Disclosure of Account Information to Third Parties We will disclose information to third parties about your account or the transfers you make:
CONFIDENTIALITY/SAFEGUARDING OF INFORMATION The CONTRACTOR shall not use or disclose any information concerning the AGENCY, or information that may be classified as confidential, for any purpose not directly connected with the administration of this contract, except with prior written consent of the AGENCY, or as may be required by law.
Privacy and Personal Information (a) This clause 14 applies where this agreement amounts to a “service arrangement” under the Information Privacy Act 2009 (Qld).
(b) For the purpose of this clause 14, Personal Information has the meaning given in the Information Privacy Act 2009 (Qld).
(c) If the Recipient collects or has access to Personal Information in order to undertake the Activity, the Recipient must:
(i) comply with Parts 1 and 3 of Chapter 2 of the Information Privacy Act 2009 (Qld) in relation to the discharge of its obligations under this agreement (including its obligations regarding Reports), as if the Recipient was the Department;
(ii) ensure that Personal Information is protected against loss and against unauthorised access, use, modification, disclosure or other misuse;
(iii) not use Personal Information other than for the purposes of undertaking the Activity, unless required or authorised by law;
(iv) not disclose Personal Information without the consent of the Department, unless required or authorised by law;
(v) not transfer Personal Information outside of Australia without the consent of the Department;
(vi) ensure that access to Personal Information is restricted to those of the Recipient's employees and officers who require access in order to perform their duties;
(vii) ensure that the Recipient's officers and employees do not access, use or disclose Personal Information other than in the performance of their duties;
(viii) ensure that the Recipient's subcontractors who have access to Personal Information comply with obligations the same as those imposed on the the Recipient under this clause 14;
(ix) fully co-operate with the Department to enable the Department to respond to applications for access to, or amendment of a document containing an individual’s Personal Information and to privacy complaints; and
(x) comply with such other privacy and security measures as the Department reasonably advises the Recipient in writing from time to time.
(d) The Recipient must immediately notify the Department on becoming aware of any breach, suspected breach or complaint alleging something that would, if proved, be a breach of clause 14(c) and provide full details of the breach, suspected breach or complaint.
(e) On request by the Department, the Recipient must obtain from its Representatives engaged for the purposes of this agreement, an executed deed of privacy in a form acceptable to the Department.
YOUR PERSONAL INFORMATION 17.1 We collect certain information about the purchaser and the users of the Card in order to operate the Card programme. IDT Financial Services Limited is the data controllers of Your personal data, and will manage and protect Your personal data in accordance with applicable law.IDT Financial Services Limited receives card services from First Data Slovakia s.r.o., which acts as a data processor for IDT Financial Services Limited.
17.2 We may transfer Your personal data outside the EEA to Our commercial partners where necessary to provide Our services to You, such as customer service, account administration, financial reconciliation, or where the transfer is necessary as a result of Your request, such as the processing of any international transaction. When We transfer personal data outside the EEA, We will take steps to ensure that Your personal data is afforded substantially similar protection as personal data processed within the EEA. Please be aware that not all countries have laws to protect personal data in a manner equivalent to that of the EEA. Your use of Our products and services will indicate to Us that You agree to the transfer of Your personal data outside the EEA. If You withdraw Your consent to the processing of Your personal data or its transfer outside the EEA, which You can do by using the contact details in clause 15, We will not be able to provide Our services to You. Therefore, such withdrawal of consent will be deemed to be a termination of the Agreement.
17.3 Unless You have provided Your explicit permission, Your personal data will not be used for marketing purposes by Us or Our commercial partners (unless You have independently provided Your consent to them directly), nor will it be shared with third parties unconnected with the Card scheme.
17.4 You have the right to request details of the personal information that is held about You, and You may receive this by writing to our Customer Service Center.
17.5 Please refer to the Privacy Policy of IDT Financial Services Limited xxxx://xxx.xxxxxxxxxx.xxx/privacypolicy.pdf for full details, which You accept by accepting the Agreement.
Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and its respective Subsidiaries may presently have and, after the Effective Time, may gain access to or possession of confidential or proprietary Information of, or personal Information relating to, Third Parties: (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or the other Party’s Subsidiaries, on the other hand, prior to the Effective Time or (ii) that, as between the two parties, was originally collected by the other Party or the other Party’s Subsidiaries and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause its Subsidiaries and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary Information of, or personal Information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or the other Party’s Subsidiaries, on the one hand, and such Third Parties, on the other hand.
