Common use of Notification of Xxxxxx and Unauthorized Release Clause in Contracts

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, the Data Protection Privacy Officer, Xxxxx Xxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxxxxxxxxx.xxx or by calling (000-) 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxxthe Data Privacy Officer, Data Protection Officer Xxxxx Xxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxxthe Data Privacy Officer, Data Protection Officer Xxxxx Xxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxx Xxxxxxxxx Xxxxxx, Director for Data Protection Officer, Privacy & Professional Learning directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx-xxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxx Xxxxxxxxx Xxxxxx, Director for Data Protection Officer, Privacy & Professional Learning directly by email at xxxxxx.xxx@xxxxx.xxx cdansereau- xxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, the Xxxxxxxx Central School District’s Data Protection Officer, Officer directly by email at xxxxxx.xxx@xxxxx.xxx xxx@xxxxxxxxxxxxxxx.xxx or by calling (000-) 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Xxxxxxxx Central School District’s Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Xxxxxxxx Central School District’s Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting [Xxxxxx Xxx, Data Protection Officer, Xxxxx] directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxx@xxxxx.xxx] or by calling [000-000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Panama Central School directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxx@xxxxxxx.xxx or by calling 000-000(000)000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxxxx, Data Protection DataProtection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx@xxxx.xxx or by calling 000-000- 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involvedDatainvolved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the ofthe incident by the District, Vendor will promptly inform Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, [Jasper- Troupsburg Central School District Contact] directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxxx@xxxxx.xxx] or by calling 000-[000 000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer [Jasper-Troupsburg Central School District Contact] or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer [Jasper-Troupsburg Central School District Contact] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxx@xxxxxxxx.xxx or by calling 000-000-00000000 Ext.162. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, the Data Protection Privacy Officer, Xxxxxxxx Xxxxxxxx-Xxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxx.xxx or by calling 000-000-0000.0000/ (c) Vendor will cooperate with the District and provide as much information as possible directly to the Data Privacy Officer, Xxxxxxxx Xxxxxxxx-Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform the Data Privacy Officer, Xxxxxxxx Xxxxxxxx-Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxx Xxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxx@xxxxxxxxx.xxx or by calling (000-) 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Central School District or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Central School District or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxxx@xxxxx.xxx] or by calling 000-[000 000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to XxxXxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform XxxXxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xx. Xxxxxx XxxXxxxxx, Data Protection Officer, Assistant Superintendent for Educational and Support Programs directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xx. Xxxxxx Xxx, Data Protection Officer, directly by email XxXxxxxxx at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer XxXxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer XxXxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Director of Technology directly by email at xxxxxx.xxx@xxxxx.xxx nettech@waynecsd or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxx CSD IT Department or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer [Name of District Contact] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxx Xxxxxxxx, Data Protection Officer, Officer directly by email at xxxxxx.xxx@xxxxx.xxx XxxxXxxxxxxxxxXxxxxxx@xxxxxxx.xxx or by calling 000-000 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx XxxXxxxxxx Xxxxxxxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx XxxXxxxxxx Xxxxxxxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxx Xxxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx XXxxxxxxx@xxxxxxxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxx Xxxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxx Xxxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor Quizizz will promptly notify the School or District of any breach or unauthorized release of Protected Data it has received from the School or District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Xxxxxxx has discovered or been informed of the breach or unauthorized release. (b) Vendor Quizizz will provide such notification to the School or District by contacting Xxxxxx Xxx, Data Protection Officer, directly Xxxxx Xxxxxxx by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxxxxxxxxx.xxx or by calling (000) 000-000-00000000 . (c) Vendor Quizizz will cooperate with the School or District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer the School or his/her designee District about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor Xxxxxxx discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, if a District, instead of one school, the schools within the District affected, what the Vendor Quizizz has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor Quizizz representatives who can assist affected individuals that may have additional questions. (d) Vendor Xxxxxxx acknowledges that upon initial notification from VendorQuizizz, the School or District, as the educational agency with which Vendor Xxxxxxx contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Xxxxxxx agrees not to provide this notification to the CPO directly unless requested by the School or District or otherwise required by law. In the event the CPO contacts Vendor Xxxxxxx directly or requests more information from Vendor Xxxxxxx regarding the incident after having been initially informed of the incident by the School or District, Vendor Xxxxxxx will promptly inform Xxxxxx Xxx, Data Protection Officer the School or his/her designeeDistrict.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will may provide such notification to the District by contacting Xxxxxx XxxXxxxxxxxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx@xxxx.xxx or by calling 000-000-00000000 or otherwise through Contractor’s regular client communication channels. