DATA PROTECTION & SECURITY Sample Clauses

DATA PROTECTION & SECURITY. If the Data includes any identifiable Personal Data, the Recipient shall:-

DATA PROTECTION & SECURITY. 12.1 The Contractor shall comply with all applicable requirements of the Data Protection Laws. 12.2 The Parties acknowledge that for the purposes of the Data Protection Laws, NUI Galway is the Data Controller and the Contractor is the Data Processor in respect of Data which is Personal Data. 12.3 Without prejudice to the generality of clause 12.1, the Contractor shall, in relation to any Personal Data processed in connection with the performance by the Contractor of its obligations under this Agreement: (a) process that Personal Data only on the written instructions of NUI Galway; (b) ensure that it has in place appropriate technical and organisational measures, as may be reviewed and approved by NUI Galway, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it); (d) ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential; (e) not transfer any Personal Data outside of the European Economic Area unless the prior written consent of NUI Galway has been obtained and the following conditions are fulfilled; (i) appropriate safeguards are in place in relation to the transfer, to ensure that Personal Data is adequately protected in accordance with Chapter V of Regulation 2016/679 ( General Data Protection Regulation); (ii) the data subject has enforceable rights and effective legal remedies; (iii) The Contractor complies with its obligations under the Data Protection Laws by providing an adequate level of protection to any Personal Data that is transferred; and (iv) The Contractor complies with reasonable instructions notified to it in advance by NUI Galway with respect to the processing of the Personal Data; 12.4 The Contractor sh...

DATA PROTECTION & SECURITY. Suppliers are responsible for data protection, privacy compliance, and security control validation/ certification of their subcontractors. • For data classified as Confidential, Confidential – Internal Use Only or Restricted, data should be encrypted using AES-256 or stronger. • To protect data integrity, data should be hashed using SHA-256 or stronger. • All Confidential hard copy data that is no longer required must be shredded by use of a crosscut shredder. • The print process must be adequately secured to prevent unauthorized disclosure/access. • Extra precautions must be in place to protect the Confidential Information stored on portablesystems or mobile devices. Devices and data must be stored securely when not in use. • Portable systems with Confidential Information must not transfer data by use of Personal Area Networks • Web sites and applications must be backed up in accordance with Business Continuity andDisaster Recovery requirements. • Supplier must secure all backup media during transportation and in storage. • Supplier should catalog all media so that a missing storage unit (and which unit it is) shall be easily identified. Supplier should not label media in such a way that it discloses the datait contains or its owner company in a manner that is easily identified by an outsider. • Supplier should maintain system and application backups that support a total system restorefor a 30-day period as a minimum. Backup media must be on separate media from the system. • Supplier must destroy all Confidential Information within 30 days of termination of Supplier contract. Copies of Confidential Information on system backup media that is co-mingled with other system data are not included.

DATA PROTECTION & SECURITY. 6.1 If the Data includes any identifiable Personal Data, the Recipient shall:- 6.1.1 take appropriate technical and organisational measures against the unauthorised or unlawful processing and/or use of the Data, any data derived from the Data and/or and all Confidential Information, against the accidental loss or destruction of, or damage to, such data and information. 6.1.2 ensure that the measures referred to in clause 6.1 shall include the measures set out in Schedule B. 6.1.3 restrict access to the Data, any data derived from the Data and all other Confidential Information to such of its employees who strictly need access to such data and/or information to undertake the Research Programme, and shall ensure that all such employees are reliable, and informed of the confidential nature of such data and/or information and the importance of processing it securely. 6.2 For the avoidance of doubt, the Recipient undertakes that it shall not disclose to a third party, whether in connection with the Research Programme or otherwise, any data and/or information contained in or derived from the Data which constitutes Personal Data.

DATA PROTECTION & SECURITY. Each party shall at all times during the term of this Agreement or Pricing Schedule: (a) comply with all applicable privacy, consumer protection, data security and other similar laws, rules and regulations; (b) as Recipient, maintain and enforce security procedures to ensure the confidentiality of Discloser’s Confidential Information; (c) maintain an information security program aligned with Good Industry Practice (as defined in Section 15.1 below) that is designed to protect against accidental or malicious threats; (d) apply reasonable controls to prevent, detect, and respond to malicious software or cyber security attacks; and (e) ensure that each party’s personnel, and contractors as appropriate, are made aware of and comply with its information security and privacy program.

DATA PROTECTION & SECURITY. For the purposes of this clause 8, the meaning of personal data, data processor and data controller shall be determined in accordance with the Data Protection Xxx 0000.

DATA PROTECTION & SECURITY. 9.1 Each Party undertakes to comply with Data Protection Laws at its own cost and will not knowingly cause the other to breach Data Protection Laws. Each Party will provide the other Party with all information, assistance and cooperation reasonably necessary to enable that other Party to comply with Data Protection Laws. 9.2 FHDN Affiliate undertakes to solely Process Personal Data as required by and in accordance with the documented instructions of the Provider and/or FareHarbor for the purpose of performing this Agreement, unless otherwise required by laws to which FHDN Affiliate is subject. FHDN Affiliate shall not Process Personal Data in any manner for its own purposes or any third-party purposes. 9.3 FHDN Affiliate warrants that it will: (a) inform XxxxXxxxxx without undue delay of any complaint, notice, request or communication (from a customer, a Supervisory Authority or otherwise) which relates directly or indirectly to the Processing of Personal Data under this Agreement or to FHDN Affiliate's compliance with Data Protection Laws, and will provide FareHarbor with cooperation and assistance in relation to any such complaint, notice, request or communication; (b) immediately notify FareHarbor about any actual or suspected security breach, unauthorised access, misappropriation, loss, damage or other compromise of the security, confidentiality, or integrity of Provider Content processed by Integration Partner ("Security Breach"). (c) upon discovery of any Security Breach, shall (i) immediately take action to prevent any further Personal Data Breach and (ii) provide FareHarbor with full and prompt cooperation and assistance in relation to any notifications that FareHarbor is required to make as a result of the Security Breach. (d) only permit persons to access Personal Data as strictly necessary and in particular only to employees of the Party that are bound by confidentiality obligations or are under an appropriate statutory obligation of confidentiality with regard to the Personal Data; (e) notify FareHarbor promptly if any applicable laws require or prohibit it to Process Personal Data other than in compliance with Data Protection Laws and this Agreement, including due to changes to applicable laws to which the Party is subject; and (f) promptly notify the other Party and cooperate with them if it believes that it may no longer be able to comply with any of the terms of this Agreement. 9.4 In the event of a conflict between the provisions of an app...

DATA PROTECTION & SECURITY. 11.1 Both parties will comply with all applicable laws in relation to the control and processing of Personal Data. 11.2 Both parties shall ensure that in relation to any sensitive data (including both Confidential Information and Personal Data) processed in connection this Agreement that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of that data and against accidental loss or destruction of, or damage to, that data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures.

DATA PROTECTION & SECURITY. 12.1 The Merchant and the Service Provider undertake to provide appropriate data protection and to ensure confidentiality, availability and accuracy of data. They shall, in particular, be obliged to ensure reasonable protection of their systems against unauthorised or accidental destruction, accidental loss, technical errors, falsification, theft, unlawful use, unauthorised alteration, copying, access and other unauthorised activities.

DATA PROTECTION & SECURITY. 3.1 The Parties shall, in performing their obligations under this Agreement, comply in all respects with all relevant Data Protection Laws. 3.2 Morae acknowledges that Client Data is the sole and valuable property of the Client (and its clients, where applicable) and that any unauthorised disclosure, use or loss of it could give rise to damage to the Client (and its clients, where applicable).