Common use of Data Privacy and Cybersecurity Clause in Contracts

Data Privacy and Cybersecurity. Each Party shall comply and shall ensure that its Personnel and other Representatives comply with, the provisions of any Data Protection Laws applicable to their conduct under or in connection with this Agreement. To the extent required under applicable Data Protection Laws with respect to the transfer of personal data, the Parties shall enter into (or to the extent required by such Data Protection Laws, cause their respective Affiliates to enter into) such other agreements as may be required by the applicable Data Protection Laws. Each Party shall implement adequate policies and commercially reasonable security measures regarding the integrity and availability of the information technology and software applications owned, operated, or outsourced by that Party, and the data and intellectual property thereon. In case one Party or its Affiliates experiences any of the following events, it shall, as soon as such Party is aware, use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within forty-eight (48) hours of a confirmed data breach involving the unauthorized access to or accidental or illicit destruction, loss, change, communication, or dissemination of information related to an identified or identifiable natural person provided by the other Party or its Affiliates or intellectual property; or any order issued by a judicial or administrative authority regarding data exchanged between the Parties under this Agreement. Each Party shall use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within forty-eight (48) hours of receiving data subject requests related to an identified or identifiable natural person provided by the other Party or its Affiliates, such as access, rectification and deletion requests; and any complaint regarding the processing of data related to an identified or identifiable natural person provided by the other Party or its Affiliates, including allegations that the processing operations violate data subject rights.

Data Privacy and Cybersecurity. Each Party shall comply and shall ensure that its Personnel and other Representatives comply with, the provisions of any Data Protection Laws applicable to their conduct under or in connection with this Agreement. To the extent required under applicable Data Protection Laws with respect to the transfer of personal data, the Parties shall enter into (or to the extent required by such Data Protection Laws, cause their respective Affiliates to enter into) such other agreements as may be required by the applicable Data Protection Laws. Each Party shall implement adequate policies and commercially reasonable security measures regarding the integrity and availability of the information technology and software applications owned, operated, or outsourced by that Party, and the data and intellectual property Intellectual Property thereon. In case one Party or its Affiliates experiences any of the following events, it shall, as soon as such Party is aware, use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within fortythirty-eight six (4836) hours of of: a confirmed data breach involving the unauthorized access to or accidental or illicit destruction, loss, change, communication, or dissemination of information related to an identified or identifiable natural person provided by the other Party or its Affiliates or intellectual propertyIntellectual Property; or any order issued by a judicial or administrative authority regarding data exchanged between the Parties under this Agreement. Each Party shall use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within fortythirty-eight six (4836) hours of receiving receiving: data subject requests related to an identified or identifiable natural person provided by the other Party or its Affiliates, such as access, rectification and deletion requests; and any complaint regarding the processing of data related to an identified or identifiable natural person provided by the other Party or its Affiliates, including allegations that the processing operations violate data subject rights.