Protection of Personal Data. The Company shall, in relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process Personal Data only in accordance with the written instructions given by IHiS and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 101 contracts

Samples: Non Disclosure Agreement, Non Disclosure Agreement, Non Disclosure Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Parties may obtain certain information relating to identified or identifiable individuals (“Personal Data”), including but not limited to, from Apple on Apple’s or its affiliate(s)’ behalf and/or from Apple affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Parties), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without Apple’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to Apple if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Parties shall: ~~fully~~ (i) comply with Apple’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify Apple of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform Apple if, in its opinion, an instruction from Apple infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection~~regulations and international accords or treaties pertaining to Personal Data; (v) take all appropriate legal, ~~use~~ organizational and ~~disclosure~~ technical measures to protect against unlawful and unauthorized processing of Personal Data; ~~process~~ and (vi) promptly notify Apple’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with Apple to promptly and effectively handle such requests with respect to Personal Data, and only respond to any such requests if expressly authorized to do so by Apple. If Personal Data ~~only in accordance with~~ is transferred from the ~~written instructions given~~ European Economic Area or Switzerland to or by ~~IHiS~~ Seller and/or Seller Parties, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to ~~such extent necessary and~~ the appropriate legal instruments for the ~~completion~~ international transfer of data (such as the ~~Purpose~~EU-U.S. Privacy Shield Framework); ~~promptly deal with~~ or (b) execute: (1) the Standard Contractual Clauses as approved by the European Commission; and (2) where relevant, the Swiss Transborder Data Flow Agreement; or (c) execute mutually agreeable contractual instruments or Binding Corporate Rules (BCR) as such BCR are approved by the relevant supervisory authority. Seller shall be liable for the damage caused to any ~~enquiry from IHiS relating to the Company~~individual as a result of Seller’s processing of Personal Data; , where Seller has not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company complied with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS;~~ Section or ~~expiry~~ any applicable laws, regulations and international accords or ~~termination of the NDA~~treaties pertaining to Personal Data, ~~return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information~~ or ~~destroy the same, and certify in writing to IHiS that~~ where it has ~~complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose~~ acted outside or ~~return of the documents and materials as aforesaid, the Company shall continue~~ contrary to ~~be bound by the undertakings set out in Clauses 3 and 4 above~~lawful instructions from Apple.

Appears in 83 contracts

Samples: Taiwan Branch Purchase Agreement, Sentity Independent Productions LLC Purchase Agreement, Studio Services LLC Purchase Agreement

