Common use of DATA INCIDENT MANAGEMENT AND NOTIFICATION Clause in Contracts

DATA INCIDENT MANAGEMENT AND NOTIFICATION. Processor maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws, shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data Processed by Processor on behalf of the Customer (a “Data Incident”). Processor shall make reasonable efforts to identify and take those steps as Processor deems necessary and reasonable in order to remediate and/or mitigate the cause of such Data Incident to the extent the remediation and/or mitigation is within Processor’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or anyone who uses the Services on Customer’s behalf. Customer will not make, disclose, release or publish any finding, admission of liability, communication, notice, press release or report concerning any Data Incident which directly or indirectly identifies Processor (including in any legal proceeding or in any notification to regulatory or supervisory authorities or affected individuals) without Processor’s prior written approval, unless, and solely to the extent that, Customer is compelled to do so pursuant to applicable Data Protection Laws. In the latter case, unless prohibited by such laws, Customer shall provide Processor with reasonable prior written notice to provide Processor with the opportunity to object to such disclosure and in any case Customer will limit the disclosure to the minimum scope required.

DATA INCIDENT MANAGEMENT AND NOTIFICATION. Processor Hunters maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws, shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data Processed by Processor Hunters on behalf of the Customer (a “Data Incident”). Processor Hunters shall make reasonable efforts to identify and take those steps as Processor Hunters deems necessary and reasonable in order to remediate and/or mitigate the cause of such Data Incident to the extent the remediation and/or mitigation is within Processor’s Hunters’ reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or anyone who uses the Services Service on Customer’s behalf. Customer will not make, disclose, release release, or publish any finding, admission of liability, communication, notice, press release release, or report concerning any Data Incident which directly or indirectly identifies Processor Hunters (including in any legal proceeding or in any notification to regulatory or supervisory authorities or affected individuals) without Processor’s Hunters’ prior written approval, unless, and solely to the extent that, Customer is compelled to do so pursuant to applicable Data Protection Laws. In the latter case, unless prohibited by such laws, Customer shall provide Processor Hunters with reasonable prior written notice to provide Processor Hunters with the opportunity to object to such disclosure disclosure, and in any case case, Customer will limit the disclosure to the minimum scope required.

DATA INCIDENT MANAGEMENT AND NOTIFICATION. Processor maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws, shall notify Customer Client without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data Processed by Processor on behalf of the Customer Client (a “Data Incident”). Processor shall make reasonable efforts to identify and take those steps as Processor deems necessary and reasonable in order to remediate and/or mitigate the cause of such Data Incident to the extent the remediation and/or mitigation is within Processor’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer Client or anyone who uses the Services on CustomerClient’s behalf. Customer Client will not make, disclose, release or publish any finding, admission of liability, communication, notice, press release or report concerning any Data Incident which directly or indirectly identifies Processor (including in any legal proceeding or in any notification to regulatory or supervisory authorities or affected individuals) without Processor’s prior written approval, unless, and solely to the extent that, Customer Client is compelled to do so pursuant to applicable Data Protection Laws. In the latter case, unless prohibited by such laws, Customer Client shall provide Processor with reasonable prior written notice to provide Processor with the opportunity to object to such disclosure and in any case Customer Client will limit the disclosure to the minimum scope required.

DATA INCIDENT MANAGEMENT AND NOTIFICATION. Processor maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws, shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data Processed by Processor on behalf of the Customer (a “Data Incident”). Processor shall make reasonable efforts to identify and take those steps as Processor deems necessary and reasonable in order to remediate and/or mitigate the cause of such Data Incident to the extent the remediation and/or mitigation is within Processor’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or anyone who uses the Services Service on Customer’s behalf. Customer will not make, disclose, release or publish any finding, admission of liability, communication, notice, press release or report concerning any Data Incident which directly or indirectly identifies Processor (including in any legal proceeding or in any notification to regulatory or supervisory authorities or affected individuals) without Processor’s prior written approval, unless, and solely to the extent that, Customer is compelled to do so pursuant to applicable Data Protection Laws. In the latter case, unless prohibited by such laws, Customer shall provide Processor with reasonable prior written notice to provide Processor with the opportunity to object to such disclosure and in any case case, Customer will limit the disclosure to the minimum scope required.