Demonstrating Compliance. Upon Honeywell’s written request and subject to obligations of confidentiality, Subcontractor will (and will ensure that its Subprocessors will) provide to Honeywell all information necessary to demonstrate its compliance with this Data Processing Exhibit. Honeywell (or an independent auditor mandated by Honeywell) may audit Subcontractor’s compliance with such obligations at regular intervals or if there are indications of non-compliance with the terms of this Data Processing Exhibit ("Audits"). At Honeywell’s request, upon reasonable notice, Subcontractor will also permit and contribute to onsite audits or inspections. In deciding on a review or Audit, Honeywell may consider any relevant certifications (such as SOC 2 Type II report) held by Subcontractor. Subcontractor will deal promptly and adequately with Audit inquiries from Honeywell. If Subcontractor, or any Subprocessor, is in breach of any of its obligations under the Agreement relating to Honeywell Personal Data, Honeywell may (without prejudice to any other rights or remedies it may have) suspend the transfer of Honeywell Personal Data to Subcontractor until the breach is remedied.
Demonstrating Compliance. Each Party shall before the beginning of each Contract Year, produce a certificate from its insurers to the other Party demonstrating compliance with its obligations under GC 11.3.
Demonstrating Compliance. Secureworks shall, upon reasonable prior written request from Customer (such request not to be made more frequently than once in any twelve month period), provide to Customer such information as may be reasonably necessary to demonstrate Secureworks’ compliance with its obligations under this DPA.
Demonstrating Compliance. Dell agrees to supply, upon Customer request for an audit, the Standardized Information Gathering (“SIG”) questionnaire (“Security Questionnaire”) related to the security practices and posture of Dell’s organization. The Security Questionnaire is reviewed annually, mapped to Dell policies and standards, and updated with relevant and current US and international regulatory and privacy standards, such as, NIST 800-53r4, NIST CSF 1.1, CIS Top 20, or ISO 27001, where applicable. To the extent Customer’s audit requirements under the Standard Contractual Clauses or applicable Privacy Laws cannot reasonably be satisfied through the Security Questionnaire, documentation or compliance information Dell makes generally available to its customers, Dell will promptly respond to Customer’s additional audit instructions. Before the commencement of an audit, Customer and Dell will mutually agree upon the scope, timing, duration, control and evidence requirements, and fees for the audit, provided that this requirement to agree will not permit Dell to unreasonably delay performance of the audit. To the extent needed to perform the audit, Dell will make the processing systems, facilities and supporting documentation relevant to the processing of Personal Data by Dell available. Such an audit will be conducted by an independent, accredited third-party audit firm, during regular business hours, with reasonable advance notice to Dell, and subject to reasonable confidentiality procedures. Neither Customer nor the auditor shall have access to any data from Dell’s other customers or to Dell systems or facilities not involved in the Services. Customer is responsible for all costs and fees related to such audit, including all reasonable costs and fees for any and all time Dell expends for any such audit, in addition to the rates for services performed by Dell. If the audit report generated as a result of Customer’s audit includes any finding of material non-compliance, Customer shall share such audit report with Dell and Dell shall promptly cure any material non- compliance.
Demonstrating Compliance. 4.8.1 The Processor shall make available to the Controller upon request all information necessary to demonstrate compliance with this Agreement and the Governing law.
4.8.2 The Processor shall immediately inform the Controller if in its opinion an instruction of the Controller would breach the Governing Law.
4.8.3 The Processor shall cooperate with the Controller or any independent third party appointed by the Controller for the purpose, in the conduct of an audit, including an inspection, carried out to verify compliance with the Governing Law in the processing of the personal data the subject of the Grant Agreement. The Controller and any third party appointed shall abide by the Processor’s reasonable security requirements, and will not interfere unreasonably with the Processor’s business activities.
4.8.4 The Controller shall give the Processor reasonable notice of any proposed audit or inspection. The findings of any audit or inspection shall be discussed and evaluated by the Parties and, where applicable, implemented, as appropriate, by one of the Parties or jointly by both Parties.
4.8.5 The Controller shall bear the costs of the audit.
Demonstrating Compliance. Critical Start shall, upon reasonable, prior written request from Customer (such request not to be made more frequently than once in any twelve (12) month period), provide to Customer such information as may be reasonably necessary to demonstrate Critical Start’s compliance with its obligations under this DPA.
