Personal Information security breach Supplier/Service Provider’s Obligations
a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data.
b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved.
c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise.
d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.
Facility Information The Product is: Renewable Energy Facility or Unit Specific; if so, complete the following: Name of Facility Location of Facility EIA number Online Date Renewable Energy Source specific; if so, state: Aggregator area specific. Use the following table for generator aggregation programs: REC Delivery Unit Specific Generating Renewable Energy Unit / Renewable Energy Source Generating Renewable Energy Aggregation Program / Renewable Energy Sources Location of Generator or Area of Aggregation
Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
Access to Company Information (a) During the period from the date of this Agreement to the Effective Time, the Company shall permit representatives of the Parent to have reasonable access (at all reasonable times, and in a manner so as not to interfere with the normal business operations of the Company) to all premises, properties, financial and accounting records, contracts, other records and documents, and personnel, of or pertaining to the Company.
(b) The Parent and each of its Subsidiaries (i) shall treat and hold as confidential any Company Confidential Information (as defined below), (ii) shall not use any of the Company Confidential Information except in connection with this Agreement, and (iii) if this Agreement is terminated for any reason whatsoever, shall return to the Company all tangible embodiments (and all copies) thereof which are in its possession. For purposes of this Agreement, “Company Confidential Information” means any information of the Company that is furnished to the Parent or any of its Subsidiaries by the Company in connection with this Agreement; provided, however, that it shall not include any information (A) which, at the time of disclosure, is available publicly other than as a result of non-permitted disclosure by the Parent, any of its Subsidiaries or their respective directors, officers, or employees, (B) which, after disclosure, becomes available publicly through no fault of the Parent, any of its Subsidiaries or their respective directors, officers, or employees, (C) which the Parent or any of its Subsidiaries knew or to which the Parent or any of its Subsidiaries had access prior to disclosure, as demonstrated by competent evidence, provided that the source of such information is not known by the Parent or any of its Subsidiaries to be bound by a confidentiality obligation to the Company, or (D) which the Parent or any of its Subsidiaries rightfully obtains from a source other than the Company, provided that the source of such information is not known by the Parent or any of its Subsidiaries to be bound by a confidentiality obligation to the Company.
Company Information Subscriber understands that the Company is subject to all the risks that apply to early-stage companies, whether or not those risks are explicitly set out in the Offering Circular. Subscriber has had such opportunity as it deems necessary (which opportunity may have presented through online chat or commentary functions) to discuss the Company’s business, management and financial affairs with managers, officers and management of the Company and has had the opportunity to review the Company’s operations and facilities. Subscriber has also had the opportunity to ask questions of and receive answers from the Company and its management regarding the terms and conditions of this investment. Subscriber acknowledges that except as set forth herein, no representations or warranties have been made to Subscriber, or to Subscriber’s advisors or representative, by the Company or others with respect to the business or prospects of the Company or its financial condition.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
(2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program.
(3) DTI shall comply with its Information Security Program.
Confidential Information and Trade Secrets During the period of my employment with the Company, I acknowledge that the Company may disclose to me confidential and proprietary information of the Company which the Company takes great pains to safeguard from unauthorized use and disclosure. I agree at all times during the term of my employment and thereafter, to hold in strictest confidence, and not to use or to disclose to any person, firm or corporation, except as such use or disclosure is required in connection with my work for the Company or unless the Chief Executive Officer of the Company otherwise expressly authorizes in writing, any Confidential Information (defined below) before it has become generally known within the relevant industry through no fault of my own. I understand and agree that “Confidential Information” means any non-public information that does not otherwise qualify as Trade Secrets (defined below) that relates to the actual or demonstrably anticipated business or research or development of the Company or any other information which is marked “confidential” or which might reasonably be anticipated to be confidential in nature. I further agree, at all times during my employment and anytime thereafter, to hold in strictest confidence, and not to use or disclose to any person, firm or corporation, except as such use or disclosure is required in connection with my work for the Company or unless the Chief Executive Officer of the Company expressly authorizes such use or disclosure in writing, any Trade Secret (defined below) before it has become generally known in the public domain through no fault of my own. I understand and agree that “Trade Secrets” are information, regardless of form, belonging to the Company, licensed by it, or disclosed to it on a confidential basis by its customers, suppliers, or other third parties, including, but not limited to technical and non-technical data, formulae, patterns, compilations, programs, devices, methods, techniques, drawings, processes, financial data, financial plans, product plans, and lists of actual or potential customers or suppliers which is not commonly known in the public domain and which (i) derives economic value, economic or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use; and (ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy, or any other information that constitutes a trade secret under common law.
YOUR PERSONAL INFORMATION 17.1 We collect certain information about the purchaser and the users of the Card in order to operate the Card programme. IDT Financial Services Limited is the data controllers of Your personal data, and will manage and protect Your personal data in accordance with applicable law.IDT Financial Services Limited receives card services from First Data Slovakia s.r.o., which acts as a data processor for IDT Financial Services Limited.
17.2 We may transfer Your personal data outside the EEA to Our commercial partners where necessary to provide Our services to You, such as customer service, account administration, financial reconciliation, or where the transfer is necessary as a result of Your request, such as the processing of any international transaction. When We transfer personal data outside the EEA, We will take steps to ensure that Your personal data is afforded substantially similar protection as personal data processed within the EEA. Please be aware that not all countries have laws to protect personal data in a manner equivalent to that of the EEA. Your use of Our products and services will indicate to Us that You agree to the transfer of Your personal data outside the EEA. If You withdraw Your consent to the processing of Your personal data or its transfer outside the EEA, which You can do by using the contact details in clause 15, We will not be able to provide Our services to You. Therefore, such withdrawal of consent will be deemed to be a termination of the Agreement.
17.3 Unless You have provided Your explicit permission, Your personal data will not be used for marketing purposes by Us or Our commercial partners (unless You have independently provided Your consent to them directly), nor will it be shared with third parties unconnected with the Card scheme.
17.4 You have the right to request details of the personal information that is held about You, and You may receive this by writing to our Customer Service Center.
17.5 Please refer to the Privacy Policy of IDT Financial Services Limited xxxx://xxx.xxxxxxxxxx.xxx/privacypolicy.pdf for full details, which You accept by accepting the Agreement.
Maintaining Confidential Information Executive reaffirms his obligations under the Confidentiality Agreement. Executive acknowledges and agrees that the payments provided in Section 3 above shall be subject to Executive’s continued compliance with Executive’s obligations under the Confidentiality Agreement.
Confidential Information and Restricted Activities Employee has entered into the Company’s Employee Proprietary Information Agreement (“EPIA”) and acknowledges his or her obligations thereunder. The EPIA is specifically incorporated into this Agreement.
