Measures. SAP protects its assets and facilities using the appropriate means based on the SAP Security Policy • In general, buildings are secured through access control systems (e.g., smart card access system). • As a minimum requirement, the outermost entrance points of the building must be fitted with a certified key system including modern, active key management. • Depending on the security classification, buildings, individual areas and surrounding premises may be further protected by additional measures. These include specific access profiles, video surveillance, intruder alarm systems and biometric access control systems. • Access rights are granted to authorized persons on an individual basis according to the System and Data Access Control measures (see Section 1.2 and 1.3 below). This also applies to visitor access. Guests and visitors to SAP buildings must register their names at reception and must be accompanied by authorized SAP personnel. • SAP employees and external personnel must wear their ID cards at all SAP locations.
Measures. SAP has implemented a multi-layered defense strategy as a protection against unauthorized modifications. • In particular, SAP uses the following to implement the control and measure sections described above: • Firewalls; • Security Monitoring Center; • Antivirus software; • Backup and recovery; • External and internal penetration testing; • Regular external audits to prove security measures. The following table sets out the relevant Articles of GDPR and corresponding terms of the DPA for illustration purposes only.
Measures. SAP protects its assets and facilities using the appropriate means based on the SAP Security Policy • In general, buildings are secured through access control systems (e.g., smart card access system). • As a minimum requirement, the outermost entrance points of the building must be fitted with a certified key system including modern, active key management. • Depending on the security classification, buildings, individual areas and surrounding premises may be further protected by additional measures. These include specific access profiles, video surveillance, intruder alarm systems and biometric access control systems. • Access rights are granted to authorized persons on an individual basis according to the System and Data Access Control measures (see Section 1.2 and 1.3 below). This also applies to visitor access. Guests and visitors to SAP buildings must register their names at reception and must be accompanied by authorized SAP personnel. • SAP employees and external personnel must wear their ID cards at all SAP locations. Additional measures for Data Centers: • All Data Centers adhere to strict security procedures enforced by guards, surveillance cameras, motion detectors, access control mechanisms and other measures to prevent equipment and Data Center facilities from being compromised. Only authorized representatives have access to systems and infrastructure within the Data Center facilities. To protect proper functionality, physical security equipment (e.g., motion sensors, cameras, etc.) undergo maintenance on a regular basis. • SAP and all third-party Data Center providers log the names and times of authorized personnel entering SAP’s private areas within the Data Centers.
Measures. As part of the SAP Security Policy, Personal Data requires at least the same protection level as “confidential” information according to the SAP Information Classification standard. • Access to Personal Data is granted on a need-to-know basis. Personnel have access to the information that they require in order to fulfill their duty. SAP uses authorization concepts that document grant processes and assigned roles per account (user ID). All Customer Data is protected in accordance with the SAP Security Policy. • All production servers are operated in the Data Centers or in secure server rooms. Security measures that protect applications processing Personal Data are regularly checked. To this end, SAP conducts internal and external security checks and penetration tests on its IT systems. • SAP does not allow the installation of software that has not been approved by SAP. • An SAP security standard governs how data and data carriers are deleted or destroyed once they are no longer required.
Measures. Prior to resumption of normal performance, the Parties shall continue to perform their obligations under this Agreement to the extent not excused by such event of Force Majeure.
Measures. The Parties shall use reasonable best efforts to make alternative arrangements for such disclosure where the restrictions in the preceding sentence apply. Any request, and the provision of access or information, in each case pursuant to this Section 7.02, shall be made in a time and manner so as not to materially delay the Closing. All information obtained by Acquiror and its Representatives under this Agreement shall be subject to the Confidentiality Agreement prior to the Closing.
Measures. Progress reports for one hundred percent (100%) of offenders served will be provided to offender’s supervision officer each month.
Measures. Since January 1, 2020, no Target Company has implemented any plant closing or employee layoffs that would trigger notice obligations under the WARN Act.
Measures the Company is not subject to (or has received an exclusion from the applicable Governmental Entity) COVID-19 Measures, such that the Company may not continue to operate in the ordinary course of business as of the Effective Date and the reasonably foreseeable future.
Measures. SAP only allows authorized persons to access Personal Data as required in the course of their work. SAP implemented a logging system for input, modification and deletion, or blocking of Personal Data by SAP or its Subprocessors to the greatest extent supported by the Cloud Service.