Protection of Personal Data. Where any Personal Data are processed with respect to the Parties' rights and obligations under this Call Off Contract, the Parties agree that the Customer is the Data Controller and that the Supplier is the Data Processor. The ~~Company~~ Supplier shall~~, in relation to Personal Data~~: ~~fully comply with all requirements of~~ Process the ~~PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process~~ Personal Data only in accordance with instructions from the ~~written~~ Customer (which may be specific instructions ~~given~~ or instructions of a general nature as set out in this Call Off Contract or as otherwise notified by ~~IHiS~~ the Customer to the Supplier during the Call Off Contract Period); Process the Personal Data only to the extent, and to in such ~~extent~~ manner, as is necessary ~~and appropriate~~ for the ~~completion~~ provision of the ~~Purpose~~Goods and/or Services or as is required by Law or any Regulatory Body; ~~promptly deal with any enquiry from IHiS relating~~ implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the ~~Company’s processing~~ harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected; take reasonable steps to ensure the reliability of any Staff who have access to the Personal Data; ~~not~~ obtain Approval in order to transfer ~~or allow~~ the Personal Data to ~~be transferred outside~~ any Sub-Contractors or Affiliates for the provision of ~~Singapore~~the Services; ensure that all Staff required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this Clause 31; ensure that none of the Staff publish, disclose or divulge any of the Personal Data to any third party unless ~~expressly instructed~~ directed in writing to do so by the Customer; notify the Customer (within five (5) Working Days) if it receives: a request from a Data Subject to have access to that person's Personal Data; or ~~authorised by IHiS~~a complaint or request relating to the Customer's obligations under the Data Protection Legislation; ~~and~~ provide ~~all necessary co-operation~~ the Customer with full cooperation and assistance ~~(whether~~ in relation to ~~IHiS~~ any complaint or ~~otherwise) to allow~~ request made, including by: providing the Customer with full details of the complaint or request; complying with a data access ~~and/or correction of Personal~~ request within the relevant timescales set out in the Data Protection Legislation and in accordance with the ~~PDPA. Without prejudice to Clause 4.1 above,~~ Customer's instructions; providing the ~~Company ensure: that~~ Customer with any Personal Data ~~belonging~~ it holds in relation to ~~IHiS or its Affiliates which is held by~~ a Data Subject (within the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer timescales required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiSCustomer); and ~~it keeps itself appraised of~~ providing the Customer with any information requested by the Customer; permit the Customer or the Customer Representative (subject to reasonable and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”appropriate confidentiality undertakings), to inspect and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clauseaudit, the ~~Company hereby expressly acknowledges~~ Supplier's data Processing activities (and/or those of its agents, subsidiaries and ~~agrees that it has read the PDPA Documentation~~ Sub-Contractors) and ~~is aware of and will compensate IHiS for any and~~ comply with all ~~potential loss and damage caused to IHiS and/or its Affiliates arising from~~ reasonable requests or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance directions by the ~~Company~~ Customer to enable the Customer to verify and/or procure that the Supplier is in full compliance with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion~~ Call Off Contract; provide a written description of the ~~Purpose~~technical and organisational methods employed by the Supplier for Processing Personal Data (within the timescales required by the Customer); ~~receipt of~~ and not Process or otherwise transfer any Personal Data outside the European Economic Area. If, after the Call Off Commencement Date, the Supplier (or any Sub-Contractor) wishes to Process and/or transfer any Personal Data outside the European Economic Area, the following provisions shall apply: the Supplier shall submit a ~~written~~ request ~~from IHiS; or expiry or termination of~~ for Variation to the ~~NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify~~ Customer which shall be dealt with in ~~writing to IHiS that it has complied~~ accordance with the ~~requirements of this Clause 5.1. Notwithstanding~~ Variation Procedure and paragraphs (b) to (d) below; the ~~completion of the Purpose or return of the documents and materials as aforesaid, the Company~~ Supplier shall ~~continue to be bound by the undertakings~~ set out in its request for a Variation details of the following: the Personal Data which will be Processed and/or transferred outside the European Economic Area; the country or countries in which the Personal Data will be Processed and/or to which the Personal Data will be transferred outside the European Economic Area; any Sub-Contractors or other third parties who will be Processing and/or transferring Personal Data outside the European Economic Area; and how the Supplier will ensure an adequate level of protection and adequate safeguards (in accordance with the Data Protection Legislation and in particular so as to ensure the Customer’s compliance with the Data Protection Legislation) in respect of the Personal Data that will be Processed and/or transferred outside the European Economic Area; in providing and evaluating the request for Variation, the Parties shall ensure that they have regard to and comply with then-current Customer, Government and Information Commissioner Office’s policies, procedures, guidance and codes of practice on, and any approvals processes in connection with, the Processing and/or transfers of Personal Data outside the European Economic Area and/or overseas generally but, for the avoidance of doubt, the Customer may, in its absolute discretion, refuse to grant Approval of such process and/or transfer any Personal Data outside the European Economic Area; and the Supplier shall comply with such other instructions and shall carry out such other actions as the Customer may notify in writing, including: incorporating standard and/or model Clauses 3 (which are approved by the European Commission as offering adequate safeguards under the Data Protection Legislation) in this Call Off Contract or a separate data processing agreement between the parties; and ~~4 above~~procuring that any Sub-Contractor or other third party who will be Processing and/or transferring the Personal Data outside the European Economic Area enters into a direct data processing agreement with the Customer on such terms as may be required by the Customer, which the Supplier acknowledges may include the incorporation of standard and/or model Clauses (which are approved by the European Commission as offering adequate safeguards under the Data Protection Legislation). The Supplier shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Call Off Contract in such a way as to cause the Customer to breach any of its applicable obligations under the Data Protection Legislation. The Supplier acknowledges that, in the event that it breaches (or attempts or threatens to breach) its obligations relating to Personal Data that the Customer may be irreparably harmed (including harm to its reputation). In such circumstances, the Customer may proceed directly to court and seek injunctive or other equitable relief to remedy or prevent any further breach (or attempted or threatened breach). The Supplier shall, at all times during and after the Call Off Contract Period, indemnify the Customer and keep the Customer fully indemnified against all Losses incurred by, awarded against or agreed to be paid by the Customer at any time (whether before or after the making of a demand pursuant to the indemnity hereunder) arising from any breach of the Supplier's obligations under this Clause 31 except and to the extent that such liabilities have resulted directly from the Customer's instructions.

