Personal Data Processing. 2.1 The Processor shall process Personal Data only on the basis of corresponding recorded orders from the Controller.
2.2 By way of exception, in particular in urgent cases, processing orders from the Data Controller may also be made orally. In this case, the Data Controller shall confirm as soon as possible and in writing, by any appropriate means, the instructions given orally.
2.3 Where the processing concerns the transmission of Personal Data to a third country outside the European Union or to an international organization, the Data Processor shall also comply with the relevant instructions of the Data Controller, unless different legal requirements exist under European Union laws or the laws of the Member State to which the Data Processor is subject. In such a case, the Data Processor shall inform the Data Controller before processing of the legal requirement in question, unless the said law prohibits this kind of information for reasons of substantial public interest.
2.4 The transmission of Personal Data to a third country outside the European Union is prohibited unless the Data Controller has given prior explicit approval to that end, and one of the following conditions is met: • the European Commission has resolved that an adequate level of protection of personal data is ensured in the country the Personal Data is to be transmitted; • the transmission is to be made to the U.S.A.; and the recipient of the Personal Data has acceded to and abides by the Privacy Shield Framework; • the transmission will be governed by the standard data protection clauses issued by the European Commission.
2.5 The Data Processor shall inform the Data Controller immediately upon receipt of the order or as soon as possible if he / she determines that the content of a particular processing order violates the Regulation and / or national law and / or the law of another Member State of the European Union (EU), and / or other provisions of EU law on the protection of Personal Data.
2.6 The Data Processor acknowledges that the Data Controller has full control over her Personal Data and determines any particular feature of the processing to which the Personal Data will be submitted. If the Data Processor ignores the instructions of the Data Controller and determines alone the scope, the means and generally any other matter concerning the processing of Personal Data, she shall render herself the Data Controller for the purposes of implementing the Regulation and the legal frame...
Personal Data Processing. For the purposes of executing this Agreement, the Bank as Controller collects, maintains and processes personal data of the Customer in accordance with the applicable European and national laws and regulations. The Bank's Statement Regarding the Protection of Personal Data ("Privacy Policy") shall apply in respect of the collection, maintenance and processing in general of personal data of the Customer. The said Statement is available at the Bank's branches and on its website: xxx.xxx.xx.
Personal Data Processing. For the purposes of executing this Agreement, the Bank as Controller collects, maintains and processes personal data of the applicant in accordance with the applicable European and national laws and regulations. The Applicant has been informed by the Bank in a clear and intelligible manner about the processing of the applicant's data, the purpose of such processing, the recipients of the data and the applicant's rights under the current institutional framework, while undertaking to promptly inform the Bank of any change in the applicant's personal data. For the collection, maintenance and processing of the applicant's personal data, the conditions set out in the information form on personal data processing shall apply, which the applicant has received and form an integral part of this Agreement. More information on the processing of personal data by NBG and the rights of data subjects is given in the Privacy Policy, which is available on the Bank's website at xxx.xxx.xx.
Personal Data Processing. In performing the Contract as defined, the parties may have access to one or more databases, applications, reports, documents and/or other information in hardcopy or electronic form that contain or process data relating to identified or identifiable individuals ("Personal Data"). Such individuals may include employees, temporary workers, contractors, consultants, students, third parties’ employees, end-users. Each party acknowledges that Personal Data, in whichever form, is of a very sensitive nature, and hereby undertake to treat Personal Data strictly confidential and to use them only within the limits authorized by Seller. If necessary and upon request of Seller, Buyer shall procure from its employees, agents or sub-contractor that they sign Seller standard individual forms regarding the protection of Personal Data.
Personal Data Processing. 2.1 Within the context of providing the Services the Processor may happen to take part of personal data, as defined in article 4.1 in the Data Protection Regulation (EU 2016/679), (“Data Protection Regulation”), which will be processed for purposes decided by the Controller, (“Personal Data”). The Controller is the Personal Data Controller for the Personal Data in agreement with the current Personal Data Protection Regulation, as well as any other relevant regulation, law or equivalent legislation.
2.2 The Processor commits to processing the Personal Data in accordance with what follows the Agreement or other written agreement between the Parties and only in accordance with the Controller’s documented instructions, Appendix 2a, as well as in agreement with the current Personal Data Protection Regulation, as well as any other relevant regulation, law or equivalent legislation. The Controller is responsible for ensuring that the Processor does not manage other categories of Personal Data than those stated in Appendix 2a, and to the extent stated therein.
2.3 For the case in which the Processor lacks instructions which the Processor assesses necessary to perform the commitment or commitments the Processor has received from the Controller, within the context of the Services, the Processor shall, without undue delay, inform the Controller about their position and await instructions from the Controller.
2.4 Access to the Personal Data within the Processor’s organization shall be limited to individuals who require the data to perform the Services and who are obliged to treat information with secrecy or who are legally bound to work under confidentiality.
