Description of Technical and Organizational Measures. Description of the technical and organisational security measures implemented by the data importer: Confidentiality (Article 32(1) lit. (b) GDPR) • Physical Access Control No unauthorised access to Data Processing Facilities, e.g.: magnetic or chip cards, keys, electronic door openers, facility security services and/or entrance security staff, alarm systems, video/CCTV Systems • Electronic Access Control No unauthorised use of the Data Processing and Data Storage Systems, e.g.: (secure) passwords, automatic blocking/locking mechanisms, two-factor authentication, encryption of data carriers/storage media • Internal Access Control (permissions for user rights of access to and amendment of data) No unauthorised Reading, Copying, Changes or Deletions of Data within the system, e.g. rights authorisation concept, need-based rights of access, logging of system access events • Isolation Control The isolated Processing of Data, which is collected for differing purposes, e.g. multiple Client support, sandboxing; and
Description of Technical and Organizational Measures. As from the Terms Effective Date, Wisetail will implement and maintain the Securi- ty Measures set out in this Schedule 2. Wisetail may update or modify such Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services. xxxxx://xxx.xxxxxxxx.xxx/wisetail-technical-and-organizational-measures Personnel Security Wisetail employee competence is a key element of the control environment. Wise- tail is committed to training and developing its employees. This commitment to competence is expressed in the company's personnel policies and related human resource programs. At least annually, the Human Resources Team/Management per- forms a review of key talent by individual and role to ensure that critical talent is retained and to ensure that the organizational structure is aligned in a way that will support achievement of the company's objectives and strategies. Wisetail en- sures that personnel have the knowledge and training needed to perform their du- ties. New employees go through initial Security training during the New Hire Process. Wisetail personnel are required to conduct themselves in a manner consis- tent with the company’s guidelines regarding confidentiality, business ethics, ap- propriate usage, and professional standards. Wisetail conducts reasonably appro- priate backgrounds checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations. Personnel are required to ex- ecute a confidentiality agreement and must acknowledge receipt of, and compli- ance with, Wisetail confidentiality and privacy policies. Personnel are provided with security training. Personnel handling Customer Data are required to complete additional requirements appropriate to their role (eg., certifications). Wisetail personnel will not process Customer Data without authorization. Subprocessor Security Before onboarding Subprocessors, Wisetail conducts an audit of the security and privacy practices of Subprocessors to ensure Subprocessors provide a level of secu- rity and privacy appropriate to their access to data and the scope of the services they are engaged to provide. Once Wisetail has assessed the risks presented by the Subprocessor, then subject to the requirements of the Data Controller’s Require- ments for Subprocessor Engagement, the Subprocessor is required to enter into appropriate security, confidentiality and privacy contract ...
Description of Technical and Organizational Measures. As from the Terms Effective Date, Playerlync will implement and maintain the Security Measures set out in this Schedule 2. Playerlync may update or modify such Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services. Personnel Security Playerlync employee competence is a key element of the control environment. Playerlync is committed to training and developing its employees. This commitment to competence is expressed in the company's personnel policies and related human resource programs. At least annually, the Human Resources Team/Management performs a review of key talent by individual and role to ensure that critical talent is retained and to ensure that the organizational structure is aligned in a way that will support achievement of the company's objectives and strategies. Playerlync ensures that personnel have the knowledge and training needed to perform their duties. New employees go through initial Security training during the New Hire Process. Playerlync personnel are required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Playerlync conducts reasonably appropriate backgrounds checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations. Personnel are required to execute a confidentiality agreement and must acknowledge receipt of, and compliance with, Playerlync confidentiality and privacy policies. Personnel are provided with security training. Personnel handling Customer Data are required to complete additional requirements appropriate to their role (eg., certifications). Playerlync personnel will not process Customer Data without authorization. Subprocessor Security Before onboarding Subprocessors, Playerlync conducts an audit of the security and privacy practices of Subprocessors to ensure Subprocessors provide a level of security and privacy appropriate to their access to data and the scope of the services they are engaged to provide. Once Playerlync has assessed the risks presented by the Subprocessor, then subject to the requirements of the Data Controller’s Requirements for Subprocessor Engagement, the Subprocessor is required to enter into appropriate security, confidentiality and privacy contract terms, in accordance with Section 6 of the Data Processing Agreement. Sche...
Description of Technical and Organizational Measures. This Xxxxx describes the technical and organizational security measures implemented by Capsa in accordance with Clauses 4(d) and 5(c) of the Standard Contractual Clauses: In addition to any technical and security measures described in the Security section of the DPA, Capsa implements the following measures: • Capsa maintains an annual ISO27001 IT security certification; • Capsa Products encrypt data in transit and at rest; • Capsa employees receive regular training on data security; and