Appears in 12 contracts

Samples: data.gov.uk, data.gov.uk, data.gov.uk

Protection of Personal Data. The Company shall, in relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process Personal Data only in accordance with the written instructions given by ~~IHiS~~ CGH and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from ~~IHiS~~ CGH relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by ~~IHiS~~CGH; and provide all necessary co-operation and assistance (whether to ~~IHiS~~ CGH or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to ~~IHiS~~ CGH or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to ~~IHiS~~ CGH in accordance with Clause 5 below; that ~~IHiS~~ CGH is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing ~~IHiS~~ CGH with such reports or information concerning such steps as and when requested by ~~IHiS~~CGH); and it keeps itself appraised of any and all notices and circulars which ~~IHiS~~ CGH may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause ~~IHiS~~ CGH to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate ~~IHiS~~ CGH for any and all potential loss and damage caused to ~~IHiS~~ CGH and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, ~~IHiS~~ CGH reserves the right and the Company agrees that ~~IHiS~~ CGH may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from ~~IHiS~~CGH; or expiry or termination of the NDA, return to ~~IHiS~~ CGH all documents and materials (and all copies thereof) containing ~~IHiS’~~ CGH’s Confidential Information or destroy the same, and certify in writing to ~~IHiS~~ CGH that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 10 contracts

Samples: Non Disclosure Agreement, Non Disclosure Agreement, Non Disclosure Agreement

