DATA PROTECTION & PROCESSING Sample Clauses

DATA PROTECTION & PROCESSING. 1.1 The Parties acknowledge that for the purposes of the Data Protection Legislation, the Purchaser is the Controller and the Supplier is the Processor. The only processing that the Supplier is authorised to do is listed in the Data Processing Schedule and may not be determined by the Supplier. 1.2 The Supplier shall notify the Purchaser immediately if it considers that any of the Purchaser's instructions infringe the Data Protection Legislation. 1.3 The Supplier shall provide all reasonable assistance to the Purchaser in the preparation of any Data Protection Impact Assessment prior to commencing any processing. Such assistance may, at the discretion of the Purchaser, include: (a) a systematic description of the envisaged processing operations and the purpose of the processing; (b) an assessment of the necessity and proportionality of the processing operations in relation to the Services; (c) an assessment of the risks to the rights and freedoms of Data Subjects; and (d) the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of Personal Data. 1.4 The Supplier shall, in relation to any Personal Data processed in connection with its obligations under this Contract: (a) process that Personal Data only in accordance with the Data Processing Schedule, unless the Supplier is required to do otherwise by Law. If it is so required the Supplier shall promptly notify the Purchaser before processing the Personal Data unless prohibited by Law; (b) ensure that it has in place Protective Measures, which have been reviewed and approved by the Purchaser as appropriate to protect against a Data Loss Event having taken account of the: (i) nature of the data to be protected; (ii) harm that might result from a Data Loss Event; (iii) state of technological development; and (iv) cost of implementing any measures; (c) ensure that: (i) the Supplier Personnel do not process Personal Data except in accordance with this Contract (and in particular the Data Processing Schedule); (ii) it takes all reasonable steps to ensure the reliability and integrity of any Supplier Personnel who have access to the Personal Data and ensure that they: (A) are aware of and comply with the Supplier’s duties under this clause; (B) are subject to appropriate confidentiality undertakings with the Supplier or any Sub-processor; (C) are informed of the confidential nature of the Personal Data and do not publish, disclose or divulge any o...
Sample 1Sample 2
AutoNDA by SimpleDocs
DATA PROTECTION & PROCESSING. 10.1 Where Privalgo is carrying out processing on Your behalf, We shall implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of the rights of the data subject. In particular, We shall: 10.1.1 process the personal data only on documented instructions from You, including with regard to transfers of personal data to a third country or an international organisation, unless required to do so by the Union or the laws of England and Wales. In such an event, We shall inform You of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest; 10.1.2 ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; 10.1.3 take all measures required pursuant to Article 32 of GDPR; 10.1.4 taking into account the nature of the processing, assist You by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of Your obligation to respond to requests for exercising the data subject's rights laid down in Chapter III of GDPR; 10.1.5 assist You in ensuring compliance with the obligations pursuant to Articles 32 to 36 of GDPR taking into account the nature of processing and the information available to You; 10.1.6 at Your choice, delete or return all the personal data to You after the end of the provision of services relating to processing and delete existing copies unless English law requires storage of the personal data; 10.1.7 make available to You all information necessary to demonstrate compliance with the obligations laid down in Article 28 of GDPR and allow for and contribute to audits, including inspections, conducted by You or another auditor mandated by You. 10.2 We shall immediately inform You if, in its opinion, an instruction from You to Us infringes GDPR or English law data protection provisions. 10.3 The subject-matter of the processing under this clause 9 is personal data provided by You to Us relating to the provision of services under this Agreement. 10.4 The duration of the processing will continue for so long only as we provide services under this Agreement. 10.5 The nature and purpose of the processing relates to the provision of services under this Agreement. 10.6 The types of personal data processed under this Agreement may include but not be...
Sample 1Sample 2
DATA PROTECTION & PROCESSING. 18.1 Both parties will comply with all applicable requirements of the Data Protection Legislation. 18.2 Without prejudice to the generality of clause 18.1, the parties will ensure that they have all necessary appropriate consents and notices in place to enable lawful transfer of any personal data (as defined by the Data Protection Legislation from time to time) to the other for the duration and purposes of this Contract. 18.3 Either party may, at any time on not less than 30 (thirty) days' notice, revise this clause 18 by replacing it with any applicable controller to processor standard clauses or similar terms (which shall apply when replaced by attachment to this Contract). 18.4 The Club is the data controller in respect of the personal data (each as defined in the Data Protection Legislation) it collects, stores, processes and deletes in relation to the Client. 18.5 The Club shall keep secure the information which the Client provides to it together with other information the Club has from the Client’s dealings with the Club and its commercial licensees (whether the information is paper based or held in our computerised databases) and will process and use it in accordance with applicable Data Protection Legislation to: (a) (for the performance of the Club’s obligations under this Contract (as applicable)) administer any services and/or products which the Club provides to the Client; (b) (only where the Client has given its express consent to receiving communications from the Club) understand the Client’s preferences and profile so that the Club can improve the services which it offers; and (c) (only where the Client has given its express consent to receiving communications from the Club) enable the Club to provide the Client directly with promotional offers, materials or information which the Club believes may be of interest to the Client. 18.6 The Club teams up with a selection of carefully chosen commercial licensees to bring fans a diverse range of opportunities and offers (including financial services offers) at competitive prices (an up-to-date list of the Club’s commercial licensees and details of the offers they may make available can be seen on the Club’s website or obtained on request from the Club at St. Xxxxx’ Park, Newcastle Upon Tyne, NE1 4ST). The Club will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Client’s personal data (as defined in the Data Protection Legislation) to any ...
Sample 1
DATA PROTECTION & PROCESSING. Specifications The Data Processing Specifications describe: (i) the subject matter of the data processing; (ii) the type of Personal Data processed; (ii) the name and location of the party hosting the Personal Data; (iii) where the Service is hosted; (iv) sub-processors involved in the processing of the Personal Data, if any; (iv) the purpose of the data processing; and (v) the period of time the Personal Data is retained. The applicable Data Processing Specifications are hereby incorporated by reference into these Data Processing Terms. The only Data ISO-Office (Pty) Ltd will keep is Company Name, Company Address, Company VAT Number, Administrator Name, Surname, Email address and Telephone number for the only reason being billing / handling support queries that might arise from support emails / bulk email for updates / Price increase in annual fees / General communication regarding system.
Sample 1

