Data Protection Act. 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor.
7.2 The Contractor shall:
7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term);
7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body;
7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department;
7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data;
7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services;
7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7;
7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department;
7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation;
7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department);...
Data Protection Act. 7.1.1 The Supplier shall (and shall procure that its entire Staff) comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Contract.
7.1.2 Notwithstanding the general obligation in Clause 7.1.1, where the Supplier is processing personal data (as defined by the DPA) as a data processor for the Authority (as defined by the DPA) the Supplier shall ensure that it has in place appropriate technical and organisational measures to ensure the security of the personal data (and to guard against unauthorised or unlawful processing of the personal data and against accidental loss or destruction of, or damage to, the personal data), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA; and
(a) provide the Authority with such information as the Authority may reasonably request to satisfy itself that the Supplier is complying with its obligations under the DPA;
(b) promptly notify the Authority of any breach of the security measures to be put in place pursuant to this clause; and
(c) ensure that it does not knowingly or negligently do or omit to do anything which places the Authority in breach of its obligations under the DPA.
7.1.3 The provisions of this clause shall apply during the Contract Period and indefinitely after the expiry of the Contract Period.
Data Protection Act. 23.1 The Supplier shall (and shall ensure that all of its Staff) comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Agreement.
23.2 Notwithstanding the general obligation in clause 23.1, where the Supplier is processing Personal Data (as defined by the DPA) as a Data Processor for the Customer (as defined by the DPA) the Supplier shall ensure that it has in place appropriate technical and organisational measures to ensure the security of the Personal Data (and to guard against unauthorised or unlawful processing of the Personal Data and against accidental loss or destruction of, or damage to, the Personal Data), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA; and
23.2.1 provide the Customer with such information as the Customer may reasonably request to satisfy itself that the Supplier is complying with its obligations under the DPA;
23.2.2 promptly notify the Customer of any breach of the security measures to be put in place pursuant to this clause; and
23.2.3 ensure that it does not knowingly or negligently do or omit to do anything which places the Customer in breach of the Customer’s obligations under the DPA.
24.1 The Supplier shall comply with, and shall ensure that its Staff comply with, the provisions of:
(a) the Official Secrets Acts 1911 to 1989; and
(b) Section 182 of the Finance Xxx 0000.
24.2 In the event that the Supplier or its Staff fail to comply with this clause, the Customer reserves the right to terminate the Agreement by giving notice in writing to the Supplier.
Data Protection Act. 23.1 The Supplier and its Staff will comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Contract.
Data Protection Act. 17.1 For the purposes of this Clause 17.1, the terms “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “Process” and “Processing shall have the meaning prescribed under the DPA.
17.2 The Contractor shall (and shall ensure that all of its Staff) comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Contract.
17.3 Notwithstanding the general obligation in clause 17.2, where the Contractor is processing Personal Data (as defined by the DPA) as a Data Processor for the Authority the Contractor shall:
(a) Process the Personnel Data only in accordance with instructions from the Authority (which may be specific instructions or instructions of a general nature) as set out in this Contract or as otherwise notified by the Authority;
(b) comply with all applicable laws;
(c) Process the Personal Data only to the extent; and in such manner as is necessary for the provision of the Provider’s obligations under this Contract or as is required by Law or any Regulatory Body;
(d) implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected;
(e) take reasonable steps to ensure the reliability of its staff and agents who may have access to the Personal Data;
(f) obtain prior written consent from the Authority in order to transfer the Personal Data to any sub- contractor for the provision of the Services;
(g) not cause or permit the Personal Data to be transferred outside of the European Economic Area without the prior consent of the Authority;
(h) ensure that all staff and agents required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 17.1;
(i) ensure that none of the staff and agents publish disclose or divulge any of the Personal Data to any third parties unless directed in writing to do so by the Authority not disclose Personnel Data to any third parties in any circumstances other than with the written consent of the Authority or in compliance with a legal oblig...
Data Protection Act. 24.1 The Supplier and all its Staff will comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Agreement.
24.2 Notwithstanding the general obligation in clause 24.1, where the Supplier is processing Personal Data (as defined by the DPA) as a Data Processor for the Customer (as defined by the DPA) the Supplier will ensure that it has in place appropriate technical and organisational measures to ensure the security of the Personal Data (and to guard against unauthorised or unlawful processing of the Personal Data and against accidental loss or destruction of, or damage to, the Personal Data), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA; and
24.2.1 provide the Customer with such information as the Customer may reasonably request to satisfy itself that the Supplier is complying with its obligations under the DPA;
24.2.2 promptly notify the Customer of:
(a) any breach of the security measures to be put in place pursuant to this clause;and
(b) any request for personal data;
Data Protection Act. As used herein, "Personal Data" and "Data Controller" have the meanings attributed to them in the Data Protection Act 1998. SELLER shall, with respect to all Personal Data furnished by LOCKHEED XXXXXX to SELLER or otherwise acquired by SELLER in the performance of this Contract, comply strictly with all requirements of the Data Protection Act 1998 as if it were the Data Controller of such personal data.
Data Protection Act. 14.1 The Contractor fully indemnifies the Secretary of State, his servants or agents against the costs of dealing with any claims made in respect of information subject to the Data Protection Act 1998, which claims would not have arisen but for some act, omission of negligence on the part of the Contractor, sub-contractors or staff.
Data Protection Act. The Intermediary undertakes to comply with the provisions of the Data Protection Acts and the General Data Protection Regulation. The Intermediary and Xxxxxxx agree that where the intermediary or Thomond processes personal data under or in connection with the Agreement it alone determines the purposes and means of processing as a controller. Where Policyholder Data is supplied to Thomond by the Intermediary for the purposes of this agreement, Thomond shall be entitled to deem that data is obtained, used & retained in line with the Data Protection Acts & General Data Protection Regulation. All Data will be treated confidentially and will be used to provide and administer insurance products and financial services. Data may be shared in order to comply with legal obligations imposed on the firm.
Data Protection Act. The Contractor shall (and shall procure that any of its Staff involved in the provision of the Agreement) comply with any notification requirements under the Data Protection Act 1998 (“DPA”) and both Parties will duly observe all their obligations under the DPA which arise in connection with the Agreement.
