Data Controls. Insofar as a Data Subject contacts Genesys directly concerning a rectification, erasure, or restriction of processing, Genesys will forward the Data Subject’s request as soon as reasonably possible to the Customer. Insofar as it is included in the scope of services, the erasure policy, ‘right to be forgotten’, rectification, data portability and access shall be ensured by Genesys without unreasonable delay, or Genesys will provide tools for Customer to fulfil such requests via the Service.
Data Controls. In its performance obligations, Verint does not require access to Customer systems or data, and Customer shall take commercially reasonable efforts to prevent Verint from accessing Customer systems and data. Where Customer provides Customer Data to Verint for professional services or support purposes, Customer shall take commercially reasonable efforts to redact or remove Personal Data prior to providing that Customer Data to Verint. Where possible, such services shall be delivered via screen share or telephone with no data transferred to Verint. If it is necessary to transfer Customer Data to Verint, the following shall apply: • Customer shall only use Verint approved communication channels for providing Customer Data to Verint. With respect to the storage of such Customer Data by Verint and any further transmission of that Customer Data by Verint, Verint shall ensure such Customer Data is protected using Encryption Standards. • In the event Verint makes backups of such Customer Data, all backups of Customer Data shall be encrypted on backup media using Encryption Standards. • Customer Data may only be stored on portable media, including laptops, DVD, CD, magnetic tape media, removable hard drives, USB drives or similar portable storage, if Encryption Standards are used on that portable media. • Except as specified otherwise in the Agreement, or applicable Order or SOW, Customer Data may be transferred by Verint to, and stored and Processed in, the United States or any other country in which Verint or its affiliates or subcontractors maintain facilities. Customer appoints Verint to perform any such transfer of Customer Data to any such country and to store and Process Customer Data in order to provide services to Customer. • Verint shall: (1) process such Customer Data only in accordance with the reasonable instructions of Customer, (2) treat such Customer Data as the Confidential Information of Customer, (3) promptly notify Customer of any unauthorized or unlawful Processing of that Customer Data of which it becomes aware, (4) except as otherwise agreed, promptly delete, or at Customer’s option, return such Customer Data when no longer needed for the provision of those services, and (5) not knowingly place Customer in breach of any Privacy Laws.
Data Controls. Insofar as a Data Subject contacts Genesys directly concerning a rectification, erasure, or restriction of processing, Genesys will promptly notify the Customer about the Data Subject’s request. Insofar as it is included in the scope of services, the erasure policy, ‘right to be forgotten’, rectification, data portability and access shall be ensured by Genesys without unreasonable delay, or Genesys will provide tools for Customer to fulfil such requests via the Service including, without limitation: (a) to provide Customer with a copy of the Customer Data in tangible form; and (b) to access, correct, erase Customer Data or restrict processing of Customer Data as requested by the Data Subject.
Data Controls. In its performance obligations with respect to Hosted Subscription Services, Verint does require access to Customer Data, and the following additional terms and conditions shall apply: • Verint’s security procedures shall require that any Customer Data stored by Verint only be stored using secure data encryption algorithms and key strengths of 128-bit symmetric and 1024-bit asymmetric or greater. Verint shall monitor Industry Standards and implement an action plan if key lengths in use can be compromised through commercially reasonable means. • Verint will maintain a key management process that includes appropriate controls to limit access to private keys and a key revocation process. Private keys, and passwords shall not be stored on the same media as the data they protect. • Verint will prohibit Verint Personnel from the download, extraction, storage or transmission of Customer Data through personally owned computers, laptops, tablet computers, cell phones, or similar personal electronic devices except where enrolled in Verint’s Mobile Device Management (MDM), Information Rights Management (IRM), or other security programs. If personal computers or mobile devices are used to perform any part of the Hosted Subscription Services, Verint will encrypt all Customer Data on such mobile devices. • Verint agrees that any and all electronic transmission or exchange of Customer Data shall be protected by a secure and encrypted means (e.g. HTTPS, PGP, S/MIME, SSH, SMTP encryption using TLS on gateway while sending emails). • Customer Data stored as a part of the Hosted Subscription Services shall reside only on Verint production systems housed in Verint hosting partner data centers, unless noted in a SOW or required with respect to professional service engagements or performance of support services. Any storage of Customer Data on Verint premises is temporary and is used strictly for support and services engagements. Once Customer Data on Verint premise has served its purpose, it shall be promptly destroyed in accordance to Verint’s confidential data destruction procedures. • Verint will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of Personal Data from the European Economic Area and Switzerland. Verint will ensure that transfers of Personal Data to a third country or an international organization are subject to appropriate safeguards as described in Articl...
