Data Protection and Information Security Sample Clauses
Data Protection and Information Security. 1.1 The GLA authorises the Grantee, to Process the Agreement Personal Data during the term of this Agreement as a Processor solely for the purpose and to the extent described in Schedule 14.
1.2 In performing the Services and its other obligations under this Agreement the Grantee will:
1.2.1 comply with the Data Protection Laws;
1.2.2 not cause the GLA to breach any obligation under the Data Protection Laws; and
1.2.3 notify the GLA without undue delay if it identifies any areas of actual or potential non- compliance with the Data Protection Laws or this Schedule 13, without prejudice to its obligations to comply with, or to any rights or remedies which the GLA may have for breach of, the Data Protection Laws or this Schedule 13.
1.3 The Grantee will not engage or use any third party for the Processing of Agreement Personal Data or permit any third party to Process Agreement Personal Data without the prior written consent of the GLA.
1.4 If the Grantee appoints a Sub-Processor, the Grantee will ensure that, prior to the Processing taking place, there is a written Grant Agreement in place between the Grantee and the Sub- Processor that specifies the Sub-Processor’s Processing activities and imposes on the Sub- Processor the same terms as those imposed on the Grantee in this Schedule 13. The Grantee will procure that Sub-Processors will perform all obligations set out in this Schedule 13 and the Grantee will remain responsible for all acts and omissions of Sub-Processors as if they were its own.
1.5 The Grantee will:
1.5.1 Process the Agreement Personal Data only on documented instructions (including this Agreement) from the GLA (unless the Grantee or the relevant Sub-Processor is required to Process Agreement Personal Data to comply with United Kingdom, European Union (as it is made up from time to time) or European Union member state Applicable Laws, in which case the Grantee will notify the GLA of such legal requirement prior to such Processing unless such Applicable Laws prohibit notice to the GLA on public interest grounds);
1.5.2 immediately inform the GLA in writing if, in its reasonable opinion, any instruction received from the GLA or a member of its Group infringes any Data Protection Laws;
1.5.3 without prejudice to paragraph 1.5.1, ensure that Agreement Personal Data will only be used for the purpose and to the extent described in Schedule 14;
1.5.4 without prejudice to paragraph 1.5.3, not without the prior written consent of the GLA:
Data Protection and Information Security. In addition to any other information security provisions set forth in this Agreement, Supplier shall comply with the provisions of the Data Protection Addendum attached hereto as Exhibit C which is hereby incorporated into this Agreement as if set forth fully herein. To the extent there is any conflict between the terms of the Data Protection Addendum and the terms of the body of this Agreement, the terms of the Data Protection Addendum shall prevail.
Data Protection and Information Security. 6.1. The Data Protection and Information Security Addendum available at xxxxx://xxx.xx.xxx/legal-privacy/ is incorporated into these Conditions.
Data Protection and Information Security. 4.1 For the purposes of this clause 4, the terms process, processes, processing, personal data, controller and data subject have the meanings given in the Data Protection Legislation. “Data Protection Legislation” means the Data Protection Law DIFC Law No. 5 of 2020, any applicable data protection laws including any subordinate legislation, regulation or guidance issued by the relevant authority and the requirements of the Information Security Regulations for public and semi-public sectors of the Dubai Government in so far as they may be applicable to the information of Dubai Government Members provided to the Trustee.
Data Protection and Information Security. 15.1 The Parties recognise that they shall each be processing Personal Data in connection with the performance of their obligations and/or exercise of their rights under this Agreement and that the factual arrangement between them shall dictate the role of each Party (as to data controller or data processor) in respect of the Data Protection Laws. Notwithstanding the forgoing, and subject to any application of 15.2 below, the Parties agree and acknowledge that where either Party processes Personal Data pursuant to or in relation to this Agreement, that Party will be carrying out the processing for its own purposes, and as such will be a data controller under the Data Protection Laws.
15.2 No Party (or any sub-contractor of a Party) shall act as a data processor of the other Party unless expressly agreed in writing. Each Party acknowledges and agrees that any such agreed data processing can only take place after appropriate contractual arrangements have been put in place between the Parties ensuring that such data processing is carried out in compliance with applicable Data Protection Laws.
