Organisational Measures. Data Processor shall ensure that the following measures are taken with respect to the collection, holding and processing of personal data: A designated officer (“the Designated Officer”) within Data Processor shall be appointed with the specific responsibility of overseeing data protection and ensuring compliance with Data Protection Legislation. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor are made fully aware of both their individual responsibilities and Data Processor’s responsibilities under Data Protection Legislation and shall be furnished with a copy of this Policy. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately trained to do so. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately supervised. Methods of collecting, holding and processing personal data shall be regularly evaluated and reviewed. The Performance of those employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data shall be regularly evaluated and reviewed. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be bound to do so in accordance with the principles of Data Protection Legislation and this Policy by contract. Failure by any employee to comply with the principles or this Policy shall constitute a disciplinary offence. Failure by any contractor, agent, consultant, partner or other party to comply with the principles or this Policy shall constitute a breach of contract. In all cases, failure to comply with the principles or this Policy may also constitute a criminal offence under Data Protection Legislation. All contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data must ensure that any and all of their employees who are involved in the processing of personal data are held to the same conditions as those relevant employees of Data Processor arising out of this Policy and Data Protection Legislation. Where any contractor, agent, consultant, partner or other party working on behalf of Data Processor handling personal data fails in their obligations under this Policy that part...
Organisational Measures. Time lost due to sickness and workplace accidents - 5 days per employee a year.
Organisational Measures. The Data Processor has in place the following policies: • Data Protection Policy • Personal data breach Policy • IT Communications and Systems Policy • Data Security Policy • Business Continuity Policy
Organisational Measures a. The Data Importer is responsible for ensuring that organisational and management structures are present to protect personal data, including ensuring that clear roles, responsibilities, reporting lines and sufficient staff are provided in order to protect personal data.
b. The Data Importer is responsible for ensuring that staff members are aware of their responsibilities in relation to the security of personal data, which includes (i) implementing an appropriate security awareness program and mandatory, guided training in information security; (ii) informing staff members that passwords must not be shared or compromised or disclosed; (iii) instructions to avoid disclosure of information without appropriate senior management authorisation; (iv) instructions not to use personal data unless explicitly authorised to do so; and (v) the handling of security breaches. WPO Policy references include, without limitation:
Organisational Measures a) Access Control
a. SalesVista restricts access to Customer Data to employees with a business need-to-know or role requiring such access
b. SalesVista maintains user access controls with timely provisioning and removal of access.
c. SalesVista regularly audits user account access
b) Business Continuity
a. SalesVista maintains business continuity plans that incorporate disaster recovery (BC/DR) in order to minimize service downtime
b. BC/DR plans, policies, and are reviewed and updated at regular intervals
c) Change Control
a. SalesVista maintains policies and procedures that require documented and formally approved changes prior to any changes to the Service
Organisational Measures. Do you have a privacy notice? Please provide its location/a copy. Do you have information management policies/guidance in place (e.g. Data Protection policy, Staff Screening, Security Incident Management)? Please list the policies/guidance below: Do you provide training for staff processing data (e.g. Data Protection/Information Management training)? Please provide details. Any data breaches in relation to this contract must be reported to the SCC Authorised Representative (to be agreed upon award of contract) and the CYP Business & Information Team xxx.xxxxxxxxxxxxxx@xxxxxxx.xxx.xx within 48 hours of their discovery.
Organisational Measures. Unifrog will require the Schools to implement the following organisational measures to complement the technical and contractual measures set out above, in order to ensure an essentially equivalent level of protection of the personal data to that guaranteed within the UK: the adoption of internal policies with clear allocation of responsibilities for data transfers, and standard operating procedures for cases of official requests from public authorities to access the data. specific training procedures for School personnel in charge of managing requests for access to personal data from public authorities. the documentation and recordal of requests for access received from public authorities provided, alongside the reasoning and the actors involved (e.g. whether Unifrog has been notified and its reply, the School’s assessment of such requests, etc). To the extent permitted by law, these records shall be made available to Unifrog, who should in turn provide them to the data subjects concerned where required. the adoption of data access and confidentiality policies and best practices, including emphasising the need to keep passwords confidential, and deterring teachers and other school staff from downloading personal data from the Unifrog Platform. the regular review of internal policies to assess the suitability of the measures referred to above and implement additional or alternative solutions when necessary, to ensure that an equivalent level of protection to that guaranteed within the UK of the personal data transferred is maintained.