(a) the ability to continuously assure confidentiality, integrity, accessibility and resilience within the context of the processing;
(b) the ability to restore availability and access to the Personal Data within a reasonable time in the event of a physical or technical incident;
(c) pseudonymisation and encryption of the Personal Data when the processing so requires according to applicable law or legislation;
(d) a procedure to regularly test, examine, and analyze the efficiency of the technical and organizational measures taken to assure the security of the processing, when so required by current adaptable law or legislation;
(e) tenure and update of Personal Data logs, the establishment and maintenance of an IT security policy, maintaining a safe IT environment, as well as the establishment and maintenance of ...
Personal Data Processing. 15.1. The Parties mutually acknowledge that in the performance of activities under this Agreement, Personal Data of the personnel in charge of managing the performance of this Agreement, relevant under the Applicable Personal Data Protection Legislation, may be transmitted or otherwise made accessible by one Party to the other.
15.2. Each Party undertakes to process Personal Data, both in paper and electronic form, in compliance with suitable and adequate security measures to protect the privacy of the persons concerned, in full compliance with the Applicable Personal Data Protection Legislation, for the sole purpose of performing and managing this Agreement from an administrative/accounting point of view. Agile’s privacy policy is available at the following address xxxxx://xxxxxxxxxxxx.xxx/privacy-policy.
15.3. Each Party acknowledges that the provision of Personal Data is necessary for the performance and management of the contractual obligations, with the consequence that the refusal to provide such Personal Data would not allow the execution of this Agreement and also undertakes to process Personal Data lawfully and fairly, collecting and recording the same for specific, explicit and lawful purposes, committing to verify that the data are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
15.4. The Parties mutually acknowledge that Personal Data shall be stored by each Party for the time strictly necessary for the performance and management of its respective obligations under the Agreement. As a general principle, Personal Data will be stored for the entire period of the contractual relationship and, subsequently, for specific purposes in accordance with the law (reference is made, without limitation, to the obligation to keep accounting records for a period of 10 years, as provided for in Section 2220 of the Civil Code).
15.5. The staff in charge of managing the performance of this Agreement - as data subjects - is guaranteed the rights expressly granted by the Applicable Personal Data Protection Legislation, consisting of the right to lodge a complaint with the supervisory authority if the statutory requirements are met and to receive information on the existence of the processing, as well as to obtain the updating, rectification, restriction, completion or erasure of data processed in breach of the law, including data the storage of which is not necessary in relation to the purposes for which the data ...
Personal Data Processing processing is necessary for compliance with a legal obligation to which the controller is subject
Personal Data Processing. The Client acknowledges that the implementation of the Bank’s service involves personal data processing by the Bank and the processors involved in providing the requested service(s).
Personal Data Processing. You acknowledge that UCB will collect, use, and share your personal data, including but not limited to your name, title, professional credentials, contact information, and banking information (if applicable). By signing this Agreement, you hereby consent to the use or disclosure of this personal data by UCB for purposes related to this Agreement. All personal data shall be collected, used, stored or shared in accordance with applicable data protection laws as well as UCB’s Privacy Policy available at xxxxx://xxx.xxx-xxx.xxx/policy.
Personal Data Processing. 1. The Parties mutually agree to know and apply, within their own organizations, all current and secondary laws, relevant for the correct management of the treatment, including the EU 2016/679 Regulation of the European Parliament and of the Council of 27/04/2016 (hereafter "GDPR").
2. The Parties mutually acknowledge, moreover, that the "personal data" provided, also verbally, for the pre-contractual activity or otherwise collected as a consequence and during the execution of the present Convention/contract, will be treated exclusively for the purposes strictly connected to the Convention/ Contract or to carry out the research and development activity, through consultation, processing, interconnection, comparison with other data and/or any further manual and/or automated processing and furthermore, for statistical purposes, with exclusive treatment of data in anonymous form, by communication to public entities, when they request it for the pursuit of their institutional purposes, as well as private entities, when the purpose of the request is compatible with the institutional aims of the Politecnico, knowing that failure to provide it may result in failure or partial execution of the Convention/Contract.
3. As regards this article, the holders are the Parties that undertake to comply with all relevant regulations on the protection and processing of personal data applicable to them under the present Convention/Contract, including the adoption of security measures suitable and adequate to protect personal data against the risk of destruction, loss, even accidental, of unauthorized access or modification of data or processing not allowed or not compliant with the purposes related to the Convention/Contract.
4. The Parties undertake the best mutual cooperation in the event that one of them is the addressee of requests for the exercise of the rights of the interested parties provided for in Article 12 et seq. of the GDPR or requests of the Control Authorities which concern areas of treatment for which the other Party is responsible.
5. The contact details of the parties for the purposes of this article are as follows: - for Politecnico the data controller is the Politecnico di Torino, with offices in X.xx Xxxx xxxxx Abruzzi, n. 24, 10129 Turin, in the person of the Xxxxxx. The contact details of the owner are PEC: xxxxxxxxxxxxxxxxxxx@xxx.xxxxxx.xx, for information and clarifications: xxxxxxx@xxxxxx.xx; the data protection officer of the Politecnico can be cont...