Data Controls. In its performance obligations with respect to Hosted Subscription Services, Cognyte does require access to Customer Data, and the following additional terms and conditions shall apply: • Cognyte’s security procedures shall require that any Customer Data stored by Cognyte only be stored using secure data encryption algorithms and key strengths of 128-bit symmetric and 1024-bit asymmetric or greater. Cognyte shall monitor Industry Standards and implement an action plan if key lengths in use can be compromised through commercially reasonable means. • Cognyte will maintain a key management process that includes appropriate controls to limit access to private keys and a key revocation process. Private keys, and passwords shall not be stored on the same media as the data they protect. • Cognyte will prohibit Cognyte Personnel from the download, extraction, storage or transmission of Customer Data through personally owned computers, laptops, tablet computers, cell phones, or similar personal electronic devices except where enrolled in Cognyte’s Mobile Device Management (MDM), Information Rights Management (IRM), or other security programs. If personal computers or mobile devices are used to perform any part of the Hosted Subscription Services, Cognyte will encrypt all Customer Data on such mobile devices. • Cognyte agrees that any and all electronic transmission or exchange of Customer Data shall be protected by encryption standards. • Customer Data stored as a part of the Hosted Subscription Services shall reside only on Cognyte production systems housed in Cognyte hosting partner data centers, unless noted in a SOW or required with respect to professional service engagements or performance of support services. Any storage of Customer Data on Cognyte premises is temporary and is used strictly for support and services engagements. Once Customer Data on Cognyte premise has served its purpose, it shall be promptly destroyed in accordance to Cognyte’s confidential data destruction procedures. • Cognyte will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of Personal Data from the European Economic Area and Switzerland. Cognyte will ensure that transfers of Personal Data to a third country or an international organization are subject to appropriate safeguards as described in Article 46 of the GDPR and that such transfers and safeguards are documented according ...
Data Controls. In its performance obligations, Cognyte does not require access to Customer systems or data, and Customer shall take commercially reasonable efforts to prevent Cognyte from accessing Customer systems and data. Where Customer provides Customer Data to Cognyte for professional services or support purposes, Customer shall take commercially reasonable efforts to redact or remove Personal Data prior to providing that Customer Data to Cognyte. Where possible, such services shall be delivered via screen share or telephone with no data transferred to Cognyte. If it is necessary to transfer Customer Data to Cognyte, the following shall apply: • Customer shall only use Cognyte approved communication channels for providing Customer Data to Cognyte. With respect to the storage of such Customer Data by Cognyte and any further transmission of that Customer Data by Cognyte, Cognyte shall ensure such Customer Data is protected using Encryption Standards. • In the event Cognyte makes backups of such Customer Data, all backups of Customer Data shall be encrypted on backup media using Encryption Standards. • Customer Data may only be stored on portable media, including laptops, DVD, CD, magnetic tape media, removable hard drives, USB drives or similar portable storage, if Encryption Standards are used on that portable media. • Except as specified otherwise in the Agreement, or applicable Order or SOW, Customer Data may be transferred by Cognyte to, and stored and Processed in, the United States or any other country in which Cognyte or its affiliates or subcontractors maintain facilities. Customer appoints Cognyte to perform any such transfer of Customer Data to any such country and to store and Process Customer Data in order to provide services to Customer. • Cognyte shall: (1) process such Customer Data only in accordance with the reasonable instructions of Customer, (2) treat such Customer Data as the Confidential Information of Customer, (3) promptly notify Customer of any unauthorized or unlawful Processing of that Customer Data of which it becomes aware, and (4) not knowingly place Customer in breach of any Privacy Laws.
Data Controls. The Company has implemented commercially reasonable technical and organizational measures designed to protect the information technology systems and Data used in connection with the operation of the Company’s business. Without limiting the foregoing, the Company has used reasonable efforts to establish and maintain and implement reasonable information technology, information security, cyber security and data protection controls, including, as applicable, oversight, access controls, encryption, technological and physical safeguards that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any information technology system or Data controlled by the Company and used in connection with the operation of the Company’s business (“Breach”). To the Company’s knowledge, there has been no such material Breach, and the Company has not been notified of, and has no knowledge of any event or condition that would reasonably be expected to result in, any such material Breach.
Data Controls. The Company and its Subsidiaries have taken all reasonable technical and organizational measures designed to protect the information technology systems and Data under the Company’s and any of its Subsidiaries’ control used in connection with the operation of the Company’s and its Subsidiaries’ businesses. Without limiting the foregoing, the Company and its Subsidiaries have used reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s and its Subsidiaries’ businesses (“Breach”). To the Company’s knowledge, there has been no such Breach, and the Company and its Subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, any such Breach.
Data Controls. The Company and each of its Subsidiaries have implemented appropriate controls, policies, procedures and technological safeguards to maintain and protect the information technology systems and Data used in connection with the operation of the Company’s and its Subsidiaries’ businesses. Without limiting the foregoing, the Company and its Subsidiaries have used reasonable efforts to implement appropriate controls, policies, procedures, and technological safeguards to establish and maintain reasonable data protection controls, policies and procedures that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of any Data used in connection with the operation of the Company’s and its Subsidiaries’ businesses (“Breach”). To the Company’s knowledge, there has been no material Breach, and the Company and its Subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, any such material Breach.
