Personal Data Registry Operator shall (i) notify each ICANN-‐accredited registrar that is a party to the registry-‐registrar agreement for the TLD of the purposes for which data about any identified or identifiable natural person (“Personal Data”) submitted to Registry Operator by such registrar is collected and used under this Agreement or otherwise and the intended recipients (or categories of recipients) of such Personal Data, and (ii) require such registrar to obtain the consent of each registrant in the TLD for such collection and use of Personal Data. Registry Operator shall take reasonable steps to protect Personal Data collected from such registrar from loss, misuse, unauthorized disclosure, alteration or destruction. Registry Operator shall not use or authorize the use of Personal Data in a way that is incompatible with the notice provided to registrars.
Authorization to Release and Transfer Necessary Personal Information The Grantee hereby explicitly and unambiguously consents to the collection, use and transfer, in electronic or other form, of the Grantee’s personal data by and among, as applicable, the Company and its Subsidiaries for the exclusive purpose of implementing, administering and managing the Grantee’s participation in the Plan. The Grantee understands that the Company may hold certain personal information about the Grantee, including, but not limited to, the Grantee’s name, home address and telephone number, date of birth, social security number (or any other social or national identification number), salary, nationality, job title, number of Award Units and/or shares of Common Stock held and the details of all Award Units or any other entitlement to shares of Common Stock awarded, cancelled, vested, unvested or outstanding for the purpose of implementing, administering and managing the Grantee’s participation in the Plan (the “Data”). The Grantee understands that the Data may be transferred to the Company or to any third parties assisting in the implementation, administration and management of the Plan, that these recipients may be located in the Grantee’s country or elsewhere, and that any recipient’s country (e.g., the United States) may have different data privacy laws and protections than the Grantee’s country. The Grantee understands that he or she may request a list with the names and addresses of any potential recipients of the Data by contacting his or her local human resources representative or the Company’s stock plan administrator. The Grantee authorizes the recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the sole purpose of implementing, administering and managing the Grantee’s participation in the Plan, including any requisite transfer of such Data to a broker or other third party assisting with the administration of Award Units under the Plan or with whom shares of Common Stock acquired pursuant to the vesting of the Award Units or cash from the sale of such shares may be deposited. Furthermore, the Grantee acknowledges and understands that the transfer of the Data to the Company or to any third parties is necessary for the Grantee’s participation in the Plan. The Grantee understands that the Grantee may, at any time, view the Data, request additional information about the storage and processing of the Data, require any necessary amendments to the Data or refuse or withdraw the consents herein by contacting the Grantee’s local human resources representative or the Company’s stock plan administrator in writing. The Grantee further acknowledges that withdrawal of consent may affect his or her ability to vest in or realize benefits from the Award Units, and the Grantee’s ability to participate in the Plan. For more information on the consequences of refusal to consent or withdrawal of consent, the Grantee understands that he or she may contact his or her local human resources representative or the Company’s stock plan administrator.
Personal Data Processing 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller. 2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally. 2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest. 2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission. 2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data. 2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal framework on the protection of Personal Data. The practical consequence of this is that, in addition to the full responsibility of the Processor towards the Controller, she shall carry the same level of responsibility vis-à-vis the independent supervisory authority (and any other competent state authority) as well as the Natural Persons - Data Subjects of the data being processed.
