Data Protection Sample Clauses

Data Protection. All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

Data Protection. All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 2018/1725 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending organisation, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation1 (Court of Auditors or European Antifraud Office (OLAF)). The participant may, on written request, gain access to their personal data and correct any information that is inaccurate or incomplete. They should address any questions regarding the processing of their personal data to the sending organisation and/or the National Agency. The participant may lodge a complaint against the processing of their personal data to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

Data Protection. 22.1 With respect to the Parties' rights and obligations under this Framework Agreement, the Parties agree that the Authority is the Data Controller and that the Supplier is the Data Processor. 22.2 The Supplier shall: 22.2.1 Process the Personal Data only in accordance with instructions from the Authority (which may be specific instructions or instructions of a general nature as set out in this Framework Agreement or as otherwise notified by the Authority to the Supplier during the Term); 22.2.2 Process the Personal Data only to the extent, and in such manner, as it necessary for the provision of the Services or as is required by Law or any Regulatory Body; 22.2.3 implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected; 22.2.4 take all reasonable steps to ensure the reliability of any Supplier’s Staff who have access to the Personal Data; 22.2.5 obtain prior Approval from the Authority in order to transfer the Personal Data to any Sub-Contractors or Affiliates for the provision of the Services; 22.2.6 ensure that all Supplier Staff required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this Clause 22 (Data Protection); 22.2.7 ensure that none of Supplier’s Staff publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Authority; 22.2.8 notify the Authority within five (5) Working Days if it receives: (a) a request from a Data Subject to have access to that person's Personal Data; or (b) a complaint or request relating to the Authority's obligations under the Data Protection Legislation; 22.2.9 provide the Authority with full cooperation and assistance in relation to any complaint or request made, including by: (a) providing the Authority with full details of the complaint or request; (b) complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Authority's instructions; (c) providing the Authority with any Personal Data it holds in relati...

Data Protection. The Administrator shall implement and maintain a comprehensive written information security program that contains appropriate security measures to safeguard the personal information of the Trust’s shareholders, employees, directors and/or officers that the Administrator receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver’s license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.

Data Protection. 8.1. The sending organisation shall provide the participants with the relevant privacy statement for the processing of their personal data before these are encoded in the electronic systems for managing the Erasmus+ mobilities.

Data Protection. 9.1. From time to time and in connection with the Services DST may obtain access to certain personal information from the Fund (including, without limitation, Customer Information). Personal information relating to the Fund and its Affiliates, directors, officers, employees, agents, current and prospective Fund shareholders, plan sponsors and plan participants may be processed by DST and its Affiliates. Each Fund consents to the transmission and processing of such information within and outside the United States in accordance with applicable Law. 9.2. DST will notify the Fund without undue delay after becoming aware of any confirmed unauthorized access to, or acquisition, use, loss, destruction, alteration or compromise of Confidential Information (including, without limitation, Customer Information) of the Fund (“Security Breach”) maintained on DST’s computers, hardware, networks or systems, including any third party data centers, or of any Security Breach occurring at any sub-custodian, agent or service provider of DST, and will provide reasonable assistance to the Fund in its notification of that breach to the relevant supervisory authority and those individuals impacted, as required by applicable Law. DST will not disclose or use Personal Information obtained from or on behalf of the Fund except in accordance with the lawful instructions of the Fund to carry out DST’s obligations under, or as otherwise permitted pursuant to the terms of, its agreements with the Fund and to comply with applicable Law. 9.3. Notwithstanding anything to the contrary contained in Section 13.3, DST shall maintain at a location other than its normal location appropriate redundant facilities for operational back up in the event of a power failure, disaster or other interruption. DST shall continuously back up Fund records and shall store the back up in a secure manner at a location other than its normal location, so that, in the event of a power failure, disaster or other interruption at such normal location, the Fund records, will be maintained intact and will enable DST to perform under this Agreement. DST will maintain a comprehensive business continuity plan and will provide an executive summary of such plan upon reasonable request of the Fund. Without limiting the foregoing, DST will test the adequacy of its business continuity plan at least annually and upon request, the Fund may participate in such test. Upon request by the Fund, DST will provide the Fund with a letter ...

Data Protection. 10.1 The Local Manager will, in connection with the Sub-Advisory Agreement, comply (where applicable) with the UK Data Protection Xxx 0000 and other applicable data protection laws and regulations (together, the “Data Protection Laws”). 10.2 The Investment Adviser will comply (where applicable) with the Data Protection Laws and (where applicable) take all reasonable steps to ensure that it has obtained all necessary consents for the Local Manager to process any personal data for the purposes of the Agreement.

Data Protection. The Transfer Agent will implement and maintain a comprehensive written information security program that contains appropriate security measures to safeguard the personal information of the Trust’s shareholders, employees, directors and/or officers that the Transfer Agent receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) drivers license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.

Data Protection. The Parties acknowledge that for the purposes of the Data Protection Legislation, the Customer is the Controller and the Supplier is the Processor unless otherwise specified in Contract Schedule 7. The only processing that the Processor is authorised to do is listed in Contract Schedule 7 by the Controller and may not be determined by the Processor. The Processor shall notify the Controller immediately if it considers that any of the Controller's instructions infringe the Data Protection Legislation. The Processor shall provide all reasonable assistance to the Controller in the preparation of any Data Protection Impact Assessment prior to commencing any processing. Such assistance may, at the discretion of the Controller, include: a systematic description of the envisaged processing operations and the purpose of the processing; an assessment of the necessity and proportionality of the processing operations in relation to the Services; an assessment of the risks to the rights and freedoms of Data Subjects; and the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of Personal Data. The Processor shall, in relation to any Personal Data processed in connection with its obligations under this Agreement: process that Personal Data only in accordance with Contract Schedule 7, unless the Processor is required to do otherwise by Law. If it is so required the Processor shall promptly notify the Controller before processing the Personal Data unless prohibited by Law; ensure that it has in place Protective Measures, which are appropriate to protect against a Data Loss Event, which the Controller may reasonably reject (but failure to reject shall not amount to approval by the Controller of the adequacy of the Protective Measures), having taken account of the: nature of the data to be protected; harm that might result from a Data Loss Event; state of technological development; and cost of implementing any measures; ensure that : the Processor Personnel do not process Personal Data except in accordance with this Agreement (and in particular Schedule 7); it takes all reasonable steps to ensure the reliability and integrity of any Processor Personnel who have access to the Personal Data and ensure that they:

Data Protection. The Participant consents to the collection and processing (including international transfer) of personal data as set out in Appendix A for the purposes specified therein.