PERSONAL DATA BREACHES AND REPORTING PROCEDURES. (a) The Parties shall each comply with its obligation to report a Data Breach to the appropriate Supervisory Authority and (where applicable) data subjects under Article 33 of the GDPR and shall each inform the other party of any Personal Data Breach irrespective of whether there is a requirement to notify any Supervisory Authority or data subject(s).
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 9.1 The Parties shall each comply with its obligation to report a Personal Data Breach in relation to Shared Personal Data to the appropriate Supervisory Authority and (where applicable) Data Subjects under Article 33 of the GDPR.
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 9.1 Each Partner Authority shall comply with its obligation to report a Personal Data Breach to the ICO and (where applicable) data subjects under Article 33 of the GDPR and shall each inform the other parties of any Personal Data Breach irrespective of whether there is a requirement to notify the ICO or data subject(s).
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 9.1. Each Party shall comply with its obligation to report a Personal Data Breach to the Commissioner and the Data Subjects in accordance with Article 33 of the GDPR and shall inform the other Party of any Personal Data Breach within one (1) working day, irrespective of whether there is a requirement to notify any Commissioner or Data Subject(s).
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 11.1. Each Party shall notify any potential or actual losses of the Personal Data Breach to the other Party’s(ies’) nominated contact identified in Section 15 of Part One of this Agreement as soon as possible and, in any event, within 1 Business Day of identification of any potential or actual loss to enable the Parties to consider what action is required in order to resolve the issue in accordance with the Data Protection Legislation.
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 8.1 Each party shall comply with its obligation to report a Personal Data Breach to the Information Commissioner and (where applicable) Data Subjects and shall each inform the other party without undue delay on becoming aware of any breach of the Data Protection Legislation in relation to the Shared Personal Data irrespective of whether there is a requirement to notify the Information Commissioner or Data Subject(s).
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 9.1 The parties shall each comply with its obligation to report a Personal Data Breach to the appropriate Supervisory Authority and (where applicable) data subjects under Article 33 of the GDPR and shall each inform the other party immediately and in any event within 48 hours of any Personal Data Breach irrespective of whether there is a requirement to notify any Supervisory Authority or data subject(s). Such notice to the other party shall include reasonable details of the Personal Data Breach including without limitation: (i) a description of the Personal Data Breach; (ii) likely consequences of the Personal Data Breach; (iii) the number of Data Subjects affected, number of records affected and the types of records affected; and (iv) the measures taken or proposed to be taken to address the Data Protection Breach, including measures to mitigate possible adverse effects.
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 11.1 Having considered the Data Protection Laws, the parties have in place their own guidance that must be followed in the event of a Personal Data Breach.
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. 7.1 Each Controller shall notify the other Controllers as soon as reasonably practicable after becoming aware of a Personal Data Breach (even if such breach has not yet been fully investigated).
PERSONAL DATA BREACHES AND REPORTING PROCEDURES. The parties shall each comply with its obligation to report a Personal Data Breach to the appropriate Supervisory Authority and (where applicable) data subjects under Article 33 of the UK GDPR and, where applicable, shall each inform the other party without undue delay of any Personal Data Breach irrespective of whether there is a requirement to notify any Supervisory Authority or data subject(s). When a Party is acting as a Processor, it shall notify the other Party immediately if it becomes aware of, or reasonably suspects the occurrence of, any potential or actual Personal Data Breach affecting Client Supplied Personal Data and, in any event, within twenty-four (24) hours to enable the other Party to determine whether it must notify the Regulatory body in its own capacity as Controller. The parties agree to provide reasonable assistance as is necessary to each other to facilitate the handling of any Personal Data Breach in an expeditious and compliant manner. DATA SUBJECTS' RIGHTS The parties each agree to provide such assistance as is reasonably required to enable the other party to comply with requests from Data Subjects to exercise their rights under the Data Protection Legislation within the time limits imposed by the Data Protection Legislation. The parties shall notify each other as soon as reasonably practicable after becoming aware if they: receive a request to rectify, block or erase any Personal Data; receive any other request, complaint or communication relating to either Party's obligations under the Data Protection Legislation; or becomes aware of a Data Loss Event. The parties’ obligations to notify under clause 6.2 shall include the provision of further information in phases, as details become available.