Organisational Measures. 30.1 The Company shall ensure that the following measures are taken with respect to the collection, holding, and processing of Personal Data:
a) All Parties acting or working on behalf of the Company shall be made fully aware of both their individual responsibilities and the Company’s responsibilities under Data Protection Law and under this Policy, and shall be given access to a copy of this Policy;
b) Only Parties acting or working on behalf of the Company that need access to, and use of, Personal Data in order to carry out their assigned duties correctly shall have access to Personal Data held by the Company;
c) All sharing of Personal Data shall comply with the information provided to the relevant Data Subjects and, if required, the consent of such Data Subjects shall be obtained prior to the sharing of their Personal Data;
d) All Parties acting or working on behalf of the Company handling Personal Data will be appropriately trained to do so;
e) All Parties acting or working on behalf of the Company handling Personal Data, including those working from home, will be supervised by appropriate methods;
f) All Parties acting or working on behalf of the Company handling Personal Data shall be required and encouraged to exercise care, caution, and discretion when discussing work-related matters that relate to Personal Data, whether in the workplace or otherwise;
g) Methods of collecting, holding, and Processing Personal Data shall be regularly evaluated and reviewed;
h) All Personal Data held by the Company shall be reviewed periodically, as set out in the Company’s Data Retention & Disposal Policy;
i) The performance of Parties acting or working on behalf of the Company handling Personal Data shall be regularly evaluated and reviewed;
j) All Parties acting or working on behalf of the Company handling Personal Data will be bound to do so in accordance with the principles of Data Protection Law and this Policy by contract;
k) All Parties acting or working on behalf of the Company handling Personal Data must ensure that any and all of their employees or agents who are involved in the Processing of Personal Data are held to the same conditions as those relevant employees of the Company arising out of this Policy and Data Protection Law;
l) Where any Party acting or working on behalf of the Company handling Personal Data fails in their obligations under this Policy that party shall indemnify and hold harmless the Company against any costs, liability, damages, lo...
Organisational Measures. 4.1 Processor has appointed a Data Protection Officer voluntarily who can be contacted at XXX@xxxxxxxx.xxx and has appointed a Chief Security Officer to assist the Data Protection Officer with their role and to continuously monitor Processor’s data security practices.
4.2 Processor has instigated an ongoing programme of GDPR awareness training within its organisation and receives Executive level support for data protection initiatives.
4.3 Processor has adopted the following non-exhaustive policies in relation to GDPR compliance to assist the Controller with its obligations: • Data Breach Notification Policy; • Data Protection Policy; • Data Retention Policy; • Data Subject Access Request Policy; and • Privacy Policy available at: xxxxx://xxxxxx.xxxxxxxx.xxx/Privacy_and_Security#EU_Data_Protection_and_GDPR_Compliance The Standard Contractual Clauses for the transfer of personal data to processors outside the European Economic Area (New Processor Clause), last updated February 2010, are hereby incorporated into this Agreement by reference, amended as follows:
Organisational Measures. We take the following measures with respect to the collection, holding, and processing of personal data:
a. All employees, agents, contractors, or other parties working on our behalf have been made fully aware of both their individual responsibilities and our responsibilities under the GDPR;
b. All our employees, agents, contractors, or other parties working on our behalf handling personal data have been appropriately trained to do so;
c. Methods of collecting, holding, and processing personal data shall be regularly evaluated and reviewed;
d. The performance of those employees, agents, contractors, or other parties working on our behalf handling personal data shall be regularly evaluated and reviewed;
