Data Handling. A. Contractor may not maintain or forward these State Records to or from any other facility or location, except for the authorized and approved purposes of backup and disaster recovery purposes, without the prior written consent of the State. Contractor may not maintain State Records in any data center or other storage location outside the United States for any purpose without the prior express written consent of OIS.
B. Contractor shall not allow remote access to State Records from outside the United States, including access by Contractor’s employees or agents, without the prior express written consent of OIS. Contractor shall communicate any request regarding non-U.S. access to State Records to the Security and Compliance Representative for the State. The State shall have sole discretion to grant or deny any such request.
C. Upon request by the State made any time prior to 60 days following the termination of this Contract for any reason, whether or not the Contract is expiring or terminating, Contractor shall make available to the State a complete download file of all State data.
i. This download file shall be made available to the State within 10 Business Days of the State’s request, shall be encrypted and appropriately authenticated, and shall contain, without limitation, all State Records, Work Product, and system schema and transformation definitions, or delimited text files with documents, detailed schema definitions along with attachments in its native format.
ii. Upon the termination of Contractor’s provision of data processing services, Contractor shall, as directed by the State, return all State Records provided by the State to Contractor, and the copies thereof, to the State or destroy all such State Records and certify to the State that it has done so. If any legal obligation imposed upon Contractor prevents it from returning or destroying all or part of the State Records provided by the State to Contractor, Contractor shall guarantee the confidentiality of all State Records provided by the State to Contractor and will not actively process such data anymore. Contractor shall not interrupt or obstruct the State’s ability to access and retrieve State Records stored by Contractor.
D. The State retains the right to use the established operational services to access and retrieve State Records stored on Contractor’s infrastructure at its sole discretion and at any time. Upon request of the State or of the supervisory authority, Contractor shall sub...
Data Handling. The Contractor shall ensure that classified data is handled in accordance with appropriate Army and DoD security regulations. Information classified up to SECRET will be accessed and stored in Government spaces only. The Contractor shall agree that any data furnished by the Government to the Contractor shall be used only for performance under the MCoE PWS, and all copies of such data shall be returned to the Government upon completion of this effort.
Data Handling. Where it is agreed that there is no Processing of Personnel Data or disclosure of CUSTOMER Data: delete “(including CUSTOMER Data)” from Clause 11.2; the warranty in Clause 12.1.6 shall be deleted and the remaining Clauses renumbered accordingly; Clauses 14 to 16 (inclusive) shall be marked “Not Used” and Schedules 2-14 and 2-15 marked “Not Used”; delete “The CONTRACTOR acknowledges that the CUSTOMER Data is the property of the CUSTOMER and the CUSTOMER hereby reserves all Intellectual Property Rights which may subsist in the CUSTOMER Data.” from Clause 17.1; delete the following sentence from Clause 34.3: “The CONTRACTOR cannot claim relief from a Force Majeure Event to the extent that it is required to comply with the BCDR Plan but has failed to do so.”; all corresponding definitions in Schedule 2-1 shall be deleted save those definitions used elsewhere in the Contract and the definition of CUSTOMER Confidential Information shall be amended by removing “Personal Data, CUSTOMER Data”; and delete paragraph 5 in Schedule 2-6.
Data Handling. If Customer is disclosing to SISW any information that is (i) Covered Defense Information or Controlled Unclassified Information as defined in U.S. Government regulations, or (ii) subject to Export Laws that require controlled data handling, Customer will notify SISW personnel in advance of each instance of disclosure and will use the notification tools and methods specified by SISW.
Data Handling. A. Upon request, Contractor will make available to the State information about Contractor products and services and their locations of storage of State Records, in order to enable the State to purchase the applicable product or service where the storage location of State Records is located within the United States. If a Purchasing Entity elects to purchase a Good or Service with a FEDRAMP authorization to operate, then the State Records associated with that purchase will remain in the United States of America for the term of that purchase.
B. Upon request by the State made any time prior to 60 days following the termination of this Contract for any reason, whether or not the Contract is expiring or terminating, Contractor shall make available to the State complete download file(s) of all Customer Content Records.
i. Upon request, Contractor shall provide the State with information regarding encryption and authentication, if any, of such download file(s). [RESERVED].
ii. Upon the termination of Contractor’s provision of data processing services, Contractor shall, upon request by the State, destroy all such Customer Content and certify to the State that it has done so. If Contractor retains all or part of the State Records provided by the State to Contractor, Contractor shall maintain the confidentiality of all State Records provided by the State to Contractor and will not actively process such data anymore. During the terms of service where Contractor is storing Customer Content or any Subcontractor is storing Customer Content on behalf of Contractor, Contractor shall not interrupt or obstruct the State’s ability to access and retrieve Customer Content stored by Contractor or any Subcontractor.
