Data Protection Conditions Sample Clauses

Data Protection Conditions. 5.1. Subject to clause 5.5, where Personal Data are Processed in connection with the exercise of each of our rights and obligations under this agreement, we each acknowledge that you are the Controller and that we are the Processor. 5.2. Details of the Processing we carry out on your behalf under this agreement are set out at Part 1 of Schedule 2 (Details of Data Processing) and details of each of our responsibilities for Processing are set out at Part 2 of Schedule 2 (Details of Data Processing). We each agree to update Schedule 2 (Details of Data Processing) as necessary during the term of this agreement to reflect any changes in Processing. Each updated version of Schedule 2 (Details of Data Processing) shall form part of this agreement. 5.3. We shall: 5.3.1. Process the Personal Data only in accordance with documented instructions from you. Those instructions include to perform our obligations under this agreement, and not to transfer Personal Data to a Restricted Country, unless required to do so by European Law to which we are subject; in such a case, we shall inform you of that legal requirement before Processing, unless that European Law prohibits such information on important grounds of public interest; 5.3.2. ensure that persons authorised to Process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; 5.3.3. take all measures required pursuant to Article 32 GDPR; 5.3.4. comply with the following conditions for engaging another Processor (a "Sub-Processor"): 5.3.4.1. we shall not engage a Sub-Processor without your prior specific or general written authorisation. In the case of general written authorisation, we shall inform you of any intended changes concerning the addition or replacement of Sub-Processors, thereby giving you the opportunity to object to such changes; and 5.3.4.2. where we engage a Sub-Processor for carrying out specific Processing activities on your behalf, the same data protection obligations as set out in this agreement and in Data Protection Legislation shall be imposed on that Sub-Processor by way of a contract (if not directly imposed by Data Protection Legislation), in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the Processing will meet the requirements of Data Protection Legislation. Where that Sub-Processor fails to fulfil its data protection obligations, we s...
Sample 1Sample 2
AutoNDA by SimpleDocs
Data Protection Conditions. ‌ 6.1. Subject to clause 6.5, where Personal Data are Processed in connection with the exercise of each of our rights and obligations under this agreement, we each acknowledge that you are the Controller and that we are the Processor. 6.2. Details of the Processing we carry out on your behalf under this agreement are set out at Part 1 of Schedule 2 (Details of Data Processing) and details of each of our responsibilities for Processing are set out at Part 2 of Schedule 2 (Details of Data Processing). We each agree to update Schedule 2 (Details of Data Processing) as necessary during the term of this agreement to reflect any changes in Processing. Each updated version of Schedule 2 (Details of Data Processing) shall form part of this agreement. 6.3. We shall: 6.3.1. Process the Personal Data only in accordance with documented instructions from you. Those instructions include to perform our obligations under this agreement, and not to transfer Personal Data to a Restricted Country, unless required to do so by European Law to which we are subject; in such a case, we shall inform you of that legal requirement before Processing, unless that European Law prohibits such information on important grounds of public interest; 6.3.2. ensure that persons authorised to Process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
Sample 1
Data Protection Conditions. 8.1 Subject to paragraph 8.5, where Personal Data is processed in connection with the exercise of each of our rights and obligations under this agreement, we each acknowledge that you are the Controller and that we are the Processor. 8.2 Details of responsibilities that each of us have as Processors and any associated rights arising (in compliance with our respective obligations under Article 28(3)) are set out in Part 2 of the Schedule to this Appendix and details of responsibilities that each of us has as Controllers and any associated rights arising (in compliance with our respective obligations under Article 32) are set out in Part 3 of the Schedule to this Appendix. We each agree that we shall duly comply with our obligations under these respective Parts of the Schedule. 8.3 We shall: 8.3.1 process the User Data only in accordance with documented instructions from you. Those instructions include to perform our obligations under this Agreement, and not to transfer Personal Data to a Restricted Country, unless required to do so by any legal obligation we become subject to. In such a case, we shall inform you of that legal requirement before Processing, unless we are for any reason prohibited from doing so on important grounds of public interest; 8.3.2 ensure that persons authorised to Process the User Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; 8.3.3 take all measures required pursuant to Article 32; 8.3.4 comply with the following conditions for engaging another Processor (a "Sub-Processor"): 8.3.4.1 subject to the existing arrangements that we have in place referred to in Paragraph 6 above we shall not engage a Sub-Processor without your prior specific or general written authorisation. In the case of general written authorisation, we shall inform you of any intended changes concerning the addition or replacement of Sub- 8.3.4.2 where we engage a Sub-Processor for carrying out specific Processing activities on your behalf, the same Data Protection Obligations as set out in this agreement and in Data Protection Legislation shall be imposed on that Sub-Processor by way of a contract (if not directly imposed by Data Protection Legislation), in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the Processing will meet the requirements of Data Protection Legislation. Where that Sub-Processor fails to fulfil...
Sample 1

