Data Protection and General Data Protection Regulation Sample Clauses

Data Protection and General Data Protection Regulation. We are required to gather certain personal data about clients and guests for the purposes of satisfying operational and legal obligations. This personal data will be subject to the appropriate legal safeguards as specified in the Data Protection Act 1998. We fully endorse and adhere to the principles of the General Data Protection Regulation. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. The principles require (amongst other things) that the personal data shall be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose. The purpose for which we hold your personal data is to carry out this Agreement, and we do not pass information on to third parties save for this purpose. We may use cookies on our website for the purpose of monitoring website usage, and we will ask for your consent, but do ask that you inform us if you do not consent to the use of these cookies. This Website collects some Personal Data from its Users. Underdale Property Management Ltd Cherry Tree House 00x Xxxxxxxxx Xxxx Xxxxxxxxxx XX0 0XX Owner contact email: xxxxx.xxxxxxxxxx@xxxxx.xxx Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies, Usage Data, email address, first name, last name, phone number, country, ZIP/Postal code, date of birth, city, address and company name. Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection. Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website. Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service. Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner. Any use of Cookies – or of other tracking tools – by this Website or by the owners of third-party services used by this Website serves the purpose of providing the Service required by the User, in addition to a...
AutoNDA by SimpleDocs
Data Protection and General Data Protection Regulation. 10.2.1. Where the NHS CFA receives a request for information under data protection laws, which captures personal or special category personal data provided by ACRO under this Agreement, the NHS CFA representative is to immediately contact the NPCC Data Protection Officer at: xxxx.xxxxxxxxxx@xxxx.xxx.xxxxxx.xx to ascertain whether the NPCC wishes to propose to the NHS CFA that they apply any relevant exemptions when responding to the applicant. 10.2.2. Where ACRO receives a Subject Access Request (SAR) under data protection laws which captures personal or special category personal data requested by the NHS CFA under this Agreement, the NPCC Data Protection Officer is to immediately contact the NHS CFA representatives to ascertain whether the NHS CFA wishes to propose to ACRO that they apply any relevant exemptions prior to responding to the applicant. 10.2.3. It is acknowledged that where the receiving party cannot comply with a request without disclosing information relating to another individual who can be identified from that information, it is not obliged to comply with the request, unless: a. The other individual has consented to the disclosure of the information to the person making the request; or b. It is reasonable in all the circumstances to comply with the request without the consent of the other individual. 10.2.4. In determining whether it is reasonable, regard shall be had to: a. Any duty of confidentiality owed to the other individual; b. Any steps taken by the Data Controller with a view to seeking consent of the other individual c. Whether the other individual is capable of giving consent; and, d. Any express refusal by the other individual. 10.2.5. It is acknowledged that the GDPR and the DPA provide rights for individuals in respect of their personal data in some circumstances. These include (but are not limited to): a. A right of access (noted above); b. A right to rectification; c. A right to erasure; d. A right to restrict processing; and e. Rights in relation to automated decision making and profiling. 10.2.6. In particular, where the NHS CFA receives a notice to erase or restrict personal data under the provisions of GDPR or DPA processed under this Agreement, the NHS CFA representative will contact the NPCC Data Protection Officer to alert them to the fact that a notice has been served: xxxx.xxxxxxxxxx@xxxx.xxx.xxxxxx.xx 10.2.7. Where ACRO receives a notice to erase or restrict personal data under the provisions of GDPR or DPA proce...

Related to Data Protection and General Data Protection Regulation

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.

  • PERSONAL DATA PROTECTION ACT 7.1. PAH is committed to protecting the privacy, confidentiality and security of all personal data to which it is entrusted. It has been our policy to ensure your personal information are protected. With the introduction of the Malaysian Personal Data Protection Act 2010 ("PDPA"), we are even committed to ensure the privacy and confidentiality and security of all personal data are protected in line with the PDPA. We process personal data which you have provided to us voluntarily through our website upon your registration and this includes personal data such as your name, address, NRIC and contact details. In this regards, you have expressly consent to our processing of your personal data. If you give us personal data or information about another person, you must first confirm that he/she has appointed you to act for him/her, to consent to the processing of his/her personal data and to receive on his/her behalf any data protection notices. We may request your assistance to procure the consent of such persons whose personal data is provided by you to us and you agree to do so. You shall indemnify us in the event we suffer loss and damage as a result of your failure to comply with the same. We will only retain your personal data for as long as necessary for the fulfilment of the specified purposes or as legislated 7.2. E-Bidders shall be responsible for the confidentiality and use of password and not to reveal the password to anyone at any time and under any circumstances whether intentionally or unintentionally. 7.3. E-Bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. In the event that the password is compromised, the E-Bidders shall immediately notify PAH.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Data Protection Legislation the UK Data Protection Legislation and any other European Union legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of Personal Data (including, without limitation, the privacy of electronic communications) and the guidance and codes of practice issued by the Information Commissioner or relevant government department in relation to such legislation.

  • Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them:

  • Compliance with Data Protection Laws 2.1 bookinglab shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data. 2.2 The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.

  • Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!