Data Protection Obligations Sample Clauses

Data Protection Obligations. Each Party shall be separately responsible for compliance with its obligations under the applicable Data Protection Laws (including, but not limited to, the GDPR), in its capacity as Data Controller of the Personal Data processed in the context of this Agreement. The Parties agree that to the extent required under applicable Data Protection Laws, Company shall obtain the consent of the relevant Data Subject(s) for the Service(s) and shall provide the relevant Data Subject(s) with a link to the Azimo privacy policy. Each Party shall, but not limited to, ensure in respect of any Personal Data shared by the other Party: 11.5.1. That it has in place appropriate technical and organizational security arrangements to ensure a level of security appropriate to the data security risks presented by the processing of Personal Data when such Personal Data is under its control. 11.5.2. Any transfers of Personal Data outside the United Kingdom and/or the EEA for which that Party is responsible is subject to appropriate safeguards for international transfers of Personal Data and is in accordance with all applicable Data Protection Laws. 11.5.3. That it has in place sufficient measures and procedures to deal with a data breach in respect of any Personal Data. That it has in place measures and procedures to respond to any requests received from individuals in respect of their rights under all applicable Data Protection Laws exercised in respect of the Personal Data in that Party's possession and/or control, and the Parties agree to provide to each other such reasonable assistance as is necessary to enable them to comply with their obligations under the Data Protection Laws including in relation to any Data Subject rights exercised in relation to any Personal Data shared with the other Party.

Data Protection Obligations. The Contracting Parties have the obligation to abide by the Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The processing of personal data shall be carried out lawfully, fairly and in a transparent manner, collected for specified purposes and adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.

Data Protection Obligations. 3.1. To the extent that the provision of the Services by Us involves the processing of Your Data, We warrant, represent, and agree that: 3.1.1. We shall process Your Data solely in accordance with the documented instructions of You (unless We are required to process Your Data by applicable European Union or European Union member state law to which We are subject and in such a case, We shall notify You of that legal requirement before such transfer or access occurs or is permitted, unless that law prohibits such notification on important grounds of public interest); 3.1.2. We comply and shall continue to comply with Our obligations under the Data Protection Legislation and the provisions of this DPA, and We will not do, or permit anything to be done, which might cause You to be in breach of the Data Protection Legislation; 3.1.3. We shall process Your Data exclusively for the provision of the Services but for no other purposes whatsoever; 3.1.4. Your Data is confidential in nature and, unless otherwise directed by You, We shall ensure that: a) each of Our employees and/or agents engaged in processing Your Data are informed of the confidential nature of Your Data and are subject to contractual obligations of confidentiality; b) all Our employees and/or agents have undertaken training in the handling of personal data in accordance with the Data Protection Legislation and are made aware of Our duties and obligations under such laws and, to the extent applicable, this DPA; c) neither We nor any of Our employees or agents shall publish, disclose, or divulge Your Data to any third party unless otherwise required by the Agreement, this DPA, or as directed in writing to do so by You; and d) access to Your Data is limited to those employees, agents and Sub-Processors who need access to Your Data to allow Us to fulfil Our obligations under this DPA on similar terms to those set out in this DPA and, in the case of any access to Your Data by any employee, agent or Sub-Processor, ensure such access is limited to such part or parts of Your Data as is strictly necessary for performance of the employee’s, agent's, or Sub-Processor's duties; 3.1.5. We shall promptly cooperate as requested by Your from time to time to enable You to comply with any exercise of rights by a data subject under the Data Protection Legislation in respect of personal data processed by Us under this DPA; 3.1.6. We shall assist You in a timely manner where You conduct a data protection impact assessm...