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxxxx, Data Protection DataProtection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx@xxxx.xxx or by calling 000-000- 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involvedDatainvolved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor ƚƵƌŶ ŶŽƚŝĨLJ ƚŚĞ ŚŝĞĨ WƌŝǀĂĐLJ KĨĨŝĐĞƌVe ndŝorŶ ƚŚĞ agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the ofthe incident by the District, Vendor will promptly inform Xxxxxx XxxXxxxxxxxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting contacting: Name of Contact: Xxxxxxxx Xxxxxx XxxTitle: Assistant Superintendent for Finance, Operations, & Personal, and Data Protection OfficerOfficer School/District Name: Xxxxxx Central School District Address: 000 Xxxx Xx City/State/Zip: Vestal, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000.NY 13850 Email: xxxxxxxx@xxxxxx.x00.xx.xx (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx XxxDistrict Contact, Data Protection Officer as specified in section (b), above, or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxxthe District, Data Protection Officer or his/her designeeso long as legally permitted to do so.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000716-000-0000483- 4365. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-2- d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxx Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxxxx@xxxxxxxxxxxxx.xxx or by calling 000-000-0000 xxx 0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXxxxxxx Xxxxxxxxx Xxxxxx, Director for Data Protection Officer, Privacy & Professional Learning directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxxxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxxx Xxxxxxxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor Seesaw will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Xxxxxx has discovered or been informed of the breach or unauthorized release. (b) Vendor Seesaw will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor Xxxxxx will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer the School or his/her designee District about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor Seesaw discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, if a District, instead of one school, the schools within the District affected, what the Vendor Seesaw has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor Seesaw representatives who can assist affected individuals that may have additional questions. (d) Vendor Seesaw acknowledges that upon initial notification from VendorSeesaw, the School or District, as the educational agency with which Vendor Seesaw contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Xxxxxx agrees not to provide this notification to the CPO directly unless requested by the School or District or otherwise required by law. In the event the CPO contacts Vendor Seesaw directly or requests more information from Vendor Seesaw regarding the incident after having been initially informed of the incident by the School or District, Vendor Xxxxxx will promptly inform Xxxxxx Xxx, Data Protection Officer the School or his/her designeeDistrict.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will shall promptly notify the District Erie 1 BOCES of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District Erie 1 BOCES by contacting Xxxxxx XxxXxxxx Xxxxxxx, Data Security, Protection & Compliance Officer, Erie 1 BOCES directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@x0x.xxx, or by calling (000) 000-000-00000000 (office). (c) Vendor will cooperate with the District Erie 1 BOCES and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxx Xxxxxxx or his/her his designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data personally identifiable information involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have Erie 1 BOCES if it has additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the DistrictErie 1 BOCES, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees shall not to provide this notification to the CPO directly unless requested by the District or otherwise required by lawdirectly. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the DistrictErie 1 BOCES, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxxx Xxxxxxx or his/her his designee. (e) Vendor will consult directly with Xxxxx Xxxxxxx or his designee prior to providing any further notice of the incident (written or otherwise) directly to any other BOCES or Regional Information Center, or any affected school district.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible is reasonable directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxxxxx Xxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000000.000.0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxxxx Xxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxx Xx. Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxx Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxxx@xxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, the Xxxxxxxx Central School District’s Data Protection Officer, Officer directly by email at xxxxxx.xxx@xxxxx.xxx xxx@xxxxxxxxxxxxxxx.xxx or by calling (000-) 000-0000. (c) Vendor will cooperate with the District and provide as much all information as possible reasonably needed by the District to comply with applicable law and policy directly to Xxxxxx Xxx, Xxxxxxxx Central School District’s Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Xxxxxxxx Central School District’s Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will shall promptly notify the District Erie 1 BOCES of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District Erie 1 BOCES by contacting Xxxxxx Xxxthe designated BOCES contact by email, Data Protection Officertelephone number, directly and/or mailing address provided by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000the customer. (c) Vendor will cooperate with the District Erie 1 BOCES and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee the designated BOCES contact about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data personally identifiable information involved, an estimate of the number of records affected, the schools within the District Participating Educational Agencies affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may Erie 1 BOCES or its Participating Districts if they have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, Erie 1 BOCES has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees shall not to provide this notification to the CPO directly unless requested by the District or otherwise required by lawdirectly. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the DistrictErie 1 BOCES, Vendor will promptly inform Xxxxxx Xxxthe designated BOCES contact. (e) Vendor will consult directly with designated BOCES contact prior to providing any further notice of the incident (written or otherwise) directly to any other BOCES or Regional Information Center, Data Protection Officer or his/her designeeany affected Participating Educational Agency.