Protection of Data The Contractor agrees to store Data on one or more of the following media and protect the Data as described:
a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards.
b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data, as outlined below in Section 8 Data Disposition, may be deferred until the disks are retired, replaced, or otherwise taken out of the Secure Area.
c. Optical discs (CDs or DVDs) in local workstation optical disc drives. Data provided by DSHS on optical discs which will be used in local workstation optical disc drives and which will not be transported out of a Secure Area. When not in use for the contracted purpose, such discs must be Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers. Data provided by DSHS on optical discs which will be attached to network servers and which will not be transported out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on discs attached to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
Data Privacy You explicitly and unambiguously consent to the collection, use and transfer, in electronic or other form, of your personal data as described in this document and any other RSU grant materials (“Data”) by and among, as applicable, the Corporation, the Subsidiary that employs you (the “Employer”) and any other Subsidiary for the exclusive purpose of implementing, administering and managing your participation in the 2006 Plan. You hereby understand that the Corporation holds certain personal information about you, including, but not limited to, your name, home address and telephone number, date of birth, social insurance number or other identification number, salary, nationality, job title, any shares of stock or directorships held in the Corporation, details of all RSUs or any other entitlement to shares of stock awarded, canceled, exercised, vested, unvested or outstanding in your favor for the purpose of implementing, administering and managing the 2006 Plan. You hereby understand that Data will be transferred to E*TRADE Financial Corporate Services, Inc. and E*TRADE Securities LLC (“E*Trade”) and any other third parties assisting in the implementation, administration and management of the 2006 Plan, that these recipients may be located in your country or elsewhere, and that the recipient’s country (e.g., the United States) may have different data privacy laws and protections than your country. You hereby understand that you may request a list with the names and addresses of any potential recipients of the Data by contacting your local human resources representative. You authorize the Corporation, E*Trade and any other possible recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the exclusive purpose of implementing, administering and managing your participation in the 2006 Plan, including any requisite transfer of such Data as may be required to another broker or other third party with whom you may elect to deposit any shares of Common Stock acquired under your RSUs. You hereby understand that Data will be held only as long as is necessary to implement, administer and manage your participation in the 2006 Plan. You hereby understand that you may, at any time, view Data, request additional information about the storage and processing of Data, require any necessary amendments to Data or refuse or withdraw the consents herein, in any case without cost, by contacting in writing your local human resources representative. Further, you understand that you are providing the consents herein on a purely voluntary basis. If you do not consent, or if you later seek to revoke your consent, your employment status or service with the Employer will not be affected; the only consequence of refusing or withdrawing your consent is that the Corporation would not be able to grant you RSUs or other equity awards or administer or maintain such awards. Therefore, you hereby understand that refusing or withdrawing your consent may affect your ability to participate in the 2006 Plan. For more information on the consequences of your refusal to consent or withdrawal of consent, you hereby understand that you may contact the human resources representative responsible for your country at the local or regional level. Finally, upon request of the Corporation or the Employer, you agree to provide an executed data privacy consent form (or any other agreements or consents) that the Corporation and/or the Employer may deem necessary to obtain from you for the purpose of administering your participation in the 2006 Plan in compliance with the data privacy laws in your country, either now or in the future. You understand and agree that you will not be able to participate in the 2006 Plan if you fail to provide any such consent or agreement requested by the Corporation and/or the Employer.
DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.
Applicability of Data Privacy Protections In the event that Personal Information will be Processed by Supplier in connection with the performance under this Agreement (including any SOW), then and only then shall the provisions of this Section ‘Data Protection and Privacy’ be applicable. For the avoidance of doubt, the data security requirements contained in section ‘Information Security’ shall apply regardless of whether Personal Information is Processed under this Agreement or any SOW. All Personal Information obtained from or on behalf of DXC or in connection with performance pursuant to this Agreement shall be Processed and protected pursuant to this Section ‘Data Protection and Privacy’, the Section ‘Information Security’ and any other Sections of this Agreement that address Personal Information.
Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto.
8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.
Retention of Data With regard to business transactions covered by this Agreement, Licensee must retain any records for a period of ten years starting on 1th of January of the year following the year during which the data were transmitted or otherwise transferred, or for the minimum period prescribed by applicable law, whichever is longer. In addition, Licensee must maintain current, complete and accurate reports on all of SAP’s Confidential Information in its possession or in the possession of its representatives.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.
Confidentiality and Data Protection We are a data controller for the information you provide to us including individual, identification and financial details, policy history and special category data (such as medical or criminal history). Details of our legal basis for processing your information, along with details of any third party recipient whom it may be necessary to share your personal data with in order to fulfil the contract, retention period for data held, security of your data, your rights under the UK General Data Protection Regulations (UK GDPR) including the right to complain can be found in our full ‘Privacy Notice’ attached to these terms of business and/or on our website at xxx.xxxxxxxxxxxxxxxx.xx.xx.