Protection of Personal Data. With respect to the parties' rights and obligations under this Agreement, the parties agree that the Authority is the Data Controller and that the Contractor is the Data Processor. The ~~Company~~ Contractor shall~~, in relation to Personal Data~~: ~~fully comply with all requirements of~~ Process the ~~PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process~~ Personal Data only in accordance with instructions from the ~~written~~ Authority (which may be specific instructions ~~given~~ or instructions of a general nature as set out in this Agreement or as otherwise notified by ~~IHiS~~ the Authority to the Contractor during the term of this Agreement); Process the Personal Data only to the extent, and to in such ~~extent~~ manner, as is necessary ~~and appropriate~~ for the ~~completion~~ provision of the ~~Purpose~~Services or as is required by Law or any Regulatory Body; ~~promptly deal with any enquiry from IHiS relating~~ implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the ~~Company’s processing~~ harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected; take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; ~~not~~ obtain prior written consent from the Authority in order to transfer ~~or allow~~ the Personal Data to ~~be transferred~~ any Sub-contractors or members of the Contractor’s group of companies for the provision of the Services; ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 6; ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Authority; notify the Authority (within [five] Working Days) if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Authority's obligations under the Data Protection Legislation; provide the Authority with full cooperation and assistance in relation to any complaint or request made, including by: providing the Authority with full details of the complaint or request; complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Authority's instructions; providing the Authority with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Authority); and providing the Authority with any information requested by the Authority; permit the Authority (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit, in accordance with clause 3 (Audits), the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Authority to enable the Authority to verify and/or procure that the Contractor is in full compliance with its obligations under this Agreement; provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Authority); and not Process Personal Data outside the European Economic Area without the prior written consent of ~~Singapore~~the Authority and, ~~unless expressly instructed~~ where the Authority consents to a transfer, to comply with: the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing an adequate level of protection to any Personal Data that is transferred; and any reasonable instructions notified to it by the Authority. The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Agreement in such a way as to cause the Authority to breach any of its applicable obligations under the Data Protection Legislation. FREEDOM OF INFORMATION The Contractor acknowledges that the Authority is subject to the requirements of the Code of Practice on Government Information, FOIA and the Environmental Information Regulations and shall assist and cooperate with the Authority to enable the Authority to comply with its Information disclosure obligations. The Contractor shall and shall procure that its Sub-contractors shall: transfer to the Authority all Requests for Information that it receives as soon as practicable and in any event within [two] Working Days of receiving a Request for Information; provide the Authority with a copy of all Information in its possession, or ~~authorised by IHiS~~power in the form that the Authority requires within [five] Working Days (or such other period as the Authority may specify) of the Authority's request; and provide all necessary ~~co-operation~~ assistance as reasonably requested by the Authority to enable the Authority to respond to the Request for Information within the time for compliance set out in section 10 of the FOIA or regulation 5 of the Environmental Information Regulations. The Authority shall be responsible for determining in its absolute discretion and ~~assistance (~~notwithstanding any other provision in this Agreement or any other agreement whether ~~to IHiS or otherwise) to allow access~~ the Commercially Sensitive Information and/or ~~correction of Personal Data~~ any other Information is exempt from disclosure in accordance with the ~~PDPA~~provisions of the Code of Practice on Government Information, FOIA or the Environmental Information Regulations. ~~Without prejudice~~ In no event shall the Contractor respond directly to ~~Clause 4.1 above, the Company ensure: that any Personal Data belonging~~ a Request for Information unless expressly authorised to ~~IHiS or its Affiliates which is held~~ do so by the ~~Company is protected against loss~~Authority. The Contractor acknowledges that (notwithstanding the provisions of clause 8) the Authority may, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS acting in accordance with ~~Clause 5 below; that IHiS is immediately alerted in writing (with full particulars)~~ the Department of ~~any unauthorised access, disclosure or other breach~~ Constitutional Affairs’ Code of ~~this Clause 4 and~~ Practice on the ~~Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach~~ Discharge of ~~this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised~~ the Functions of ~~any and all notices and circulars which IHiS may from time to time notify to~~ Public Authorities under Part 1 of the ~~Company, including without limitation any policies, guidelines, circulars or notices relating to personal data~~ Freedom of Information Act 2000 (“~~PDPA Documentation~~the Code”), ~~and~~ be obliged under the FOIA, or the Environmental Information Regulations to ~~perform its duties~~ disclose information concerning the Contractor or ~~discharge its liabilities~~ the Services: in ~~connection~~ certain circumstances without consulting the Contractor; or following consultation with the ~~Purpose in a manner which is consistent with the PDPA Documentation,~~ Contractor and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.having taken their views into account;