Data Protection Obligations. The contracting parties have the obligation to abide by the Regulation (EU) 2016/679 (General Data Protection Regulation -GDPR) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The processing of personal data shall be carried out lawfully, fairly and in a transparent manner, collected for specified purposes and adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed. The Subgrantee will use and process the data only for the purposes of this Contract and during the length of the Contract. Any unauthorised use is forbidden. In any event, neither the Coordinator nor the Treasurer will be held responsible for any abusive use of data incurred into by the Subgrantee. The Subgrantee shall not try to re-identify anonymised data. In the event that re-identification occurs, the Subgrantee commits not to use such data. The Subgrantee shall delete, at the end of this Contract, the data to which the Subgrantee has been granted access during the incubation process, except where an agreement is entered into with the Data Provider.

Data Protection Obligations. 3.1 Each party shall, in relation to the sharing of any Client Personal Data or Really B2B Personal Data or the processing of any Client Personal Data or Really B2B Personal Data in connection with the performance of its obligations under the Agreement: 3.1.1 comply with Data Protection Legislation (including ensuring it has a lawful basis for sharing or processing contemplated by the Agreement); 3.1.2 update any notice provided to data subjects pursuant to Articles 13 or 14 of the GDPR (each a Notice) as necessary to comply with Data Protection Legislation and to describe the sharing contemplated by the Agreement; 3.1.3 direct any data subject to which Client Personal Data or Really B2B Personal Data relate s to the appropriate Notice of the other party upon request by the data subject; 3.1.4 provide reasonable assistance to the other party (at its own cost) to re spond to any rights request from a data subject pursuant to Chapter III of the GDPR to the extent that such request relates to that party's processing of such personal data; 3.1.5 without undue delay, notify the other party on becoming aware of any personal data b re ach of Client Personal Data or Really B2B Personal Data which relates to processing under the Agreement; 3.1.6 ensure that any processors appointed by it in respect of Client Personal Data and Really B 2B Personal Data provide sufficient guarantees in respect of the security of the personal data; and 3.1.7 provide the other partywith the contact details of its data protection officer (as set out in Article 37 of the GDPR) or the person responsible for compliance data protecti on (as may b e updated from time to time). 3.2 The Client shall either: 3.2.1 name Really B2B in its Notice; or 3.2.2 include in its Notice a general statement informing data subjects that the Client appoints third parties to process personal data. 3.3 The Client warrants that it shall use its best endeavours to ensure that all information re lating to data subjects that do not wish to be contacted in respect of marketing, including those that have directly or indirectly opted-out of receiving direct marketing and those on any of the Client's suppression lists (the Suppression Data), are provided to Really B2B. The Client shall provide Suppression Data to Re ally B 2B prior to any campaign and throughout the campaign where the Suppression Data change s. Really B2B shall not be responsible for not contacting any data subject included in the Suppression Data wher...

Data Protection Obligations. 2.1 For the purposes of this Schedule "Personal Data", "Data Processor", "Data Subject", "Data Controller" and "Process" shall have the meanings ascribed to them in the Data Protection Act 1998 (the "DPA") as amended or re-enacted from time to time. 2.2 The Consultant warrants and represents that it has obtained all necessary registrations, notifications and consents required by the DPA to process Personal Data for the purposes of performing its obligations under this Agreement. 2.3 The Consultant undertakes that to the extent that the Consultant and/or any of its employees receives, has access to and/or is required to process Personal Data on behalf of the Employer ("the Employer’s Personal Data") for the purpose of providing the Services, it will at all times comply with the provisions of the DPA for the time being in force, including without limitation the Data Protection Principles set out in Schedule 1 of the DPA. In particular, the Consultant agrees to comply with the requirements and obligations imposed on the Data Controller in the Seventh Data Protection Principle set out in the DPA namely: 2.3.1 the Consultant shall at all material times have in place and maintain appropriate technical and organisational security measures designed to safeguard against accidental or unlawful destruction, accidental loss, alteration, unauthorised or unlawful disclosure of or access to the Employer’s Personal Data and any person it authorises to have access to any the Employer’s Personal Data will respect and maintain the confidentiality and security of the Employer’s Personal Data. This includes the obligation to comply with any records management, operational and/or information security policies operated by the Employer, when providing the Services on the Employer’s premises and/or accessing their manual and/or automated information systems. These measures shall be appropriate to the harm which might result from any unauthorised Processing, accidental loss, destruction or damage to the Personal Data which is to be protected; 2.3.2 the Consultant shall only process Personal Data for and on behalf of the Employer for the purpose of performing the Services in accordance with this Agreement, or as is required by Law or any Regulatory Body, and where necessary only on written Instructions from the Employer to ensure compliance with the DPA; 2.3.3 the Consultant shall allow the Employer to audit the Consultant's compliance with the requirements of this Clause 2 on reaso...

