Malicious Use of Orphan Glue Records Registry Operator shall take action to remove orphan glue records (as defined at xxxx://xxx.xxxxx.xxx/en/committees/security/sac048.pdf) when provided with evidence in written form that such records are present in connection with malicious conduct.
Data Rights User retains all rights over any data and other information that User may provide, upload, transfer or make available in relation to, or which is collected from User’s devices or equipment by, the Software, including, without limitation, information pertaining to how the Software obtains, uses, and respond to inputs, location, ambient conditions, and other information related to use and operation of the Software with Honeywell or third-party products, software or websites (“Usage Data”). Honeywell has the right to retain, transfer, disclose, duplicate, analyze, modify, and otherwise use Usage Data to protect, improve, or develop its products, services, and related offerings. All information, analysis, insights, inventions, and algorithms derived from Usage Data by Honeywell (but excluding the Usage Data itself) and any intellectual property rights obtained related thereto, are owned exclusively and solely by Xxxxxxxxx.
Client Records 26.2.1 CONTRACTOR shall prepare and maintain accurate and complete records of clients served and dates and type of services provided under the terms of this Contract in a form acceptable to ADMINISTRATOR. 26.2.2 CONTRACTOR shall keep all COUNTY data provided to CONTRACTOR during the term(s) of this Contract for a minimum of five
Right to Examine Servicer Records The Owner shall have the right to examine and audit any and all of the books, records, or other information of the Servicer, whether held by the Servicer or by another on its behalf, with respect to or concerning this Agreement or the Mortgage Loans, during business hours or at such other times as may be reasonable under applicable circumstances, upon reasonable advance notice.
Customer Data 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you. 8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001. 8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case: (a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf; (b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws; (c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and (d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority. 8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities 8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing 8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Database File The Servicer will provide the Successor Servicer with a magnetic tape (in a format reasonably acceptable to the Indenture Trustee and the Servicer) containing the database file for each Contract (i) as of the Initial Cutoff Date, (ii) the Subsequent Cutoff Date, (iii) thereafter, as of the last day of the preceding Due Period on each Determination Date prior to a Service Transfer and (iv) on and as of the Business Day before the actual commencement of servicing functions by the Successor Servicer following the occurrence of a Service Transfer.
How to Update Your Records You agree to promptly update your registration records if your e-mail address or other information changes. You may update your records, such as your e-mail address, by using the Profile page.
Access to Data Operator shall make Data in the possession of the Operator available to the LEA within five (5) business days of a request by the LEA.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.
Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.