C. During the Term of this Participating Addendum, the State retains the right to use the established operational services to access and retrieve Customer Content stored on Contractor’s infrastructure at its sole discretion and at any time.
Data Handling. This is a complementary issue to 3.2.5 and is relevant to the data sharing (T6.1 & T6.3), the preliminary sensor (T6.2) & food (T6.3) testing and the V1 (T6.
Data Handling. User information, namely score and completion of the information security awareness tutorials is collected in order to allow Campaign Managers to monitor and measure user progress. Similarly, user information from the Phishing Simulator is collected to measure user response and phishing awareness. Users who fall for simulated phishing attacks are redirected to on-the-spot training.
27.1 Information the Company collect and receive
(a) Account creation information · Email address · Full name · Passwords · Group membership · Time zone · Account preferences
(b) Information Security Awareness Campaign information · Attempts at tutorials · Answers to questions in tutorials · Progress through the curriculum of tutorials · User feedback on tutorials
(c) Phishing Simulator information · Simulated phishing emails opened · Engagement with simulated phishing email by replying, forwarding, deleting, opening attachments or clicking on embedded links to an email · Engagement with simulated phishing website by entering form data, click links, downloading files, clicking on images · Completion of on-the-spot training · Requests for further training
(d) Log information · IP Address · Browser type · Browser settings · Information on the webpage viewed before using the services · Date and time of use of services · Cookie Information
27.2 How the Company process user data
(a) Account creation information
(b) Information Security Awareness Campaign information The training tutorials are not only to educate personnel in Information Security but also to allow their progress to be tracked by the Campaign Manager. Completeness of training and scores from each tutorial will be saved for this purpose. Scores are calculated for each tutorial; these scores are calculated from the answers users give during the tutorials.
(c) Phishing Simulator campaign information The Phishing Simulator’s purpose is to increase personnel’s awareness in regards to the threat of phishing attacks and educate them on how to spot such attacks. It allows Campaign Managers to see how users react to receiving a simulated phishing email. This incorporates whether they open or engage with the emails (such as following a link within the email or reply to the email). This information may be recorded along with completeness of the on-the-spot training, so that Campaign Managers can be given progress reports. If users engage in a way where they fill out a form on a webpage, the information entered will not be submitt...
Data Handling. The Contractor shall handle all data received or generated under this contract as For Official Use Only (FOUO) material unless otherwise marked. Public release of unclassified, uncontrolled DoD information accessed under this contract shall be approved by the Contracting Officer, after it has been routed through the MCSC Security, Public Affairs and OPSEC representatives. The Contractor shall handle all information received or generated in accordance with its classification and be in compliance with all required PWS references and other required Government policies and procedures that include DOD/Navy/GCSS-MC PMO in the text of a Task Order.
Data Handling. When storing, receiving, transmitting, using, or otherwise handling data received from a Retirement System, the Actuary must comply with all applicable requirements of the Minnesota Government Data Practices Act.
Data Handling. A. Contractor may not maintain or forward these State Records to or from any other facility or location, except for the authorized and approved purposes of backup and disaster recovery purposes, without the prior written consent of the State. Contractor may not maintain State Records in any data center or other storage location outside the United States for any purpose without the prior express written consent of OIS.
B. Contractor shall not allow remote access to the State Records from outside the United States, including access by Contractor’s employees or agents, without the express written consent of OIS; provided however, Contractor may implement any data transfer to Contractor’s employees in India for legitimate business purposes including to provide any technical and customer support, maintenance, and troubleshooting as requested by the Purchasing Entity and to fulfill all other obligations under the Participating Addendum with due observation of all applicable laws and regulations and preservation of the confidentiality of the Purchasing Entity/Licensee Data. Contractor shall communicate any other request regarding non-U.S. access to State Records to the Security and Compliance Representative for the State. The State shall have sole discretion to grant or deny any such request.
C. Upon request by the State made any time prior to 60 days following the termination of this Contract for any reason, whether or not the Contract is expiring or terminating, Contractor shall make available to the State a complete download file of all State data.
i. This download file shall be made available to the State within 10 Business Days of the State’s request, shall be encrypted and appropriately authenticated, and shall contain, without limitation, all State Records, Work Product, and system schema and transformation definitions, or delimited text files with documents, detailed schema definitions along with attachments in its native format.
ii. Upon the termination of Contractor’s provision of data processing services, Contractor shall, as directed by the State, return all State Records provided by the State to Contractor, and the copies thereof, to the State or destroy all such State Records and upon request certify to the State that it has done so. If any legal obligation imposed upon Contractor prevents it from returning or destroying all or part of the State Records provided by the State to Contractor, Contractor shall guarantee the confidentiality of all State ...
