Personal Information Breach. 8.1. In the event of any actual, potential, or attempted Breach, the Service Provider shall immediately inform Responsible Party as soon as reasonably possible and in any event not later than 24 (twenty four) hours after the Service Provider becomes aware of or suspects the Breach.
8.2. In addition, the Service Provider shall investigate the Breach and take such steps as may be required by Responsible Party (in its sole discretion) to remediate the effects of such Breach and to prevent it from recurring.
Personal Information Breach. This shall mean, generally, an instance where an unauthorized person or entity accesses Personal Information in any manner, including but not limited to the following occurrences: (1) any Personal Information that is not encrypted or protected is misplaced, lost, stolen or in any way compromised; (2)one or more third parties have had access to or taken control or possession of any Personal Information that is not encrypted or protected without prior written authorization from the State; (3) the unauthorized acquisition of encrypted or protected Personal Information together with the confidential process or key that is capable of compromising the integrity of the Personal Information; or (4) if there is a substantial risk of identity theft or fraud to Client Agency, the Contractor, DAS or State.
Personal Information Breach. 12.1 In the unlikely event of a breach of privacy:
(a) we employ practices to notify the relevant bodies under the Privacy Act 1988 (Cth) and the EU GDPR within the required timeframes.
(b) We will notify you without undue delay, should it be found the breach places your rights and freedoms at a high risk.
Personal Information Breach a. Without limiting any provision of Annex 2 (Information Security) to this Exhibit 12.5, if a Party becomes aware of a Personal Information Breach affecting Transferred Personal Information supplied to it by the other Party, the Party shall:
i. notify the other Party without undue delay, and provide the other Party with a reasonable description of the Personal Information Breach without undue delay as such information becomes available; and not publish any communication concerning the Personal Information Breach without first consulting the other Party, save that it may disclose a breach to the extent required by Applicable Laws (e.g. to Data Protection Authority or to individual(s)). Where this Exhibit 15.5 applies, CureVac shall pay GSK, on a Product-by-Product and country-by- country basis, the royalty payments set forth below for Net Sales by CureVac, its Affiliates, or Sublicensees of such Product, depending in what stage of development that Product finds itself at the effective date of termination. With respect to any payments to be made by CureVac to GSK, the definition of “Net Sales” in Section 1.144 and the provisions of Sections 8.3.2, 8.3.3, 8.5, 8.6, 8.7 and 8.9 shall apply mutatis mutandis.
Personal Information Breach. 2.5.1. The Operator will promptly notify the Responsible Party if any Personal Information is lost or destroyed or becomes damaged, corrupted, or unusable.
2.5.2. The Operator will immediately notify the Responsible Party if it becomes aware of:
(a) any accidental, unauthorised or unlawful Processing of the Personal Information; and/or
(b) any Personal Information Breach.
2.5.3. Where the Operator becomes aware of (a) and/or (b) above, it shall, without undue delay and if the information is readily available to the Operator, also provide the Responsible Party with the following information:
2.5.3.1. a description of the nature of (a) and/or (b), including the categories and approximate number of both Data Subjects and Personal Information records concerned;
2.5.3.2. the likely consequences; and
2.5.3.3. description of the measures taken, or proposed to be taken, to address (a) and/or (b), including measures to mitigate its possible adverse effects.
2.5.4. Immediately following any unauthorised or unlawful Personal Information Processing or Personal Information Breach, the Parties will co-ordinate with each other to investigate the matter. The Operator will reasonably co-operate with the Responsible Party in the Responsible Party's handling of the matter, including:
2.5.4.1. assisting with any investigation;
2.5.4.2. facilitating interviews with the Operator's employees, former employees and others involved in the matter;
2.5.4.3. making available all relevant records, logs, files, data reporting and other materials required to comply with POPIA or as otherwise reasonably required by the Responsible Party; and
2.5.4.4. taking reasonable and prompt steps to mitigate the effects and to minimise any damage resulting from the Personal Information Breach or unlawful Personal Information Processing.
2.5.5. The Operator will not inform any third party of any Personal Information Breach without first obtaining the Responsible Party's prior written consent, except when required to do so by law.
2.5.6. Subject to clause 2.5.5 above, the Operator agrees that the Responsible Party has the sole right to determine:
2.5.6.1. whether to provide notice of the Personal Information Breach to any Data Subjects, regulator, law enforcement agencies or others, as required by law or regulation or in the Responsible Party's discretion, including the contents and delivery method of the notice; and
2.5.6.2. whether to offer any type of remedy to affected Data Subjects, including the ...
Personal Information Breach. In the event Comcast becomes aware of a PI Breach it will (i) notify Company without undue delay, (ii) provide reasonable assistance to remediate, investigate, and mitigate the PI Breach, and (iii) assist Company in meeting its obligations under Privacy Law. Comcast’s notice shall describe the nature of the PI Breach including where known, the categories and approximate number of data subjects concerned and the categories and approximate number of Personal Information records concerned; communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; describe the likely consequences of the PI Breach; describe the measures taken or proposed to be taken to address the PI Breach, including, where appropriate, measures to mitigate its possible adverse effects.
Personal Information Breach. In the event Contractor inadvertently collects personal information, including xxxxxx’s personal address, personal telephone number or other personal information of the renter under this Agreement, and determines there is a ”breach of security”, as defined in Conn. Gen. Stat. § 36a-701b, Contractor shall follow the applicable Connecticut laws, including Conn. Gen. Stat. § 36a-701b.
Personal Information Breach. In the event of a Personal Information Breach impacting End Customer Personal Information, Service Provider shall (a) notify End Customer without undue delay after Service Provider or any Subprocessor becomes aware of such Personal Information Breach;
Personal Information Breach a. Without limiting any provision of Annex 2 (Information Security) to this Exhibit 12.5, if a Party becomes aware of a Personal Information Breach affecting Transferred Personal Information supplied to it by the other Party, the Party shall:
i. notify the other Party without undue delay, and provide the other Party with a reasonable description of the Personal Information Breach without undue delay as such information becomes available; and
Personal Information Breach. 8.1. Operator shall notify Company without undue delay upon Operator becoming aware of a Personal Information Breach affecting Company Personal Data, providing Company with sufficient information to allow Company to meet any obligations to report or inform Data Subjects of the Personal Information Breach under the Data Protection Laws.
8.2. Such notification shall as a minimum and as available to Operator as follows: ❖ Describe the nature of the Personal Information Breach, the categories and numbers of Persons concerned, and the categories and amount of Personal Information records concerned; ❖ Describe the likely consequences of the Personal Information Breach; ❖ Description of the possible consequences of the security compromise; ❖ Description of the measures that the responsible party intends to take or has taken to address the security compromise; ❖ Recommendation with regard to the measures to be taken by the data subject to mitigate the possible adverse effects of the security compromise; and ❖ If known to the responsible party, the identity of the unauthorized person who may have accessed or acquired the personal information. ❖ Describe the measures taken or proposed to be taken to address the Personal Information Breach.
8.3. Operator shall co-operate with Company and take such reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Information Breach.