15.3 Each Party shall at all times comply with its or their respective obligations under all applicable Data Protection Laws to the extent such Data Protection Laws applies to it in connection with the performance of its obligations or exercise of its rights under this Agreement.
15.4 The Parties shall ensure they have made all necessary registrations and notifications of their particulars in accordance with applicable Data Protection Laws and shall ensure that such registrations and notifications are kept accurate and up to date during the term of this Agreement. You shall supply on request to any Lender a copy of such registrations and notifications, together with any amended particulars that may be filed from time to time.
15.5 You shall ensure that you obtain consent from the Applicant prior to the transfer of their Personal Data to the relevant Lender in connection with any Mortgage Application.
15.6 In addition to and notwithstanding any other right or obligation arising under this Agreement, you shall (and shall procure that all Personnel shall):
15.6.1 take all appropriate technical and organisational measures necessary or desirable to ensure that Personal Data you process is protected against loss, destruction and damage, and against unauthorised access, use, modification, disclosure or other misuse;
15.6.2 take all technical and organisational security measures...
Data Protection and Information Security. 7.1 Both parties will comply with all their obligations under GDPR data protection legislation, which arise in connection with the MoU.
7.2 Both parties agree that they will not share any personal data in connection with the MoU, except the names of the parties signing this agreement, which will be processed by the parties in compliance with data protection legislation.
7.3 Both parties agree that where it becomes necessary to share any further data, the parties will enter into a legally binding data processing agreement.
Data Protection and Information Security. Addendum effective from 1 September 2023 (the “Addendum”). This Addendum is incorporated into the QA General Terms of Sale available at xxxxx://xxx.xx.xxx/legal- privacy/ (the “General Terms”).
Data Protection and Information Security. 14.1 AST’s obligations with respect to data protection and information security are limited to keeping the Services secure in line with AST’s obligations under Applicable Data Protection Laws. In particular, AST will take appropriate technical and organisational measures to safeguard the security of any airtime services that it provides in conjunction with the provider of any network on which the airtime services rely and will take steps to protect Personal Data that is stored or transmitted using such services.
14.2 Insofar as AST processes any End User Data on behalf of the Customer as a processor, AST shall comply with its obligations pursuant to Schedule 8 (Data Processing Terms). For the avoidance of doubt, AST shall not be a processor acting on behalf of the Customer in respect of any Airtime or Hardware that it supplies to the Customer, but may be a processor with respect to personal data that is processed via the AST Portal.
14.3 Save as provided for in clauses 14.1 and 14.2, the Customer shall retain responsibility for all content (comprising any speech, music, sounds, visual images or data of any description) of any electronic communication, including the content of electronic messages and any traffic data, telemetry data, location data or other data (“Content Data”) generated or transmitted using Hardware, Software, Airtime, Services or Deliverables supplied by AST and for all transfers of such Content Data to any third country, whether such transfers are made from any User to the Customer, from the Customer to any User or from the User or the Customer to any third party or from any third party to any Customer or User.
14.4 The Customer acknowledges that AST’s privacy notice is available at: xxxxx://xxx.xxx-xxxxxxxx.xxx/privacy-policy and agrees to disclose AST’s privacy notice to its Users (and where appropriate End Users).
14.5 Without limiting the foregoing, the Customer will be responsible for:
(a) Preventing unauthorised use of the Hardware, Airtime, Software, Services and Deliverables that it receives or uses pursuant to each Contract;
(b) maintaining the security of all systems, network elements and equipment within its (or its employees', agents' or contractors') control;
(c) maintaining (and ensuring that each of its authorised users maintains) the integrity and secrecy of all passwords, log- in details and access codes used for the purposes of accessing or using the Hardware, Software, Airtime, Services or Deliverables or any systems, ...
