ICO Guidance. 6.1 The Parties agree to take account of any guidance issued by the Information Commissioner and/or any relevant central government body. The Buyer may on not less than thirty (30) Working Days’ notice to the Supplier amend the contract to ensure that it complies with any guidance issued by the Information Commissioner and/or any relevant central government body.
ICO Guidance. The Parties agree to take account of any guidance issued by the Information Commissioner and/or any relevant Central Government Body. The CCS may on not less than thirty (30) Working Days’ notice to the Supplier amend the Contract to ensure that it complies with any guidance issued by the Information Commissioner and/or any relevant Central Government Body.
ICO Guidance. The parties agree to take account of any guidance issued by the Information Commissioner’s Office. The Authority may on not less than 30 Business Days’ notice to the Supplier amend this Protocol to ensure that it complies with any guidance issued by the Information Commissioner’s Office. This form is intended for use as a template only and should be printed on the Authority’s letterhead. The document should not be altered in any other way, except for editing the input boxes in the right-hand columns of the form.
ICO Guidance. 6.1 The Parties agree to take account of any non-mandatory guidance issued by the Information Commissioner or any other regulatory authority. The Buyer may on not less than thirty
ICO Guidance xxx.xxx.xx We have provided functionality, training and support that you may find helpful in meeting these requirements. You are responsible for ensuring you take the necessary measures to meet these obligations. Any type of Personal Data Breach, including mis-handling or misuse of Protected Data beyond the purposes, e.g.: • Marketing under the guise of market research (for the survey functionality) without fulfilling marketing rules • Access by unauthorised individuals to Protected Data • Retaining Protected Data longer than necessary • Processing Children’s Personal Data or communicating with children without appropriate protections • NPO is responsible for ensuring use of IIT complies with DP Law. • CWC has implemented various controls and security measures (see Annex B to this DPA), e.g. personnel have limited access to insights data and are bound by confidentiality which includes a commitment not to use Protected Data for their own purposes. • The IIT includes optional functionality that Authorised Users can use to address these risks. • CWC provides ongoing training and support in how to use the IIT and IIT Services and which incorporates data protection tips and best practices using the IIT. • See Annex B for related measures. Is the Protected Data being transferred outside of the EEA? If so, describe the Adequate Safeguards you have implemented. Yes. The CC Platform is operated from Australia, but the server is hosted in London. We are taking steps to minimise the amount of Protected Data that is transferred outside of the EEA but since we cannot guarantee none will be transferred we have prepared Standard Contractual Clauses for you to sign with CC, which form part of your contractual package and this Agreement. Should you wish to obtain a copy of these Contractual Clauses due to the loss of your provided copy, please contact xxxxxxx@xxxxxxxxxxxxxxxxxx.xx.xx See also Annex B for additional measures we have taken. ANNEX B
ICO Guidance. The Parties agree to take account of any non-mandatory guidance issued by the Information Commissioner, any relevant Central Government Body and/or any relevant central government body. CCSother regulatory authority. The Buyer may on not less than thirty (30) Working Days’ notice to the Supplier amend the Framework Agreement to ensure that it complies with any guidance issued by the Information Commissioner, any relevant Central Government Body and/or any relevant central government body other regulatory authority. Liabilities for Data Protection Breach If financial penalties are imposed by the Information Commissioner on either the Buyer or the Supplier for a Personal Data Breach ("Financial Penalties") then the following shall occur: if in the view of the Information Commissioner, the Buyer is responsible for the Personal Data Breach, in that it is caused as a result of the actions or inaction of the Buyer, its employees, agents, contractors (other than the Supplier) or systems and procedures controlled by the Buyer, then the Buyer shall be responsible for the payment of such Financial Penalties. In this case, the Buyer will conduct an internal audit and engage at its reasonable cost when necessary, an independent third party to conduct an audit of any such Personal Data Breach. The Supplier shall provide to the Buyer and its third party investigators and auditors, on request and at the Supplier's reasonable cost, full cooperation and access to conduct a thorough audit of such Personal Data Breach; if in the view of the Information Commissioner, the Supplier is responsible for the Personal Data Breach, in that it is not a Personal Data Breach that the Buyer is responsible for, then the Supplier shall be responsible for the payment of these Financial Penalties. The Supplier will provide to the Buyer and its auditors, on request and at the Supplier’s sole cost, full cooperation and access to conduct a thorough audit of such Personal Data Breach; or if no view as to responsibility is expressed by the Information Commissioner, then the Buyer and the Supplier shall work together to investigate the relevant Personal Data Breach and allocate responsibility for any Financial Penalties as outlined above, or by agreement to split any Financial Penalties Financial penalties equally if no responsibility for the Personal Data Breach can be apportioned. In the event that the Parties do not agree such apportionment then such Dispute shall be referred to the procedure s...