Data Protection Obligations. In consideration of the mutual obligations and undertakings included herein, each Party acknowledges and agrees that they are separate and distinct Controllers of the Agreement Personal Data in that each Party will Process the Agreement Personal Data in such a way as to mean that it determines for itself, without there being any joint decision making with the other Party, the purposes and means of the Processing of Agreement Personal Data. Each Party shall specifically in relation to Agreement Personal Data disclosed to it by or on behalf of the other Party (not in relation to Agreement Personal Data for which a Party is already a Controller and which originated from itself in the first place): comply with the Data Protection Laws in relation to its Processing of Agreement Personal Data; implement technical and organisational measures to ensure a level of security appropriate to the risk presented by processing the Agreement Personal Data, in particular from a Data Security Incident, including having regard to the risk of varying likelihood and severity for the rights and freedoms of Data Subjects and including as a minimum those measures more particularly described in Schedule [2]4; not by its act or omission cause the other Party to infringe the Data Protection Laws; Process the Agreement Personal Data only for the Purpose (provided that it may Process Agreement Personal Data for its own purposes where required for compliance with laws or regulatory obligations and for disclosures to regulators) and for the avoidance of doubt the disclosing Party may Process its own Agreement Personal Data for all relevant purposes outside of the subject matter of this Agreement; keep the Agreement Personal Data confidential and require that its employees keep the Agreement Personal Data confidential; only disclose the Agreement Personal Data to those individuals who are required to assist in processing the Agreement Personal Data for the Purpose and shall ensure that no other individuals have access to such Agreement Personal Data; notify the other Party of all Data Security Incidents without undue delay; maintain an up-to-date internal log of all Data Security Incidents (whether or not it has been necessary to report them to the supervisory authorities and/or Data Subjects) in accordance with the Data Protection Laws; not make any Restricted Transfer of any Agreement Personal Data unless the same is compliant with Data Protection Laws5; notify the other Party promptly ...

Data Protection Obligations. The parties agree to procure that those of their respective Affiliates listed in Exhibits 1 and 2 hereto and which are established within the European Union abide by the additional obligations set out in Appendix 1 as if they were incorporated as terms and conditions of this Agreement.

Data Protection Obligations. 4.1 Each party shall: a) be responsible for the creation and publication of their own privacy notices. b) ensure that such privacy notices are clear and provide sufficient information to Data Subjects in order for them to understand what of their Personal Data is being shared between the Parties, the circumstances in which it will be shared, the purposes for the Data Sharing and either the identity with whom the data is shared or a description of the type of organisation that will receive the Personal Data, as well as how Data Subjects can make a Data Subject Access request; c) ensure it has all necessary notices in place to enable lawful transfer of the Shared Personal Data to the Permitted Recipients for the Agreed Purposes. d) give full information to any data subject whose Personal Data may be processed under this Agreement of the nature of such processing. This includes giving notice that, on the termination of this Agreement, Personal Data relating to them may be retained by or, as the case may be, transferred to one or more of the Permitted Recipients, their successors, or assignees. Such information shall be contained within the Privacy Notice of eachparty. e) process the Shared Personal Data only for the Agreed Purposes; not disclose or allow access to the Shared Personal Data to anyone other than the Permitted Recipients. f) ensure that all Permitted Recipients are subject to written contractual obligations concerning the Shared Personal Data (including obligations of confidentiality) which are no less onerous that those imposed by this Agreement. g) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, personal data. h) not transfer any Personal Data outside the EEA.