Data Protection Compliance. 4.1 All instructions given by the Data Controller to the Data Processor shall be made in writing and shall at all times be in compliance with the GDPR and other applicable laws. The Data Processor shall act only on such written instructions from the Data Controller unless the Data Processor is required by law to do otherwise (as per Article 29 of the GDPR).
4.2 The Data Processor shall promptly comply with any request from the Data Controller requiring the Data Processor to amend, transfer, delete, or otherwise dispose of the Personal Data.
4.3 The Data Processor shall transfer all Personal Data to the Data Controller on the Data Controller’s request in the formats, at the times, and in compliance with the Data Controller’s written instructions.
4.4 Both Parties shall comply at all times with the GDPR and other applicable laws and shall not perform their obligations under this Agreement or any other agreement or arrangement between themselves in such way as to cause either Party to breach any of its applicable obligations under the GDPR.
4.5 The Data Controller hereby warrants, represents, and undertakes that the Personal Data shall comply with the GDPR in all respects including, but not limited to, its collection, holding, and processing.
4.6 The Data Processor agrees to comply with any reasonable measures required by the Data Controller to ensure that its obligations under this Agreement are satisfactorily performed in accordance with any and all applicable legislation from time to time in force (including, but not limited to, the GDPR) and any best practice guidance issued by the ICO.
4.7 The Data Processor shall provide all reasonable assistance [(at the Data Controller’s cost)] to the Data Controller in complying with its obligations under the GDPR with respect to the security of processing, the notification of personal data breaches, the conduct of data protection impact assessments, and in dealings with the ICO.
4.8 When processing the Personal Data on behalf of the Data Controller, the Data Processor shall:
4.8.1 not process the Personal Data outside the [United Kingdom] OR [European Economic Area (all EU member states, plus Iceland, Liechtenstein, and Norway) (“EEA”)] without the prior written consent of the Data Controller and, where the Data Controller consents to such a transfer to a country that is outside of the EEA, to comply with the obligations of Data Processors under the provisions applicable to transfers of Personal Data to third countr...
Data Protection Compliance. 3.1. Each party shall deal promptly and in good faith with all reasonable and relevant enquiries from the other party relating to its processing of personal data in relation to this Agreement.
3.2. Each party shall, if it receives any complaint, notice or communication from a supervisory authority which relates to the other party's processing of personal data or a potential failure to comply with Applicable Data Protection Law, promptly forward such complaint, notice or communication to the other party and provide them with reasonable cooperation and assistance in relation to the same.
3.3. The parties agree that the responsibility for complying with any data subject request (in relation to any rights of data subjects or otherwise) falls to the party receiving the data subject request in respect of the personal data held by that party.
3.4. The parties agree to provide reasonable and prompt assistance, following a request for assistance from the other party, to enable the other party to comply with any data subject requests and to respond to any other queries or complaints from data subjects.
Data Protection Compliance. Are you aware of and are you compliant with the provisions of Data Protection Laws (as defined in paragraph 7 below)? Have you registered with the Information Commissioners Office (ICO)? Yes Yes No No
1. This application is made by the intermediary named overleaf (“You”). Once accepted by Octopus Real Estate, which is the trading name of each subsidiary company and subsidiary undertaking from time to time of [Octopus Investments Limited], including, without limitation, Bridgeco Ltd, Fern Trading Ltd and Octopus Property Lending Ltd (“we/ us”), a contract will be created between You and Us which incorporates all the terms shown on any page of this document.
2. We reserve the right to reject any application for a loan.
3. We will pay commission in respect of completed deals on the scale agreed with your Octopus Business Development Manager. The commission payable may be varied from time to time and we will write to you with updates as appropriate.
4. If You need to make any changes to this agreement, please notify us in writing on company headed paper.
5. If You deal with any work requiring authorisation under the Financial Services and Markets Act or any other legislation, You must maintain proper authorisation from the Financial Conduct Authority and / or any other relevant body. You must produce these to us for inspection when requested. You must notify us of any correspondence you receive from any relevant enforcement or regulatory body which alleges any failure by You to observe their requirements. You must also notify us of any events known to You which might give rise to such correspondence if those events were known to the relevant authority or regulator.
6. Where You are introducing any loan to Us including Consumer Credit exempt loans You warrant that you will comply with all regulatory requirements and obligations.
7. You must ensure that all your advertising literature, application documents and all procedures whether relating to work before or after a loan is made comply with all requirements of the law and of regulatory bodies relating to the provision of loans. You will need to consider in particular the various provisions made under the Consumer Credit Act, the fair processing information provisions of the Data Protection Xxx 0000, the EU General Data Protection Regulation (Regulation (EU) 2016/679) (from and including 25 May 2018) any other applicable law in any relevant jurisdiction that applies to the processing of data relating to living ...
