Data Security Obligations. (i) The Company and each of its subsidiaries have complied and are presently in compliance with all internal and external privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations” and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) of there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation. The Company and each of its subsidiaries have taken all technical and organizational measures necessary to protect the information technology systems and Data used in connection with the operation of the Company’s and its subsidiaries’ businesses. Without limiting the foregoing, the Company and its subsidiaries have used reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s and its subsidiaries’ businesses (“Breach”). There has been no such Breach, and the Company and its subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, any such Breach.
Data Security Obligations. (i) The Company and each of its subsidiaries are presently in material compliance with all applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its wholly owned subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”, and such data, “Data”); (ii) except as disclosed in the Company’s Current Report on Form 8-K filed on September 28, 2020, the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) except as disclosed in the Company’s Current Report on Form 8-K filed on September 28, 2020, there is no material action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation.
Data Security Obligations. In addition to cl 7.8 of the Head Terms, the Supplier must comply with this clause at no additional cost to Amplitel.
Data Security Obligations. (i) The Company and each of its subsidiaries have been, since June 11, 2021 (the date on which the Company’s 3.850% Senior Notes due 2051 were issued, hereinafter referred to as the “2021 Notes Issuance Date”), and are presently, in compliance with all internal and external privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”, and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) of there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation, except as would not, in the case of each of clauses (i), (ii) and (iii) above, individually or in the aggregate, be reasonably likely to have a Material Adverse Effect.
Data Security Obligations. 11.1 The Company shall take appropriate technical and organisational measures against unauthorised or unlawful processing, accidental loss or destruction of, or damage to any Personal Data which it is required to process in relation to the Services or which it otherwise has access, including (without limitation) the measures set out in the Data Security Policy, and any measures which the Customer may specifically require from time to time.
11.2 The Company shall promptly inform the Customer if any of the Personal Data referred to above is lost or destroyed or becomes damaged, corrupted or unusable, and shall (at its own expense) take such steps as the Customer may reasonably require to restore it to its original condition.
11.3 The Company undertakes to retain up to date information security certification (as of the Effective Date: ISO27001:2013) at its own expense from a UKAS accredited provider, covering all sites where Customer’s data is processed or stored.
11.4 The Company shall ensure that the Personal Data is kept secure and in an encrypted form, and shall use all reasonable security practices and systems to prevent, and take prompt and proper remedial action against, unauthorised access, copying, modification, storage, reproduction, display or distribution of the Personal Data.
11.5 The Company shall keep at its normal place of business detailed, accurate and up- to-date records relating to the processing of the Personal Data by the Company including the permissioning and control of the Personal Data, and books of account (“Data Records”).
11.5.1 At no further cost to the Customer, the Company shall permit the Customer and its third-party representatives, on reasonable notice during Service Hours, but without notice in case of any reasonably suspected breach of this Clause 11, to gain access to, and take copies of, the Data Records and any other information held at the Company's premises relevant to the delivery of the Service.
Data Security Obligations. 7.1 Security patching: When a security patch becomes available, RSG must ensure it patches any part of its network that stores or processes the Purchaser’s data, or connects to the Purchaser’s networks, as soon as reasonably practicable.
7.2 Encryption: RSG will ensure that:
(a) all the Purchaser’s data is encrypted at rest and in transit in accordance with the Purchaser’s encryption standards; and
(b) all devices accessing, storing or processing the Purchaser’s data have end point encryption installed.
7.3 Controlled access to systems and logging:
(a) RSG and its Personnel must only access the Purchaser’s data for the purposes of this Agreement;
(b) RSG must keep and maintain accurate and up-to date records of any access, collection, or changes of the Purchaser’s data by RSG (Data Records), including details of the relevant RSG Personnel involved and the date and purpose of the access, collection, or change; and
(c) at the Purchaser’s request, RSG must provide the Purchaser with copies of the Data Records in real time, and if not possible, within 24 hours of real time.
7.4 Data Loss Prevention Capability: RSG will have in place appropriate software, systems and processes that are designed to detect and prevent loss of the Purchaser’s data.
7.5 Back up and data recovery capability: RSG will:
(a) make backup copies of the Purchaser’s data and system configurations at least every 10 Business Days (Back-Ups);
(b) store Back-Ups securely in accordance with the Purchaser’s backup requirements;
(c) retain Back-Ups at no additional cost to the Purchaser for 42 Days (or longer if requested by the Purchaser); and
(d) provide the Purchaser’s data to the Purchaser if requested.
7.6 Vulnerability detection: RSG must:
(a) ensure that any server or computer connected to the Internet that is used to access, store, modify or use the Purchaser’s data undergoes vulnerability scans:
(i) monthly; and
(ii) promptly following any system change; and
(b) immediately fix any vulnerabilities discovered and report such vulnerabilities and fixes to the Purchaser as soon as reasonably practicable.
7.7 Erasure of the Purchaser’s data:
(a) The Purchaser must approve the occurrence and method of any de-identification, destruction or permanent erasure of the Purchaser’s data under this Agreement in writing.
(b) If RSG must replace data storage infrastructure under this Agreement, it must ensure any of the Purchaser’s data is permanently erased or the infrastructure is destroyed in a secur...
Data Security Obligations. Each Party is responsible for the security of all copies of the Data which it handles, and will:
(a) take reasonable steps to ensure that electronic transfers of Data between the Parties are secure and access to the Data is protected by passwords that enable individual user authentication; and
(b) comply with all relevant Laws and policies in connection with the use, disclosure, management, control and storage of the information.
Data Security Obligations. Except as set forth in the Registration Statement, the Disclosure Package and the Prospectus, and except as would not reasonably be expected to have a Material Adverse Change on the Company and its Subsidiaries, taken as a whole: (i) the Company and each of its Subsidiaries have complied and are presently in compliance with all internal and external privacy policies, their privacy- and data protection-related contractual obligations, and applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its Subsidiaries of personal information, personally identifiable information, or personal data, as defined under applicable data privacy laws including, without limitation, the rules and regulations imposed by the U.S. Children’s Online Privacy Protection Act (“Data Security Obligations”); (ii) the Company has not received any written notification or complaint that indicates the Company’s non- compliance with any Data Security Obligation; and (iii) there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened in writing alleging non- compliance by the Company with any Data Security Obligation.
Data Security Obligations. Except as would not have a Material Adverse Effect on the Company and its subsidiaries, taken as a whole, (i) to the Company’s knowledge, the Company and each of its subsidiaries have complied and are presently in compliance with all internal and external privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”, and such data, “Data”); (ii) neither the Company nor any of its subsidiaries has received any notification of or complaint regarding, or is otherwise aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) there is no action, suit, or proceeding by or before any court or governmental agency, authority or body pending or, to the Company’s knowledge, threatened against the Company or any of its subsidiaries alleging noncompliance with any Data Security Obligation.
Data Security Obligations. In addition to cl 7.8 of the Head Terms, the Supplier must comply with this clause at no additional cost to Telstra.
