Data Retention and Disposal. Using appropriate and reliable storage media, Vendor will regularly backup data and retain such backup copies consistent with Xxxxxxxx’x data retention policies. At Xxxxxxxx’x election, Vendor will either securely destroy or transmit to Xxxxxxxx’x repository any backup copies of City Data. Vendor will supply Xxxxxxxx a certificate of destruction, indicating the records disposed of, the date disposed of, and the method of disposition used. Vendor will immediately preserve the state of the data at the time of the request and place a “hold” on data destruction or disposal under its usual records retention policies of records that include data, in response to an oral or written request from Xxxxxxxx indicating that those records may be relevant to litigation that Xxxxxxxx reasonably anticipates. Oral requests by Xxxxxxxx for a hold on record destruction will be reduced to writing and supplied to Vendor for its records as soon as reasonably practicable under the circumstances. Xxxxxxxx will promptly coordinate with Vendor regarding the preservation and disposition of these records. Vendor shall continue to preserve the records until further notice by Xxxxxxxx.
Data Retention and Disposal. Unless otherwise requested by Client, Data will be kept by Social Sentinel for one (1) year from the time the Data first enters the Social Sentinel system, with the exception of Data that is flagged as an alert, which may be kept for up to four (4) years, or Data that Social Sentinel reasonably believes should or must be kept in order to provide the Products.
Data Retention and Disposal. At the request of AHS of upon completion of the Study, expiry or termination of this Agreement, the Researcher shall, at the option of AHS, (a) return all the remaining Data to AHS, as directed; or (b) securely destroy all remaining Data in its possession or control. The Research shall comply with the applicable data retention and data destruction policies of AHS and the University, and shall ensure compliance by the Research Associates.
Data Retention and Disposal. 6.1. All data forming part of the Shared Data which is held electronically will be stored in a secure network area with password protected entry and appropriate back-up functionality.
6.2. The Facility’s system will be auditable so that it is possible for any auditor to establish who has accessed the system.
6.3. All laptops, computers, and any other portable devices used in relation to processing, storing or transferring the Shared Data will be encrypted.
6.4. The parties shall retain the Shared Data in accordance with the retention periods identified for the specific element of the Shared Data, and in accordance a compliant data retention and disposal policy and procedure.
Data Retention and Disposal. The Parties shall adopt a document retention and disposal policy which conforms to the requirements of Applicable Privacy and Data Security Laws as well as other applicable laws and the PCI Requirements. The Parties also shall use commercially reasonable efforts to monitor and implement other industry standard practices applicable to document retention and disposal. The aforementioned document retention and disposal policy shall orient towards deleting Personal Information (or a portion thereof) if it is no longer needed by a Party to fulfill its obligations under the Agreement. Irrespective of the form of existence (e.g., whether on paper documents or electronic copies), the destruction or deletion of Personal Information must be carried out in a manner that makes retrieval impossible to the extent reasonably practicable, consistent with Applicable Privacy and Data Security Laws, or other applicable laws and the PCI Requirements,
Data Retention and Disposal. The Data Processor shall:
(a) promptly upon termination or expiry of this Agreement and, at any other time, on request by the Data Controller, return to the Data Controller or delete all Personal Data, including that of employees of the Data Controller, together with all copies thereof in any media in its power, possession or control, except to the extent the Data Processor is required to retain a copy of such Personal Data to comply with Data Protection Legislation.
(b) promptly upon becoming aware of the same and without undue delay, notify the Data Controller of any actual or suspected incident of accidental, unauthorised, or unlawful destruction or disclosure of or access to Personal Data, including where Personal Data is lost or destroyed, becomes damaged, corrupted or unusable and shall provide all co- operation and information reasonably required by the Data Controller in relation to the incident; including:
I. description of the nature of such incident, including the categories and approximate number of both Data Subjects and Personal Data records concerned;
II. the likely consequences; and
III. description of the measures taken and corrective action, or proposed to be taken to address such incident, including measures to mitigate its possible adverse effects, unless such action or measures are contrary to the law. The Data Processor shall provide such corrective action and measures at its own expense.
(c) immediately following any accidental, unauthorised, or unlawful incident, the Parties will co-ordinate with each other to investigate the matter. The Data Processor will co-operate with the Data Controller in the Data Controller's handling of the matter, including:
I. assisting with any investigation;
II. providing the Data Controller with physical access to any facilities and operations affected;
III. facilitating interviews with the Data Processor's employees, former employees and others involved in the matter;
IV. making available all relevant records, logs, files, data reporting and other materials required to comply with all Data Protection Legislation or as otherwise reasonably required by the Data Controller; and
V. taking reasonable and prompt steps to mitigate the effects and to minimise any damage resulting from such incident or unlawful Personal Data processing.
(d) The Data Processor will not inform any third party of any such incident without first obtaining the Data Controller's prior written consent, except when required to do so b...
Data Retention and Disposal a) The CDC agrees to maintain and update NHM&E data retention and disposal policies and procedures.
b) The CDC will comply with federal statutes on data retention and disposal.
c) The CDC agrees to take measures as necessary, in addition to those mentioned in this document, to maintain high levels of security when data are retained and disposed.
Data Retention and Disposal a) Your agency agrees to update and maintain retention and disposal policies and procedures to assure that data cannot be inappropriately accessed.
b) Your agency agrees to be responsible for staying abreast of state and federal statutes on data retention and disposal and agrees to fully comply with all applicable statutes.
c) Your agency agrees to take measures as necessary, in addition to those mentioned in this document, to maintain high levels of security and privacy for data retention and disposal.
Data Retention and Disposal. PII data will only be stored as long as the Arduino legitimately needs it and in accordance with Arduino’s Privacy Policy.
Data Retention and Disposal. (a) Box will not securely delete or otherwise delete data in an End User’s account until the Enterprise Customer or End User deletes such data or Box deletes such data after termination or expiration of the Term in strict accordance with Section 8.8 below.
(b) Box will provide Enterprise Customer on an ongoing basis with access to reports on the Box Services and Enterprise Customer may copy and retain those reports as Enterprise Customer may deem reasonably necessary.
(c) Optional archiving services available as part of the Box Service will enable Enterprise Customer to immediately place a “hold” on the destruction of Enterprise Customer Data that has been archived.