Data Privacy Notice and Consent The Participant hereby explicitly and unambiguously consents to the collection, use and transfer, in electronic or other form, of his or her personal data as described in this paragraph, by and among, as applicable, the Participant’s employer and the Company and its subsidiaries and affiliates for, among other purposes, implementing, administering and managing the Participant’s participation in the Plan. The Participant understands that the Company and its subsidiaries hold certain personal information about the Participant, including the Participant’s name, home address and telephone number, date of birth, social security number or identification number, salary, nationality, job title, any Shares or directorships held in the Company, details of all options or any other entitlement to Shares awarded, canceled, exercised, vested, unvested or outstanding in the Participant’s favor, for the purpose of managing and administering the Plan (“Data”). The Participant further understands that the Company and/or its subsidiaries will transfer Data amongst themselves as necessary for employment purposes, including implementation, administration and management of the Participant’s participation in the Plan, and that the Company and/or any of its subsidiaries may each further transfer Data to Broker or such other stock plan service provider or other third parties assisting the Company with processing of Data. The Participant understands that these recipients may be located in the United States, and that the recipient’s country may have different data privacy laws and protections than in the Participant’s country. The Participant authorizes them to receive, possess, use, retain and transfer the Data, in electronic or other form, for the purposes described in this section, including any requisite transfer to Broker or such other stock plan service provider or other third party as may be required for the administration of the Plan and/or the subsequent holding of Shares of stock on the Participant’s behalf. The Participant understands that he or she may, at any time, request access to the Data, request any necessary amendments to it or refuse or withdraw the consents herein, in any case without cost, by contacting in writing his or her local human resources representative. The Participant understands, however, that withdrawal of consent may affect the Participant’s ability to participate in or realize benefits from the Plan. For more information on the consequences of refusal to consent or withdrawal of consent, the Participant understands that he or she may contact his or her local human resources representative.
Your Personal Data 17.1. PCSIL is a registered Data Controller with the Data Protection Commission in Ireland. 17.2. In order for us to provide you with the services relating to your Account, we are required to collect and process personal data about you, Additional Cardholders and Authorised Persons, with your consent or on a legal basis to meet our obligations for Anti-Money Laundering legislation or other governmental organisation. Where applicable, if an Account holder is under 16, then parental consent is explicitly required. 17.3. Your consent will be sought for collection of your data and you have the right to agree or decline. Where you decline consent for the collection and processing of your data, we reserve our right to discontinue service due to our obligations as a financial services institution. 17.4. We may disclose or check your personal data with other organisations and obtain further information about you in order to verify your identity and comply with applicable money laundering and governmental regulations. A record of our enquiries will be left on your file. 17.5. We may pass your personal data on to third-party service providers contracted to PCSIL in the course of dealing with your Account. Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to fulfil the service they provide you on our behalf. Where we transfer the personal data to a third country or international organisation, we ensure this is done securely and that they meet a minimum standard of data protection in their country. 17.6. You have the right to receive information concerning the personal data we hold about you and to rectify such data where it is inaccurate or incomplete. You have the right to object to or withdraw any consent you have given for certain types of processing such as direct marketing. 17.7. Your data will be retained for 6 years after the end of the provision of services to you, where your data will be destroyed in compliance with the requirements of the General Data Protection Regulation. 17.8. In the event that you wish to make a complaint about how your personal data is being processed by us (or third parties as described in 17.5 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PCSIL’s Data Protection Officer. 17.9. Our Privacy Policy provides full details on your rights as a data subject and our obligations as a data controller. Please read this document carefully and ensure you understand your rights.