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) To the extent legally permissible, Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, the Data Protection Officer, Officer directly by email at xxxxxx.xxx@xxxxx.xxx XxxxXxxxxxxxxxXxxxxxx@xxxxxxx.xxx or by calling 000-000-000 000- 0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, the Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, the Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXx. Xxxxxxx Xxxxxxxxx, Data Protection Officer, Privacy Officer directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx@xxxxxxxxxxxxxxx.xxx or by calling (000) 000-000-00000000 x00000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xx. Xxxxxxx Xxxxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xx. Xxxxxxx Xxxxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting [Xxxxxx Xxx, Data Protection Officer, Xxxxx] directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxx@xxxxx.xxx] or by calling [000-000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section underSection 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will XXXXXXX shall promptly notify the District BOCES of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor XXXXXXX has discovered or been informed of the breach or unauthorized release. (b) Vendor XXXXXXX will provide such notification to the District BOCES by contacting Xxxxxx Xxx, Data Protection Officer, General Counsel directly by email at xxxxxx.xxx@xxxxx.xxx Xxxxxxx.xxxxx@xxxxx.xxx or by calling (000) 000-000-00000000 (office). (c) Vendor XXXXXXX will cooperate with the District BOCES and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer the General Counsel or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor XXXXXXX discovered or was informed of the incident, a description of the types of Protected Data personally identifiable information involved, an estimate of the number thenumber of records affected, the schools within the District Participating Educational Agencies affected, what the Vendor XXXXXXX has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor XXXXXXX representatives who can assist affected individuals that may have additional questions. (d) Vendor XXXXXXX acknowledges that upon initial notification from VendorXXXXXXX, the DistrictBOCES, as the educational agency with which Vendor XXXXXXX contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees XXXXXXX shall not to provide this notification to the CPO directly unless requested by the District or otherwise required by lawdirectly. In the event the CPO contacts Vendor XXXXXXX directly or requests more information from Vendor XXXXXXX regarding the incident after having been initially informed of the incident by the DistrictXXXXX, Vendor XXXXXXX will promptly inform Xxxxxx XxxGeneral Counsel or designees. (e) XXXXXXX will consult directly with General Counsel or designees prior to providing any further notice of the incident (written or otherwise) directly to any other BOCES or Regional Information Center, or any affected Participating Educational Agency. Albany-Schoharie-Schenectady-Saratoga BOCES (BOCES) is committed to protecting the privacy and security of personally identifiable information about students who attend BOCES instructional programs in accordance with applicable law, including New York State Education Law Section 2-d. To further these goals, XXXXX wishes to inform parents of the following: (1) A student's personally identifiable information cannot be sold or released for any commercial purposes. (2) Parents have the right to inspect and review the complete contents of their child's education record. (3) State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred. (4) A complete list of all student data elements collected by the State is available for public review at xxxx://xxx.x00.xxxxx.xxx/irs/sirs/documentation/NYSEDstudentData.xlsx, or by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 00 Xxxxxxxxxx Xxxxxx, Xxxxxx, Xxx Xxxx 00000. (5) Parents have the right to have complaints about possible breaches of student data addressed. Complaints may be directed to the NYS Chief Privacy Officer by writing to the New York State Education Department, 00 Xxxxxxxxxx Xxxxxx, Xxxxxx, Xxx Xxxx 00000. Complaints may also be directed to the Chief Privacy Officer via email at: XXX@xxxx.xxxxx.xxx. BOCES has entered into An Agreement (“AGREEMENT”) with XXXXXXX (“XXXXXXX”), which governs the availability to Participating Educational Agencies of the following Product(s): [list scope of services from FOGARTY] Pursuant to the AGREEMENT, Participating Educational Agencies may provide to XXXXXXX, and XXXXXXX will receive, personally identifiable information about students, or teachers and principals, that is protected by Section 2-d of the New York State Education Law (“Protected Data”). The exclusive purpose for which XXXXXXX is being provided access to Protected Data Protection Officer is to provide Participating Educational Agencies with the functionality of the Product(s) listed above. XXXXXXX agrees that it will not use the Protected Data for any other purposes not explicitly authorized in the AGREEMENT. Protected Data received by XXXXXXX, or his/her designeeany of XXXXXXX’x subcontractors, assignees, or other authorized agents, will not be sold, or released or used for any commercial or marketing purposes.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee the District about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designeethe District.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx XxxXx. Xxxxxxx Xxxxxxxxx Rumley, Director for Data Protection Officer, Privacy & Professional Learning directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxx-xxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xx. Xxxxxxx Xxxxxxxxx Rumley or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xx. Xxxxxxx Xxxxxxxxx Rumley or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xx. Xxxxxx XxxXxxxxx, Data Protection Officer, Executive Director for Educational and Support Programs directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xx. Xxxxxx XxxXxxxxx, Data Protection Officer, Assistant Superintendent for Educational and Support Programs directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxx@xxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xx. Xxxxxx Xxx, Data Protection Officer Xxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way XtraMath possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting [Xxxxxx Xxx, Data Protection Officer, Xxxxx] directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxx@xxxxx.xxx] or by calling [000-000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any confirmed breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release.no (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000. (c) Vendor will reasonably cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of confirmed the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxx Xxxxxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxx@xxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxx Xxxxxxxxxx or his/her his designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxx Xxxxxxxxxx or his/her his designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxx Xxxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx XXxxxxxxx@xxxxxxxxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible possible, to the extent available or known to the Vendor, directly to Xxxxxx Xxx, Data Protection Officer Xxx Xxxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxx Xxxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar business days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting [Xxxxxx Xxx, Data Protection Officer, Xxxxx] directly by email at xxxxxx.xxx@xxxxx.xxx [xxxxxx@xxxxx.xxx] or by calling [000-000-0000]. (c) Vendor will cooperate with the District and provide as much information as possible directly to [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform [Xxxxxx Xxx, Data Protection Officer Xxxxx] or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxxxxx Xxxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxx0@xxxxxxxxxxx.xxx or by calling 000-000-0000. (c) To the extent legally permissible, Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxxxx Xxxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-2- d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxxxxx Xxxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Mohonasen Central School District Contact directly by email at xxxxxx.xxx@xxxxx.xxx xxxxx@xxxxxxxxx.xxx or by calling 000-000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Mohonasen Central School District Contact or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Mohonasen Central School District Contact or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Jasper- Troupsburg Central School District Contact directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxx@xxxxx.xxx or by calling 000-000 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Jasper-Troupsburg Central School District Contact or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Jasper-Troupsburg Central School District Contact or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000EAST ROCHESTER SCHOOL DISTRICT DATA PROTECTION OFFICER’S NAME AND CONTACT INFORMATION]. (c) Vendor will cooperate with the District and provide as much information as is reasonably possible and appropriate directly to Xxxxxx Xxx, the Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, the Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor Quizizz will promptly notify the School or District of any breach or unauthorized release of Protected Data it has received from the School or District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Xxxxxxx has discovered or been informed of the breach or unauthorized release. (b) Vendor Quizizz will provide such notification to the School or District by contacting Xxxxxx Xxx, Data Protection Officer, directly Xxxxxxx by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxx@xxxxxxxxx.xxx or by calling 000-000-00000000 . (c) Vendor Quizizz will cooperate with the School or District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer the School or his/her designee District about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor Xxxxxxx discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, if a District, instead of one school, the schools within the District affected, what the Vendor Quizizz has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor Quizizz representatives who can assist affected individuals that may have additional questions. (d) Vendor Xxxxxxx acknowledges that upon initial notification from VendorQuizizz, the School or District, as the educational agency with which Vendor Xxxxxxx contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Xxxxxxx agrees not to provide this notification to the CPO directly unless requested by the School or District or otherwise required by law. In the event the CPO contacts Vendor Xxxxxxx directly or requests more information from Vendor Xxxxxxx regarding the incident after having been initially informed of the incident by the School or District, Vendor Xxxxxxx will promptly inform Xxxxxx Xxx, Data Protection Officer the School or his/her designeeDistrict.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, Xxxxx Xxxxxxx directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxxx@xxxxx.xxx or by calling (000-) 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Xxxxx Xxxxxxx or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Xxxxx Xxxxxxx or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxxthe District’s Data Privacy Officer, Data Protection OfficerXxx Xxxxxxxxxxx, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxxxxxxx@xxxxxxxxxxxxx.xxx or by calling 000-000-0000phone at 000.000.0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, the District’s Data Protection Privacy Officer or his/his or her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that who may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“"CPO”"). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, the District’s Data Protection Privacy Officer or his/his or her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx xxxxxxx@xxxxx.xxx or by calling 000-000 000-0000. (c) Vendor will cooperate with the District and provide as much information as possible directly to XxxXxxx Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform XxxXxxx Xxxxxx Xxx, Data Protection Officer or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, contacting: Xx. Xxxxxxx Xxxxxxxxxx Data Protection Officer, directly by Privacy Officer Arlington Central School District 000 Xxxx Xxxx Road LaGrangeville,NY 12540 or via email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000.xxxxxxxxxxx@xxxxxx.xxx (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Arlington Central School District Contact or his/her designee about the incident, including but not limited to: a description and such notification shall be in accordance with all legal and regulatory obligations applicable to Vendor in connection with any breach of data privacy or security of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer Arlington Central School District Contact or his/her designee.

Notification of Xxxxxx and Unauthorized Release. (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release. (b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, contacting: Xx. Xxxxxxx Xxxxxxxxxx Data Protection Officer, directly by Privacy Officer Arlington Central School District 000 Xxxx Xxxx Road LaGrangeville,NY 12540 or via email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000.xxxxxxxxxxx@xxxxxx.xxx (c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer Arlington Central School District Contact or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions. (d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer [Arlington Central School District Contact] or his/her designee.