Data Protection Compliance. 3.1 Each Party shall comply with all the obligations imposed on a controller under the Data Protection Legislation. Any material breach of the Data Protection Legislation by a Party in connection with the Data Sharing shall constitute a material breach of this Schedule 2.
3.2 Each Party shall:
(a) process the Shared Personal Data fairly and lawfully, each of them as a Data Controller;
(b) for each Agreed Purpose, ensure that it processes the Shared Personal Data on the basis of one of the legal grounds set out in Article 6 of the GDPR (Lawfulness of Processing) or Article 9 of the GDPR (Processing of special categories of personal data) (as applicable);
(c) inform, or otherwise make information available to the Data Subjects of the purposes for which it will process Personal Data and provide or make available all information that it must provide in accordance with its own applicable law to ensure that Data Subjects understand how their Personal Data will be processed by that Party;
(d) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data;
(e) not transfer any personal data outside the European Economic Area otherwise than in compliance with the Data Protection Legislation.
Data Protection Compliance. To the extent applicable, Vendor shall ensure and hereby represents and warrants that all personal data is properly collected, stored, processed, secured, archived or destroyed in compliance with Federal, State and applicable international privacy laws, including the EU General Data Protection Regulation 2016/679 (GDPR).
Data Protection Compliance. To the extent that any data or information belonging to the Client is personal data within the meaning of the Data Protection Xxx 0000 or equivalent legislation in the relevant territory:
a) the Agent will process such data and information only in accordance with the Client's instructions;
b) the Agent will not transmit such data and information to a country or territory outside the European Economic Area without the Client's prior express written consent; and
c) the Agent will take such technical and organisational measures against unauthorised or unlawful processing of such data and information and against accidental loss or destruction of, or damage to, such data and information as are appropriate to the Client as data controller.
Data Protection Compliance. The Company and its subsidiaries are presently in compliance in all material respects with, and at all prior times during the past three years, have been in compliance in all material respects with, all of their internal and external privacy policies and notices, contractual obligations binding upon any of them, and applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority, and all other legal obligations applicable to the Company or any of its subsidiaries, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal, disclosure or other processing by or on behalf of the Company or any of its subsidiaries of personal, personally identifiable, confidential or regulated data or information (collectively, “Data Protection Obligations,” and such data or information, “Protected Data”). Neither the Company nor any of its subsidiaries have received any written notification of or complaint regarding or are otherwise aware of any facts that, individually or in the aggregate, would reasonably indicate non-compliance by the Company or any of its subsidiaries with any Data Protection Obligation. There is no action, suit, investigation or proceeding against the Company or any of its subsidiaries by or before any court or governmental agency, authority or body pending or, to the knowledge of the Company, threatened in writing, against the Company or any of its subsidiaries, alleging non-compliance with any Data Protection Obligations by the Company or any of its subsidiaries.
Data Protection Compliance. 4.1 Each Party shall comply with all the obligations imposed on a controller under the Data Protection Legislation. Any material breach of the Data Protection Legislation by a Party in connection with the Data Sharing shall constitute a material breach of this Data Sharing Agreement.
4.2 The Centre shall:
(a) ensure that it has all necessary notices and consents in place to enable lawful transfer of the Shared Personal Data to the Permitted Recipients for the Agreed Purposes; and
(b) give full information to any Candidate whose personal data may be processed under this Data Sharing Agreement of the nature such processing.
4.3 The Parties shall:
(a) process the Shared Personal Data only for the Agreed Purposes;
(b) not disclose or allow access to the Shared Personal Data to anyone other than the Permitted Recipients;
(c) ensure that all Permitted Recipients are subject to written contractual obligations concerning the Shared Personal Data (including obligations of confidentiality) which are no less onerous than those imposed by this Agreement;
(d) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
(e) not transfer any personal data outside the EEA otherwise than in compliance with the Data Protection Legislation.
Data Protection Compliance. 29.1. The Parties will enter into a data processing agreement to govern any sharing of customer personal data before any sharing takes place. The Parties agree that each Party shall be an independent controller in respect of any customer personal data that they process and each shall comply with all applicable laws, regulations and provisions on data protection, including without limitation those of the England and Wales and the European Union, such as the UK Data Protection Act 2018 and the EU General Data Protection Regulation (Regulation (EU) 2016/679) (collectively referred to as the ‘Data Protection Legislation) in respect of the processing of customer personal data.
Data Protection Compliance. 13.1 To the extent that any data or information belonging to the Client or to the Employment Business is personal data within the meaning of the Data Protection Xxx 0000 or equivalent legislation in the territory:
(a) Each party will process such data and information only in accordance with the other party’s instructions;
(b) Each party will not transmit such data and information to a country or territory outside the European Economic Area without the other party’s prior express written consent; and
(c) Each party will take such technical and organisational measures against unauthorised or unlawful processing of such data and information and against accidental loss or destruction of, or damage to, such data and information as are appropriate to the other party as data controller.