PERSONAL DATA PROTECTION 7.1 By accessing ESZAM AUCTIONEER SDN BHD website, the E-Bidders acknowledge and agree that ESZAM AUCTIONEER SDN BHD website may collect, retain, or disclose the E-Bidder’s information or any information by the e-bidders for the effectiveness of services, and the collected, retained or disclosed information shall comply with Personal Data Protection Act 2010 and any regulations, laws or rules applicable from time to time. 7.2 ESZAM AUCTIONEER SDN BHD will process E-bidder personal data such as name, address, NRIC and contact number for registration and E-bidding purposes. E-bidders shall be responsible for the username and password of eZ2Bid and not to reveal the password to anyone. 7.3 E-bidders agree to accept all associated risks when using the service in the ESZAM AUCTIONEER SDN BHD website and shall not make any claim for any unauthorized access or any consequential loss or damages suffered. 7.4 E-bidders shall be responsible for the confidentiality and the use of password and not to reveal the password to anyone at any time and under any circumstances, whether intentionally or unintentionally. 7.5 E-bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. 7.6 E-bidders accept the responsibility that in any event that the password is in the possession of any other person whether intentionally or unintentionally, the E-Bidders shall take precautionary steps for the disclosure, discovery, or the Bidders shall immediately notify ESZAM AUCTIONEER SDN BHD
Consent to Transfer Personal Data By signing this Agreement, the Recipient voluntarily acknowledges and consents to the collection, use, processing and transfer of personal data as described in this paragraph. The Recipient is not obliged to consent to such collection, use, processing and transfer of personal data. However, failure to provide the consent may affect the Recipient's ability to participate in the Plan. The Company and its subsidiaries hold certain personal information about the Recipient, including name, home address and telephone number, date of birth, social security number or other employee identification number, salary, nationality, job title, any shares of stock or directorships held in the Company, details of all entitlement to shares of stock awarded, canceled, purchased, vested, unvested or outstanding in the Recipient's favor, for the purpose of managing and administering the Plan ("Data"). The Company and/or its subsidiaries will transfer Data amongst themselves as necessary for the purpose of implementation, administration and management of the Plan, and the Company and/or any of its subsidiaries may each further transfer Data to any third parties assisting the Company in the implementation, administration and management of the Plan. These recipients may be located in the European Economic Area, or elsewhere throughout the world, including the United States. The Recipient authorizes such recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the purposes of implementing, administering and managing the Recipient's participation in the Plan, including any requisite transfer of such Data as may be required for the administration of the Plan and/or the subsequent holding of shares of stock on the Recipient's behalf to a broker or other third party with whom the Recipient may elect to deposit any shares of stock acquired pursuant to the Plan. The Recipient may, at any time, review Data, require any necessary amendments to it or withdraw the consents herein in writing by contacting the Company; however, withdrawing consent may affect the Recipient's ability to participate in the Plan.
Shared Personal Data This clause sets out the framework for the sharing of personal data between the parties as data controllers. Each party acknowledges that one party (the Data Discloser) will regularly disclose to the other party (the Data Recipient) Shared Personal Data collected by the Data Discloser for the Agreed Purposes.
Processing of Customer Personal Data 3.1 UKG will: 3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and 3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data. 3.2 Customer hereby: 3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement. 3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and 3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law. 3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
Processing of Personal Data 1.1. With regard to the Processing of Personal Data, You are the controller and determine the purposes and means of Processing of Personal Data You provide to Us (“Controller”) and You appoint Us as a processor (“Processor”) to process such Personal Data (hereinafter, “Data”) on Your behalf (hereinafter, “Processing”). 1.2. The details of the type and purpose of Processing are defined in the Exhibits attached hereto. Except where the DPA stipulates obligations beyond the Term of the Agreement, the duration of this DPA shall be the same as the Agreement Term. 1.3. You shall be solely responsible for compliance with Your obligations under the applicable Data Protection Laws, including, but not limited to, the lawful disclosure and transfer of Personal Data to Us by upload of source data into the Cloud Service or otherwise. 1.4. Processing shall include all activities detailed in this Agreement and the instructions issued by You. You may, in writing, modify, amend, or replace such instructions by issuing such further instructions to the point of contact designated by Us. Instructions not foreseen in or covered by the Agreement shall be treated as requests for changes. You shall, without undue delay, confirm in writing any instruction issued orally. Where We believe that an instruction would be in breach of applicable law, We shall notify You of such belief without undue delay. We shall be entitled to suspend performance on such instruction until You confirm or modify such instruction. 1.5. We shall ensure that all personnel involved in Processing of Customer Data and other such persons as may be involved in Processing shall only do so within the scope of the instructions. We shall ensure that any person Processing Customer Data is subject to confidentiality obligations similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Processing.