Common use of PERSONAL DATA INCIDENT MANAGEMENT AND NOTIFICATION Clause in Contracts

PERSONAL DATA INCIDENT MANAGEMENT AND NOTIFICATION. Data Processor maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws and Regulations, shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, including Personal Data, transmitted, stored or otherwise Processed by Data Processor or its Sub-processors of which Data Processor becomes aware (a “Personal Data Incident”). Data Processor shall make reasonable efforts to identify the cause of such Personal Data Incident and take those steps as Data Processor deems necessary and reasonable in order to remediate the cause of such a Personal Data Incident to the extent the remediation is within Data Processor’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s users. In any event, Customer will be the party responsible for notifying supervisory authorities and/or concerned data subjects (where required by Data Protection Laws and Regulations).

PERSONAL DATA INCIDENT MANAGEMENT AND NOTIFICATION. Data Processor Orca maintains security incident management policies and procedures specified in Security Documentation and, to the extent required under applicable Data Protection Laws and Regulations, shall notify Customer Client without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, including Personal Data, transmitted, stored or otherwise Processed by Data Processor Orca or its Sub-processors of which Data Processor Orca becomes aware (a “Personal Data Incident”). Data Processor Orca shall make reasonable efforts to identify the cause of such Personal Data Incident and take those steps as Data Processor Orca deems necessary and reasonable in order to remediate the cause of such a Personal Data Incident to the extent the remediation is within Data ProcessorXxxx’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer Client or CustomerClient’s users. In any event, Customer Client will be the party responsible for notifying supervisory authorities and/or concerned data subjects (where required by Data Protection Laws and Regulations).

PERSONAL DATA INCIDENT MANAGEMENT AND NOTIFICATION. Data Processor Zesty maintains security incident management policies and procedures specified in Security Documentation and, to the extent required under applicable Data Protection Laws and Regulations, shall notify Customer Client without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, including Personal Data, transmitted, stored or otherwise Processed by Data Processor Zesty or its Sub-processors of which Data Processor Zesty becomes aware (a “Personal Data IncidentPersonalDataIncident”). Data Processor Zesty shall make reasonable efforts to identify the cause of such Personal Data Incident and take those steps as Data Processor Zesty deems necessary and reasonable in order to remediate the cause of such a Personal Data Incident to the extent the remediation is within Data ProcessorXxxxx’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer Client or CustomerClient’s users. In any event, Customer Client will be the party responsible for notifying supervisory authorities and/or concerned data subjects (where required by Data Protection Laws and Regulations).

PERSONAL DATA INCIDENT MANAGEMENT AND NOTIFICATION. Data Processor maintains security incident management policies and procedures and, to the extent required under applicable Data Protection Laws and Regulations, shall notify Customer User without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, including Personal Data, transmitted, stored or otherwise Processed by Data Processor or its Sub-processors of which Data Processor becomes aware (a “Personal Data Incident”). Data Processor shall make reasonable efforts to identify the cause of such Personal Data Incident and take those steps as Data Processor deems necessary and reasonable in order to remediate the cause of such a Personal Data Incident to the extent the remediation is within Data Processor’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer User or CustomerUser’s users. In any event, Customer User will be the party responsible for notifying supervisory authorities and/or concerned data subjects (where required by Data Protection Laws and Regulations).