by, another Party is accurate and up-to-date, as well as adequate, relevant and not excessive to enable that Party to Process the Personal Data as envisaged under this Agreement;
(e) ensure that appropriate technical and organisational security measures are in place sufficient to comply with at least the obligations imposed on the Controller by the Security Requirements including without limitation, (i) ensuring a level of security appropriate to the risk involved in the processing (which shall include without limitation and, as appropriate, taking steps such as the pseudonymisation and/or encryption of Personal Data, taking steps to ensure the ongoing confidentiality, integrity, availability and resilience of the systems and services used to process Personal Data and regularly testing the effectiveness of the systems in place); (ii) adhering to any relevant codes of conduct or approved certifications; and (iii) ensuring that all individuals who have access to Personal Data maintain the confidentiality and security of Personal Data and comply with the terms of this Agreement and where requested provide to the University evidence of its compliance with such requirements promptly, and in any event within 48 hours of the request
(f) notify the other Party promptly, and in any event within five days of receipt o...
DATA CONTROLLER OBLIGATIONS. Data Controller will cooperate with Data Processor in maintaining accurate contact information in the customer support portal and by providing any information that is reasonably requested to resolve any security incident, including any Breaches, identify its root cause(s), and prevent a recurrence. Data Controller is solely responsible for determining whether to notify the relevant supervisory or regulatory authorities and impacted Data Subjects and for providing such notice.
DATA CONTROLLER OBLIGATIONS. 5.1. The RSP shall provide Customer Personal Data to NBI only to the extent necessary to enable NBI achieve the Processing Purposes and in this regard the RSP shall not provide any excessive or unnecessary Customer Personal Data to NBI. All Customer Personal Data provided by the RSP to the NBI shall be accurate and up to date.
5.2. The RSP acknowledges that NBI is reliant on the RSP for lawful instruction as to the extent of the NBI’s processing of Customer Personal Data and accordingly the RSP agrees to provide clear written instructions in a timely manner to NBI, which shall at all times be in compliance with the Data Protection Laws.
5.3. Notwithstanding clause 5.2 above, NBI retains the discretion to refuse any such instruction received if, in NBI’s reasonable opinion, such instruction infringes the Data Protection Laws or any other applicable law. In such circumstances, NBI shall notify in writing the RSP of same, including the reasons underlying its opinion.
5.4. As regards access to the NBI Operational Environment, the RSP shall ensure that its staff, employees, contractors and all other personnel authorised to access NBI Operational Environment, shall ensure the security and confidentiality of all passwords, credentials and access
DATA CONTROLLER OBLIGATIONS. 3.2.1 Each Party shall in relation to the Processing of the Personal Data comply with its respective obligations under the Data Protection Laws.
3.2.2 Without limiting the generality of the obligation set out in Paragraph 3.2.1, in particular, each Party shall:
(a) where required to do so make due notification to the ICO;
(b) ensure it is not subject to any prohibition or restriction which would:
(i) prevent or restrict it from disclosing or transferring the Personal Data to the other Party as required under this Agreement;
(ii) prevent or restrict it from granting the other Party access to the Personal Data as required under this Agreement; or
(iii) prevent or restrict either Party from Processing the Personal Data, as envisaged under this Agreement;
(c) ensure that all fair processing notices have been given (and/or, as applicable, consents obtained) and are sufficient in scope to enable each Party to Process the Personal Data as required in order to obtain the benefit of its rights and to fulfil its obligations under this Agreement in accordance with the Data Protection Laws.
(d) ensure that appropriate technical and organisational security measures are in place sufficient to comply with at least the obligations imposed on the Controller by the Security Requirements; and where requested provide to the other Party evidence of its compliance with such requirements promptly, and in any event within forty-eight (48) hours of the request;
(e) notify the other Party promptly, and in any event within forty-eight
DATA CONTROLLER OBLIGATIONS. 1.1 The Data Controller shall comply with all Data Protection Laws in connection with the processing of Protected Data, the Services and the exercise and performance of its respective rights and obligations under this Addendum, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws.
1.2 The Data Controller warrants, represents and undertakes, that:
1.2.1 all Protected Data sourced or provided by the Data Controller for use in connection with the Services, shall comply in all respects, including in terms of its collection, storage and processing, with Data Protection Laws; and
1.2.2 all instructions given by the Data Controller to the Data Processor in respect of Protected Data shall at all times be in accordance with Data Protection Laws.