Appears in 6 contracts

Samples: Requirements and Plan, Blood and Transplant, Requirements and Plan

Protection of Personal Data. The Company shall, in relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process Personal Data only in accordance with the written instructions given by ~~IHiS~~ AIC and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from ~~IHiS~~ AIC relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by ~~IHiS~~AIC; and provide all necessary co-operation and assistance (whether to ~~IHiS~~ AIC or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to ~~IHiS~~ AIC or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to ~~IHiS~~ AIC in accordance with Clause 5 below; that ~~IHiS~~ AIC is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing ~~IHiS~~ AIC with such reports or information concerning such steps as and when requested by ~~IHiS~~AIC); and it keeps itself appraised of any and all notices and circulars which ~~IHiS~~ AIC may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause ~~IHiS~~ AIC to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate ~~IHiS~~ AIC for any and all potential loss and damage caused to ~~IHiS~~ AIC and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, ~~IHiS~~ AIC reserves the right and the Company agrees that ~~IHiS~~ AIC may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from ~~IHiS~~AIC; or expiry or termination of the NDA, return to ~~IHiS~~ AIC all documents and materials (and all copies thereof) containing ~~IHiS’~~ AIC’s Confidential Information or destroy the same, and certify in writing to ~~IHiS~~ AIC that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 5 contracts

Samples: Non Disclosure Agreement, Non Disclosure Agreement, Non Disclosure Agreement

Protection of Personal Data. The Company shall, in relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process Personal Data only in accordance with the written instructions given by ~~IHiS~~ CGH and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from ~~IHiS~~ CGH relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by ~~IHiS~~CGH; and provide all necessary co-operation and assistance (whether to ~~IHiS~~ CGH or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to ~~IHiS~~ CGH or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to ~~IHiS~~ CGH in accordance with Clause 5 below; that ~~IHiS~~ CGH is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing ~~IHiS~~ CGH with such reports or information concerning such steps as and when requested by ~~IHiS~~CGH); and it keeps itself appraised of any and all notices and circulars which ~~IHiS~~ CGH may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause ~~IHiS~~ CGH to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate ~~IHiS~~ CGH for any and all potential loss and damage caused to ~~IHiS~~ CGH and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, ~~IHiS~~ CGH reserves the right and the Company agrees that ~~IHiS~~ CGH may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within ~~SEVEN~~ seven (7) days of: completion of the Purpose; receipt of a written request from ~~IHiS~~CGH; or expiry or termination of the NDA, return to ~~IHiS~~ CGH all documents and materials (and all copies thereof) containing ~~IHiS’~~ CGH’s Confidential Information or destroy the same, and certify in writing to ~~IHiS~~ CGH that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 3 contracts

Samples: Non Disclosure Agreement, Non Disclosure Agreement, Non Disclosure Agreement