Related to DATA PROTECTION & PROCESSING

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

  • Data Processing In this clause:

  • Data Protection Impact Assessment If, pursuant to Data Protection Law, Customer (or its Controllers) are required to perform a data protection impact assessment or prior consultation with a regulator, at Customer’s request, SAP will provide such documents as are generally available for the Cloud Service (for example, this DPA, the Agreement, audit reports or certifications). Any additional assistance shall be mutually agreed between the Parties.

  • PERSONAL DATA PROTECTION 7.1 By accessing ESZAM AUCTIONEER SDN BHD website, the E-Bidders acknowledge and agree that ESZAM AUCTIONEER SDN BHD website may collect, retain, or disclose the E-Bidder’s information or any information by the e-bidders for the effectiveness of services, and the collected, retained or disclosed information shall comply with Personal Data Protection Act 2010 and any regulations, laws or rules applicable from time to time. 7.2 ESZAM AUCTIONEER SDN BHD will process E-bidder personal data such as name, address, NRIC and contact number for registration and E-bidding purposes. E-bidders shall be responsible for the username and password of eZ2Bid and not to reveal the password to anyone. 7.3 E-bidders agree to accept all associated risks when using the service in the ESZAM AUCTIONEER SDN BHD website and shall not make any claim for any unauthorized access or any consequential loss or damages suffered. 7.4 E-bidders shall be responsible for the confidentiality and the use of password and not to reveal the password to anyone at any time and under any circumstances, whether intentionally or unintentionally. 7.5 E-bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. 7.6 E-bidders accept the responsibility that in any event that the password is in the possession of any other person whether intentionally or unintentionally, the E-Bidders shall take precautionary steps for the disclosure, discovery, or the Bidders shall immediately notify ESZAM AUCTIONEER SDN BHD

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • PERSONAL DATA PROTECTION ACT 7.1. PAH is committed to protecting the privacy, confidentiality and security of all personal data to which it is entrusted. It has been our policy to ensure your personal information are protected. With the introduction of the Malaysian Personal Data Protection Act 2010 ("PDPA"), we are even committed to ensure the privacy and confidentiality and security of all personal data are protected in line with the PDPA. We process personal data which you have provided to us voluntarily through our website upon your registration and this includes personal data such as your name, address, NRIC and contact details. In this regards, you have expressly consent to our processing of your personal data. If you give us personal data or information about another person, you must first confirm that he/she has appointed you to act for him/her, to consent to the processing of his/her personal data and to receive on his/her behalf any data protection notices. We may request your assistance to procure the consent of such persons whose personal data is provided by you to us and you agree to do so. You shall indemnify us in the event we suffer loss and damage as a result of your failure to comply with the same. We will only retain your personal data for as long as necessary for the fulfilment of the specified purposes or as legislated 7.2. E-Bidders shall be responsible for the confidentiality and use of password and not to reveal the password to anyone at any time and under any circumstances whether intentionally or unintentionally. 7.3. E-Bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. In the event that the password is compromised, the E-Bidders shall immediately notify PAH.

  • Details of Data Processing (a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.

  • Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!