Safeguards for Personal Information Supplier agrees to develop, implement, maintain, and use administrative, technical, and physical safeguards, as deemed appropriate by DXC, to preserve the security, integrity and confidentiality of, and to prevent intentional or unintentional non-permitted or violating use or disclosure of, and to protect against unauthorized access to or accidental or unlawful destruction, loss, or alteration of, the Personal Information Processed, created for or received from or on behalf of DXC in connection with the Services, functions or transactions to be provided under or contemplated by this Agreement. Such safeguards shall meet all applicable legal standards (including any encryption requirements imposed by law) and shall meet or exceed accepted security standards in the industry, such as ISO 27001/27002. Supplier agrees to document and keep these safeguards current and shall make the documentation available to DXC upon request. Supplier shall ensure that only Supplier’s employees or representatives who may be required to assist Supplier in meeting its obligations under this Agreement shall have access to the Personal Information.
Protection of Personal Information Party agrees to comply with all applicable state and federal statutes to assure protection and security of personal information, or of any personally identifiable information (PII), including the Security Breach Notice Act, 9 V.S.A. § 2435, the Social Security Number Protection Act, 9 V.S.A. § 2440, the Document Safe Destruction Act, 9 V.S.A. § 2445 and 45 CFR 155.260. As used here, PII shall include any information, in any medium, including electronic, which can be used to distinguish or trace an individual’s identity, such as his/her name, social security number, biometric records, etc., either alone or when combined with any other personal or identifiable information that is linked or linkable to a specific person, such as date and place or birth, mother’s maiden name, etc.
Personal Information 23.1 Subject to any applicable laws, the Licensee authorises XXXXX to:
23.1.1 use any Personal Information that SAMRO for the purposes of processing, executing and administering the Agreement; calculating Licence Fees; collecting the Licence Fees;
23.1.2 informing the Licensee of any SAMRO news and information or information relating to the Agreement;
23.1.3 informing the Licensee of any amendment, Tariff amendment or General Amendment to this Agreement.
23.1.4 access the Licensees Personal Information from credit bureaux relating to the Licensees payment profile for purposes of financial risk assessment, fraud prevention and debtor tracing and that we may disclose the necessary Personal Information to any such credit bureaux.
23.1.5 obtain, capture store, process, analyse and use the Licensees personal information for SAMRO marketing purposes in relation to XXXXX’s business of managing its Repertoire.
Freedom of Information and Transparency 20.1 The Recipient acknowledges that the Commissioner is subject to the provisions of the FOIA and agrees to assist and co-operate with the Commissioner (at the Recipient’s expense) where necessary to enable the Commissioner to comply with any requests received under the FOIA relating to this Agreement. This includes, but is not limited to, transferring to the Commissioner any request received by the Recipient under the FOIA relating to this Agreement as soon as practicable following receipt and in any event within three working days of receipt.
20.2 In no event shall the Recipient respond to a request under the FOIA relating to this Agreement without obtaining the prior written consent of the Commissioner.
20.3 The Recipient acknowledges that the Commissioner may be obliged to disclose information under the FOIA:
20.3.1 Without consulting the Recipient; or
20.3.2 Following consultation with the Recipient and having taken into account its views. Provided that where clause 20.3.1 applies the Commissioner shall, in accordance with the recommendations of the Secretary of State for Constitutional Affairs’ Code of Practice on the discharge of a public authorities’ functions under Part 1 of FOIA, take reasonable steps, to give the Recipient advanced notice or to draw the disclosure to the Recipient’s attention after any such disclosure.
20.4 The Recipient shall ensure it retains for disclosure all information (as defined in the FOIA) produced in the course of this Agreement or relating to this Agreement and shall allow the Commissioner to inspect such records from time to time upon request.
20.5 The Recipient acknowledges that the Commissioner is subject to certain transparency and disclosure obligations set out in the Elected Local Policing Bodies Specified Information Order 2011 (as amended) (“Transparency Obligations”)
20.6 The Recipient consents to the Commissioner publishing the contents of this Agreement and information regarding any tender process related to the Purpose of the Agreement to enable the Commissioner to comply with their Transparency Obligations.
20.7 The Recipient acknowledges that:
20.7.1 The Commissioner shall be responsible for determining, at their absolute discretion, whether any information is exempt from disclosure or should be disclosed pursuant to the FOIA and/or the Transparency Obligations and to what extent any information disclosed shall be redacted; and
20.7.2 Any lists or schedules provided by the Recipient outlining confidential information are of an indicative value only and that the Commissioner may be obliged to disclose confidential information in accordance with Clause 20.3 and/or Clause 20.5.
Data Protection and Privacy:
Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