Protection of Personal Data. ~~The Company shall,~~ Where any Personal Data are Processed in ~~relation to Personal Data: fully comply~~ connection with ~~all requirements~~ the exercise of the ~~PDPA~~Parties’ rights and obligations under this Call Off Contract, ~~including~~ the ~~requirements concerning~~ Parties acknowledge that the ~~collection, use~~ Customer is the Data Controller and ~~disclosure of Personal Data; process~~ that the Supplier is the Data Processor. The Supplier shall: Process the Personal Data only in accordance with instructions from the ~~written instructions given by IHiS~~ Customer to perform its obligations under this Call Off Contract; ensure that at all times it has in place appropriate technical and organisational measures to ~~such extent necessary and appropriate for the completion~~ guard against unauthorised or unlawful Processing of the ~~Purpose; promptly deal with any enquiry from IHiS relating~~ Personal Data and/or accidental loss, destruction, or damage to the ~~Company’s processing of~~ Personal Data, including the measures as are set out in Clauses 36.1 (Security Requirements) and 36.2 (Protection of Customer Data); not disclose or transfer ~~or allow~~ the Personal Data to ~~be transferred outside~~ any third party or Supplier Personnel unless necessary for the provision of ~~Singapore~~the Services and, for any disclosure or transfer of Personal Data to any third party, obtain the prior written consent of the Customer (save where such disclosure or transfer is specifically authorised under this Call Off Contract) take reasonable steps to ensure the reliability and integrity of any Supplier Personnel who have access to the Personal Data and ensure that the Supplier Personnel: are aware of and comply with the Supplier’s duties under this Clause 36.6.2 and Clauses 36.1 (Security Requirements), 36.2 (Protection of Customer Data) and 36.3 (Confidentiality); are informed of the confidential nature of the Personal Data and do not publish, disclose or divulge any of the Personal Data to any third party unless ~~expressly instructed~~ directed in writing to do so by the Customer or ~~authorised~~ as otherwise permitted by ~~IHiS~~this Call Off Contract; and have undergone adequate training in the use, care, protection and handling of personal data (as defined in the DPA); notify the Customer within five (5) Working Days if it receives: from a Data Subject (or third party on their behalf) a Data Subject Access Request (or purported Data Subject Access Request) a request to rectify, block or erase any Personal Data or any other request, complaint or communication relating to the Customer's obligations under the DPA; any communication from the Information Commissioner or any other regulatory authority in connection with Personal Data; or a request from any third party for disclosure of Personal Data where compliance with such request is required or purported to be required by Law; provide ~~all necessary co-operation~~ the Customer with full cooperation and assistance (~~whether~~ within the timescales reasonably required by the Customer) in relation to ~~IHiS~~ any complaint, communication or ~~otherwise)~~ request made (as referred to ~~allow access and/or correction~~ at Clause 36.6.2(e)), including by promptly providing: the Customer with full details and copies of the complaint, communication or request; where applicable, such assistance as is reasonably requested by the Customer to enable the Customer to comply with the Data Subject Access Request within the relevant timescales set out in the DPA; and the Customer, on request by the Customer, with any Personal Data it holds in relation to a Data Subject; and if requested by the Customer, provide a written description of the measures that has taken and technical and organisational security measures in place, for the purpose of compliance with its obligations pursuant to this Clause 36.6.2 and provide to the Customer copies of all documentation relevant to such compliance including, protocols, procedures, guidance, training and manuals. The Supplier shall not Process or otherwise transfer any Personal Data in ~~accordance with~~ or to any country outside the ~~PDPA~~European Economic Area. ~~Without prejudice~~ The Supplier shall use its reasonable endeavours to ~~Clause 4.1 above,~~ assist the ~~Company ensure: that any Personal Data belonging~~ Customer to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection comply with any ~~breach of this clause. Notwithstanding~~ obligations under the DPA and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with shall not perform its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion~~ Call Off Contract in such a way as to cause the Customer to breach any of the ~~Purpose; receipt~~ Customer’s obligations under the DPA to the extent the Supplier is aware, or ought reasonably to have been aware, that the same would be a breach of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 abovesuch obligations.

Appears in 3 contracts

Samples: assets.crowncommercial.gov.uk, www.contractsfinder.service.gov.uk, data.gov.uk

Protection of Personal Data. The Company shall, in relation to Personal ~~Data:~~ Data:- ensure that it has, in relation to all Personal Data obtained and/or collected by it, fully ~~comply~~ complied with all requirements of the ~~PDPA, including the requirements concerning the collection, use and disclosure~~ Personal Data Protection Act (No. 26 of ~~Personal Data~~2012); process Personal Data only in accordance with the written instructions given by IHiS and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be ~~transferred~~ transferred, outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the ~~PDPA~~Personal Data Protection Xxx 0000. Without prejudice to Clause 4.1 above, the Company shall take all reasonable measures to ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or ~~returned~~ re-delivered to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company ~~will undertake~~undertakes, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the ~~NDA~~Agreement, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with ~~its~~ the obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within ~~SEVEN (7)~~ seven days of: completion of the Purpose; or receipt of a written request from IHiS; or expiry or termination of the ~~NDA~~Agreement, return to IHiS all documents and materials (and all copies thereof) containing the IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this ~~Clause 5.1~~sub-clause. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 2 contracts