DATA CONTROLLER OBLIGATIONS. 2.1 We will ensure that We comply with Our obligations as a Controller, including ensuring that We have the appropriate lawful basis for processing in place to enable lawful transfer of the Personal Data to You for the Duration and Purpose of this Data Processing Agreement.
2.2 We have made available a Supplier Privacy Policy that details how Detail2Recruitment will process any Personal Data You supply to Us in connection with the provision of the Goods and/or Services under the Principal Agreement.
DATA CONTROLLER OBLIGATIONS. 2.2.1. Each Party shall in relation to the Processing of the Personal Data comply with its respective obligations under the Data Protection Laws.
2.2.2. Without limiting the generality of the obligation set out in Paragraph 2.2.1, in particular, each Party shall:
2.2.2.1. ensure that all fair processing notices have been given (and/or, as applicable, consents obtained) and are sufficient in scope to enable each Party to Process the Personal Data as required in order to obtain the benefit of its rights and to fulfil its obligations under this Agreement in accordance with the Data Protection Laws;
2.2.2.2. ensure that all Personal Data disclosed or transferred to, or accessed by, the other Party is accurate and up-to-date, as well as adequate, relevant and not excessive to enable either Party to Process the Personal Data as envisaged under this Agreement;
2.2.2.3. ensure that appropriate technical and organisational security measures are in place sufficient to comply with at least the obligations imposed on the Controller by the Security Requirements;
DATA CONTROLLER OBLIGATIONS. Data Controller will cooperate with Data Processor in maintaining accurate contact information in the customer support portal and by providing any information that is reasonably requested to resolve any security incident, including any Breaches, identify its root cause(s), and prevent a recurrence. Data Controller is solely responsible for determining whether to notify the relevant supervisory or regulatory authorities and impacted Data Subjects and for providing such notice. 6.3. データ管理者の義務データ管理者は、サポートポータルにおいて正確な連絡先を維持し、違反を含むセキュリティインシデントを解決し、根本原因を特定し、再発を防ぐために合理的に要求されるあらゆる情✲を提供することによってデータ処理者に協力します。データ管理者は、関連する監督または規制当局および被害を受けたデータ主体に通知する✎どう ✎を決定し、通知を行うことにつき単独で責任を負います。
DATA CONTROLLER OBLIGATIONS. 2.1 The Parties acknowledge that for the purposes of the Data Protection Legislation, the Customer and the Supplier are both Controllers. Supplier shall only process data: (i) in accordance with this Agreement (including Annex A) or any further instructions from Customer; and (ii) only to the extent, and in such a manner, as is necessary for the purposes of performing their obligations under this Agreement. Supplier shall only Process Personal Data strictly in accordance with Customer’s written instructions and shall not use the Processed Personal Data for any other purpose.
2.2 Each Controller shall comply with the obligations that apply to it under applicable Data Protection Legislation in relation to the Processed Personal Data, and to the extent that a Controller under this Agreement is Processing Personal Data on behalf of the other party, it will Process such Personal Data in compliance with the Data Protection Legislation and the terms of this Agreement (including Annex A).
2.3 Both Parties agree to notify the other Party immediately if it considers that any of the Customer's instructions infringe the Data Protection Legislation.
2.4 Neither Controller will transfer Processed Personal Data outside the EEA without first entering into: (i) the Standard Contractual Clauses with the importer of the Processed Personal Data attached hereto as Annex C; or, (ii) any other permitted transfer mechanism prescribed by Data Protection Legislation.
2.5 Both Parties agree to implement and maintain Protective Measures to protect the Processed Personal Data from a Security Incident. Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. Such measures shall include, as appropriate those contained in Annex B.
DATA CONTROLLER OBLIGATIONS. 4.1. The CLIENT and all its employees are responsible for:
4.1.1. Give to the data processor all the data contained in Clause 2 of this agreement.
4.1.2. Make an evaluation of the impact of the data protection action to be taken by the data processor regarding this agreement.
4.1.3. Make every previous consultation that might be needed.
4.1.4. Supervise, during the execution of the Agreement, the GDPR fulfillment of the actions taken by the data processor.
4.1.5. Supervise the data management, including data management audits and inspections, when needed.
