Data Protection and Data Breach Sample Clauses

Data Protection and Data Breach a) The parties acknowledge that where Kineo processes personal data in connection with this Agreement, it is a processor of the Customer, who is the controller. The subject-matter of the data processing is the performance of the Services. Annex 1 sets out the nature, duration and purposes of the processing, the types of personal data Kineo processes and the categories of data subjects whose personal data is processed. b) Kineo shall: i. process the personal data only in accordance with documented instructions from the Customer. If Kineo is required to process the personal data for any other purpose by applicable laws to which Kineo is subject, Kineo will inform the Customer of this requirement first, unless such law(s) prohibit this on important grounds of public interest. It is acknowledged by the parties that Kineo shall be permitted to anonymise the personal data for the purposes of providing statistical analysis and consulting services without breach of this requirement. ii. at all times comply with applicable Data Protection Legislation and Privacy Laws and notify the Customer immediately if, in Kineo’s opinion, an instruction for the processing of personal data given by the Customer infringes applicable Data Protection Legislation and/or Privacy Laws; c) Kineo shall ensure that personnel required to access the personal data are subject to a binding duty of confidentiality in respect of such personal data. d) Kineo shall assist the Customer, always taking into account the nature of the processing: i. by appropriate technical and organisational measures and in so far as is possible, in fulfilling the Customer’s obligations to respond to requests from data subjects exercising their rights; and ii. in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, taking into account the information available to Kineo. e) Kineo shall implement and maintain appropriate technical and organisational measures to protect the personal data against unauthorised or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorised or unlawful processing, accidental loss, destruction, damage or theft of the personal data and having regard to the nature of the personal data which is to be protected. f) In the event of a suspected breach affecting the confidentiality, integrity or availability of personal data takes place,...
AutoNDA by SimpleDocs

Related to Data Protection and Data Breach

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Confidentiality and Data Protection We are a data controller for the information you provide to us including individual, identification and financial details, policy history and special category data (such as medical or criminal history). Details of our legal basis for processing your information, along with details of any third party recipient whom it may be necessary to share your personal data with in order to fulfil the contract, retention period for data held, security of your data, your rights under the UK General Data Protection Regulations (UK GDPR) including the right to complain can be found in our full ‘Privacy Notice’ attached to these terms of business and/or on our website at xxx.xxxxxxxxxxxxxxxx.xx.xx.

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!