Common use of Mandatory Reporting Clause in Contracts

Mandatory Reporting. 7.1. The Processor will inform the Responsible as soon as possible - and at the latest within 24 hours after the first discovery - of all (suspected) security breaches and other incidents that must be reported to the supervisor or data subject pursuant to legislation, without prejudice to the obligation to undo or limit the consequences of such violations and incidents as quickly as possible. The Processor will furthermore, at the first request of the Responsible, provide all information that the Responsible considers necessary to assess the incident. In doing so, the Processor will in any case provide the information to the Responsible as described in appendix 2.2. 7.2. The Processor has a thorough plan of approach to dealing with breaches and will provide the Responsible with access to the plan at his request. 7.3. The Processor will leave reports to the Controller (s) to the Responsible. 7.4. The Processor will provide all necessary cooperation to provide additional information to the regulator (s) and / or party (ies) as necessary, in the shortest possible term. At the same time, the Processor provides the information, as described in appendix 2.2, to the Responsible. 7.5. The Processor keeps a detailed log of all (suspicions of) breaches of security, as well as the measures that have been taken in follow-up to such breaches containing at least the information as referred to in appendix 2.2, and gives access to the Responsible.

Mandatory Reporting. 7.1. The Processor will inform the Responsible as soon as possible - and at the latest within 24 hours after the first discovery - of all (suspected) security breaches and other incidents that must be reported to the supervisor or data subject pursuant to legislation, without prejudice to the obligation to undo or limit the consequences of such violations and incidents as quickly as possible. The Processor will furthermore, at the first request of the Responsible, provide all information that the Responsible considers necessary to assess the incident. In doing so, the Processor will in any case provide the information to the Responsible as described in appendix 2.2. 7.2. The Processor has a thorough plan of approach to dealing with breaches and will provide the Responsible with access to the plan at his request. 7.3. The Processor will leave reports to the Controller (sController(s) to the Responsible. 7.4. The Processor will provide all necessary cooperation to provide additional information to the regulator (sregulator(s) and / or party (iesparty(ies) as necessary, in the shortest possible term. At the same time, the Processor provides the information, as described in appendix 2.2, to the Responsible. 7.5. The Processor keeps a detailed log of all (suspicions of) breaches of security, as well as the measures that have been taken in follow-up to such breaches containing at least the information as referred to in appendix 2.2, and gives access to the Responsible.