Demonstrating Compliance. Secureworks shall, upon reasonable prior written request from MSSP (such request not to be made more frequently than once in any twelve-month period), provide to MSSP such information as may be reasonably necessary to demonstrate Secureworks’ compliance with its obligations under this DP Schedule.
Demonstrating Compliance. 2.3.1 The Data Originator shall ensure that the Data is originated and processed in accordance with international best practices and guidelines, namely: ● ICAO Doc 8168 Procedures for Air Navigation Services - Aircraft Operations ● ICAO Doc 9674 World Geodetic System – 1984 (WGS-84) Manual ● Aeronautical Information Services Manual (ICAO Doc 8126) ● Aeronautical Chart Manual (ICAO Doc 8697) ● Regional Supplementary Procedures (ICAO Doc 7030) ● [update list to reflect all applicable standards, specifications, guidance material … ]
Demonstrating Compliance. 2.3.1 The Data Provider confirms that the Data is originated and derived in accordance with industry best practices and guidelines, including: • [Examples: list other specifications, standards, guidance material … ] • ICAO Doc 9674 WGS-84 Manual - World Geodetic System for surveyors • ICAO Doc 8126 PANS-OPS - Aircraft Operations for procedures designer • EUROCAE ED-99D / RTCA DO-272D User Requirements for Aerodrome Mapping Information for aerodrome mapping database
2.3.2 In the event that the Data, or parts of the Data, is originated by a Third Party, the Data Provider shall establish formal arrangements with the Third Party ensuring that the data is originated in accordance with the provisions of this Agreement.
2.3.3 The Data Provider commits to provide, on request, a quality report demonstrating claims of compliance with the requirements for the Data. Such report shall include as a minimum: • A description of any raw data used by the Data Provider to derive or calculate any elements of the Data; • A description of the process used to validate the Data; • Reported results from validation of the Data; • Information provided by other parties during data collection that has been used in the collection, calculation or validation of the Data.
Demonstrating Compliance. 6.1 The RECEIVING ORGANISATION makes available to the SENDING ORGANISATION information necessary to demonstrate compliance with the obligations laid down in this Agreement. WMDA Standards (chapter 5 of WMDA 2020 Standards) will constitute a RECEIVING ORGANISATIONS’ reasonable documentation to demonstrate compliance. Expenses necessary for demonstrating compliance to this Agreement, and achieving the requirements of the WMDA Standards, are costs that the RECEIVING ORGANISATION must bear. RECEIVING ORGANISATION will allow SENDING ORGANISATIONS to contribute to audits, including inspections, conducted by the SENDING ORGANISATION or another auditor mandated by the SENDING ORGANISATION. Any costs of additional audits that extend beyond the requirements in this agreement, those audit costs will be borne by SENDING ORGANISATION, unless it appears that RECEIVING ORGANISATION has infringed laws or regulations (including those concerning personal data protection) or if RECEIVING ORGANISATION has failed to comply with the obligations of this Agreement, and/or errors are found in the findings which must be attributed to RECEIVING ORGANISATION. In such cases, the cost of the audits will be borne by RECEIVING ORGANISATION. The SENDING ORGANISATION shall give RECEIVING ORGANISATION a thirty (30) days prior written notice of the audits, as well as of the outside auditor mandated by SENDING ORGANISATION. RECEIVING ORGANISATION may, within seven (7) days after the notice, object on reasonable grounds to the auditor engaged. An audit may take place once a year as well as in the event of a concrete suspicion of misuse of Data. The RECEIVING ORGANISATION shall cooperate with such audits and shall not impose any conditions on its cooperation other than the SENDING ORGANISATION’s auditors signing a commonly used and not unnecessarily onerous confidentiality statement (unless they are already held to confidentiality under their employment relationship with the SENDING ORGANISATION).
6.2 With regard to the foregoing, RECEIVING ORGANISATION will promptly notify the SENDING ORGANISATION if, in its opinion, an instruction infringes the provisions of the GDPR or other statutory provisions.
6.3 Where applicable, RECEIVING ORGANISATION will assist the SENDING ORGANISATION at all times to meet the obligations pursuant to the GDPR. More specifically RECEIVING ORGANISATION will assist the SENDING ORGANISATION to meet the obligations relating to the rights of the data subjects such as, but ...