Related to Data Protection Conditions

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

  • Data Protection Impact Assessment If, pursuant to Data Protection Law, Customer (or its Controllers) are required to perform a data protection impact assessment or prior consultation with a regulator, at Customer’s request, SAP will provide such documents as are generally available for the Cloud Service (for example, this DPA, the Agreement, audit reports or certifications). Any additional assistance shall be mutually agreed between the Parties.

  • Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.

  • Rights Protection Mechanisms and Abuse Mitigation ­‐ Registry Operator commits to implementing and performing the following protections for the TLD: i. In order to help registrars and registrants identify inaccurate data in the Whois database, Registry Operator will audit Whois data for accuracy on a statistically significant basis (this commitment will be considered satisfied by virtue of and for so long as ICANN conducts such audits). ii. Work with registrars and registrants to remediate inaccurate Whois data to help ensure a more accurate Whois database. Registry Operator reserves the right to cancel a domain name registration on the basis of inaccurate data, if necessary. iii. Establish and maintain a Domains Protected Marks List (DPML), a trademark protection service that allows rights holders to reserve registration of exact match trademark terms and terms that contain their trademarks across all gTLDs administered by Registry Operator under certain terms and conditions. iv. At no cost to trademark holders, establish and maintain a Claims Plus service, which is a notice protection mechanism that begins at the end of ICANN’s mandated Trademark Claims period. v. Bind registrants to terms of use that define and prohibit illegal or abusive activity. vi. Limit the use of proxy and privacy registration services in cases of malfeasance. vii. Consistent with the terms of this Registry Agreement, reserve the right to exclude from distribution any registrars with a history of non-­‐compliance with the terms of the Registrar Accreditation Agreement. viii. Registry Operator will be properly resourced to perform these protections.

  • Child Support Compliance Act If the Contract Amount is $100,000 or more, this section is applicable. Contractor recognizes the importance of child and family support obligations and fully complies with (and will continue to comply with during the Term) all applicable state and federal laws relating to child and family support enforcement, including disclosure of information and compliance with earnings assignment orders, as provided in Family Code section 5200 et seq. Contractor provides the names of all new employees to the New Hire Registry maintained by the California Employment Development Department.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.

  • Workplace Violence Prevention and Crisis Response (applicable to any Party and any subcontractors and sub-grantees whose employees or other service providers deliver social or mental health services directly to individual recipients of such services): Party shall establish a written workplace violence prevention and crisis response policy meeting the requirements of Act 109 (2016), 33 VSA §8201(b), for the benefit of employees delivering direct social or mental health services. Party shall, in preparing its policy, consult with the guidelines promulgated by the U.S. Occupational Safety and Health Administration for Preventing Workplace Violence for Healthcare and Social Services Workers, as those guidelines may from time to time be amended. Party, through its violence protection and crisis response committee, shall evaluate the efficacy of its policy, and update the policy as appropriate, at least annually. The policy and any written evaluations thereof shall be provided to employees delivering direct social or mental health services. Party will ensure that any subcontractor and sub-grantee who hires employees (or contracts with service providers) who deliver social or mental health services directly to individual recipients of such services, complies with all requirements of this Section.

  • Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them:

  • Data Protection Impact Assessment and Prior Consultation Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!