Notifiable data breaches Sample Clauses

Notifiable data breaches. 20.1. If the Liquidator becomes aware that there are reasonable grounds to suspect that there may have been an Eligible Data Breach in relation to any Personal Information or Sensitive Information held by the Supplier as a result of this Agreement or its provision of the Services, the Liquidator agrees to: (a) notify ASIC in writing as soon as possible, which must be no later than within 3 days of becoming aware; and (b) unless otherwise directed by ASIC, carry out an assessment in accordance with the requirements of the Privacy Xxx 0000 (Cth). 20.2. Where the Liquidator is aware that there are reasonable grounds to believe there has been, or where ASIC notifies the Liquidator that there has been, an Eligible Data Breach in relation to any Personal Information or Sensitive Information held by the Liquidator as a result of this Agreement or its provision of the Services, the Liquidator must: (a) take all reasonable action to mitigate the risk of the Eligible Data Breach causing serious harm to any of the individuals to whom the Personal Information or Sensitive Information relates; (b) unless otherwise directed by ASIC, take all other action necessary to comply with the requirements of the Privacy Xxx 0000 (Cth); and (c) take any other action as reasonably directed by ASIC.
Sample 1Sample 2See All (4)
AutoNDA by SimpleDocs
Notifiable data breaches. If the Insurer becomes aware that there are reasonable grounds to suspect that there may have been an Eligible Data Breach in relation to any Personal Information held by the Insurer for the purposes of this Deed or the provision of OSHC, the Insurer agrees to: notify the Department in writing as soon as possible, which must be no later than within 3 days of becoming aware; and carry out an assessment in accordance with the requirements of the Privacy Act unless otherwise directed by the Commonwealth. Where the Insurer is aware that there are reasonable grounds to believe there has been, or where the Department notifies the Insurer that there has been, an Eligible Data Breach in relation to any Personal Information held by the Insurer as a result of this Deed or the provision of OSHC, the Insurer must: take all reasonable action to mitigate the risk of the Eligible Data Breach causing serious harm to any of the individuals to whom the Personal Information relates; unless otherwise directed by the Department, take all other action necessary to comply with the requirements of the Privacy Act; and take any other action as reasonably directed by the Department.
Sample 1Sample 2
Notifiable data breaches. ‌ 18.1. If the Insurer becomes aware that there are reasonable grounds to suspect that there may have been an Eligible Data Breach in relation to any Personal Information held by the Insurer for the purposes of this Deed or the provision of OSHC, the Insurer agrees to: (a) notify the Department in writing as soon as possible, which must be no later than within 3 days of becoming aware; and (b) carry out an assessment in accordance with the requirements of the Privacy Act unless otherwise directed by the Commonwealth. 18.2. Where the Insurer is aware that there are reasonable grounds to believe there has been, or where the Department notifies the Insurer that there has been, an Eligible Data Breach in relation to any Personal Information held by the Insurer as a result of this Deed or the provision of OSHC, the Insurer must: (a) take all reasonable action to mitigate the risk of the Eligible Data Breach causing serious harm to any of the individuals to whom the Personal Information relates; (b) unless otherwise directed by the Department, take all other action necessary to comply with the requirements of the Privacy Act; and (c) take any other action as reasonably directed by the Department.
Sample 1Sample 2
Notifiable data breaches. You shall notify in the manner specified in clause 25.1 within 48 hours if you learn of any security breaches relating to the Services. If the breach(es) could constitute a Notifiable Data Breach under Part IIIC of the Privacy Act, you shall notify us within 3 hours of the breach (suspected or confirmed) coming to your attention. You shall aid us fully in any subsequent investigation or legal action taken as a result of the breach.
Sample 1
Notifiable data breaches. (a) This clause 18 applies to the extent that the Service Provider is an ‘Organisation’ as defined in the Privacy Act 1988. (b) In this clause:
Sample 1
Notifiable data breaches. (a) Without limiting any other term of this Agreement, if the Operator becomes aware that there are reasonable grounds to suspect that there may have been an Eligible Data Breach in relation to any Personal Information held by the Operator as a result of this Agreement or its provision of the Services, the Operator must: (i) notify the Department in writing immediately; (ii) unless otherwise directed by the Department, carry out an assessment in accordance with the requirements of the Privacy Act; and (iii) where requested by the Department, assist the Department in carrying out an assessment of the consequences to the Department of the eligible data breach. (b) Where the Operator is aware that there are reasonable grounds to believe there has been, or where the Department notifies the Operator that there has been, an Eligible Data Breach in relation to any Personal Information held by the Operator as a result of this Agreement or its provision of the Services, the Operator must: (i) take all reasonable action to mitigate the risk of the Eligible Data Breach causing serious harm to any of the individuals to whom the Personal Information relates; (ii) unless otherwise directed by the Department, take all other action necessary to comply with the requirements of the Privacy Act; and (iii) take any other action as reasonably directed by the Department.
Sample 1
Notifiable data breaches. 18.1 This clause 18 will only apply to the extent the notifiable data breaches scheme under Part IIIC of the Privacy Act 1988 (Cth) (Notifiable Data Breaches Scheme) applies to us. 18.2 If as a result of our investigations in accordance with clause 17.1 of this Agreement, we believe a Security Incident has occurred that we consider to be notifiable under the Notifiable Data Breaches Scheme, we will: (a) promptly notify you of this by telephone or email; (b) provide notice to the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches Scheme; and (c) be the sole Party to notify the individuals who are likely to be at risk of serious harm arising from the Security Incident. 18.3 Where we do not have the contact details of affected individuals, we will provide you with a statement to provide to affected individuals.
Sample 1
AutoNDA by SimpleDocs
Notifiable data breaches. We will notify you and the Office of the Australian Information Commissioner about any data breach that is likely to result in serious harm to you unless an exception applies, for example, where we have already taken appropriate remedial action that removes the risk of serious harm to any individuals.
Sample 1

Related to Notifiable data breaches

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.

  • Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. 7.2 Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

  • Customer Data 7.1 The Customer shall own all right, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data. 7.2 The Supplier will ensure that there are regular back ups of Customer Data. In the event of any loss or damage to Customer Data caused by the Supplier, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up). If recovery of Customer Data is required as a result of an issue resulting from the Customer, the Supplier will use all reasonable endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier provided that the Customer pays the Supplier’s reasonable additional Fees for such recovery. 7.3 If the Supplier processes any personal data on the Customer's behalf when performing its obligations under this Contract, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case: 7.3.1 the Customer acknowledges and agrees that the personal data may be transferred or stored outside the EEA or the country where the Customer and the Authorised Users are located in order to carry out the Services and the Supplier's other obligations under this Contract; 7.3.2 the Customer shall ensure that the Customer is entitled to transfer the relevant personal data to the Supplier so that the Supplier may lawfully use, process and transfer the personal data in accordance with this Contract on the Customer's behalf; 7.3.3 the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation; 7.3.4 the Supplier shall process the personal data only in accordance with the terms of this Contract and any lawful instructions reasonably given by the Customer from time to time; and 7.3.5 each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!