Data Protection and Information Security. 17.1 The Parties agree that, for the purposes of processing of Personal Data collected by AVEVA or shared by Customer with AVEVA in connection with the performance of this Agreement, AVEVA will act for all purposes as an independent Controller, and no joint controllership (or equivalent concept under Applicable Data Protection Legislation) over any such Personal Data arises as between AVEVA and the Customer. If AVEVA and the Customer are determined to be joint Controllers (or equivalent) in respect of any such Personal Data by any court in the UK or the European Economic Area (EEA), or by any government authority with responsibility for data privacy, or an equivalent finding is made by a competent court or authority elsewhere:
17.1.1 the Customer shall ensure that it (or its Affiliate) has a legal basis for processing, including all necessary and appropriate consents and notices, to enable the lawful transfer of the Personal Data to AVEVA for the duration and purposes of this Agreement;
17.1.2 the Customer shall ensure that it informs Users and individuals whose Personal Data the Customer discloses to or otherwise shares with AVEVA about AVEVA’s processing of their Personal Data pursuant to this Agreement;
17.1.3 each Party shall comply with all Applicable Data Protection Legislation in connection with all such processing of Personal Data, and shall provide, upon request of the other Party, all information necessary to demonstrate such compliance; and
17.1.4 subject to the provisions of Clause 22, each Party shall indemnify the other Party for any and all Damages reasonably incurred by the other Party as a result of the failure by the indemnifying Party to comply with its obligations as Controller under the Applicable Data Protection Legislation.
17.2 The Parties agree that if AVEVA is determined by any court or any government authority with responsibility for data privacy in the UK, the EEA or Switzerland, to be a Processor with respect to any Personal Data on behalf of the Customer, or an equivalent finding is made by a competent court or authority elsewhere, the Data Processing Addendum shall apply to such processing of Personal Data.
17.3 The Customer undertakes, represents and warrants that it has the right to share with AVEVA any and all Personal Data provided by the Customer to AVEVA.
17.4 Whenever there is a Restricted Transfer from the EEA to any country outside the EEA, the transfer shall be governed by the EEA SCC which is hereby incorporated in...
Data Protection and Information Security. § 29.1 SUPPLIER undertakes to take notice and to comply with the most recent version of any data protection regulations, especially the rules of the EU-GDPR, as far as applicable to SUPPLIER.
§ 29.2 SUPPLIER undertakes to educate and train all employees and sub-suppliers/ subcontractors with regards to the relevant data protection regulations and to appropriately oblige them to data confidentiality. SUPPLIER undertakes specially to take measures to assure data protection through privacy by design and privacy settings by default.
§ 29.3 SUPPLIER undertakes to support PANKL in any events relevant for data protection in connection with deliveries and / or services applying these Purchasing Conditions. If SUPPLIER handles personal data of PANKL as processor, it shall do so exclusively based on PANKL’s instructions and shall conclude a separate data processing agreement in accordance with Article 28, Paragraph 3 of the EU-GDPR.
§ 29.4 SUPPLIER explicitly assures PANKL that it will implement and maintain appropriate technical, organizational, and other protective measures to safeguard orderly protection of all PANKL’s information and data. This includes among other things that SUPPLIER shall not transfer any confidential information which SUPPLIER receives by PANKL to any laptop computer or any portable storage media, which can be removed from SUPPLIER’s premises, except such data is encrypted and such data is stored on the portable storage media only to allow safeguarding of such data outside SUPPLIER’s premises.
§ 29.5 SUPPLIER shall use reasonable efforts to prevent the loss or theft of passwords as well as the unauthorized access or use of PANKL’s data and information. SUPPLIER shall notify PANKL immediately about any type of password loss or theft or any type of unauthorized access or use of PANKL’s data or information. SUPPLIER shall utilize protective measures and physical security procedures with regards to access and privacy of PANKL’s confidential information and data, which at least represent the industry standard for such premises, and which assure appropriate technical and organizational protection against unintended or unlawful loss or modification, unauthorized disclosure or access of PANKL’s confidential information or data. SUPPLIER assures that it utilizes processes and security procedures to keep its information systems free from viruses and similar defaults.
§ 29.6 SUPPLIER undertakes to notify PANKL immediately, but in any case, no later tha...