Samples: Non Disclosure Agreement, Non Disclosure Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Parties may obtain certain information relating to identified or identifiable individuals ("Personal Data"), including but not limited to, from Apple on Apple’s or its affiliate(s)’ behalf and/or from Apple affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Parties), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without Apple’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to Apple if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Parties shall: ~~fully~~ (i) comply with Apple’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify Apple of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform Apple if, in its opinion, an instruction from Apple infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection~~regulations and international accords or treaties pertaining to Personal Data; (v) take all appropriate legal, ~~use~~ organizational and ~~disclosure~~ technical measures to protect against unlawful and unauthorized processing of Personal Data; ~~process~~ and (vi) promptly notify Apple’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with Apple to promptly and effectively handle such requests with respect to Personal Data, and only respond to any such requests if expressly authorized to do so by Apple. If Personal Data ~~only in accordance with~~ is transferred from the ~~written instructions given~~ European Economic Area or Switzerland to or by ~~IHiS~~ Seller and/or Seller Parties, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to ~~such extent necessary and~~ the appropriate legal instruments for the ~~completion~~ international transfer of data (such as the ~~Purpose~~EU-U.S. Privacy Shield Framework); ~~promptly deal with~~ or (b) execute: (1) the Standard Contractual Clauses as approved by the European Commission; and (2) where relevant, the Swiss Transborder Data Flow Agreement; or (c) execute mutually agreeable contractual instruments or Binding Corporate Rules (BCR) as such BCR are approved by the relevant supervisory authority. Seller shall be liable for the damage caused to any ~~enquiry from IHiS relating to the Company~~individual as a result of Seller’s processing of Personal Data; , where Seller has not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company complied with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS;~~ Section or ~~expiry~~ any applicable laws, regulations and international accords or ~~termination of the NDA~~treaties pertaining to Personal Data, ~~return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information~~ or ~~destroy the same, and certify in writing to IHiS that~~ where it has ~~complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose~~ acted outside or ~~return of the documents and materials as aforesaid, the Company shall continue~~ contrary to ~~be bound by the undertakings set out in Clauses 3 and 4 above~~lawful instructions from Apple.

Appears in 2 contracts

Samples: Canada Inc. Purchase Agreement, Apple Technology Services Purchase Agreement

Protection of Personal Data. ~~The Company~~ Where Hotel processes personal data on behalf of IEEE in connection with the performance of this Agreement, it shall, : (i) process such personal data in ~~relation to Personal Data: fully comply~~ accordance with all ~~requirements~~ applicable laws, only for purposes reasonably necessary for the performance of ~~the PDPA, including the requirements concerning the collection, use~~ its obligations under this Agreement and ~~disclosure of Personal Data; process Personal Data only~~ in accordance with the documented written instructions ~~given~~ of IEEE (except where required otherwise by ~~IHiS and to~~ law); (ii) treat such ~~extent necessary and appropriate for~~ data as Confidential Information of IEEE; (iii) where such personal data is collected in the ~~completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s processing of Personal Data;~~ European Economic Area (“EEA”), not transfer ~~or allow~~ such personal data to any location outside the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data EEA except in accordance with the ~~PDPA~~safeguards required under the Regulation (EU) 2016/679 (the General Data Protection Regulation) and any applicable national legislation (“EU Data Protection Laws”); (iv) taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the likelihood and severity of any risk, implement appropriate technical and organizational measures to protect such personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, limitation to the ~~extent that the Personal Data is~~ foregoing, such measures shall comply with prevailing industry standards but in no ~~longer required by the Company for legal~~ case consist of less than reasonable care; (v) co-operate fully with IEEE to enable it to adequately discharge its responsibility under applicable laws (including assisting with data subject access or ~~business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below~~erasure requests); ~~that IHiS is~~ (vi) immediately ~~alerted in writing (with full particulars)~~ notify IEEE of any ~~unauthorised access, disclosure~~ actual or ~~other~~ suspected data breach ~~of this Clause 4~~ and ~~the Company will undertake, as soon as reasonably practicable,~~ provide all ~~steps to prevent further unauthorised access, disclosure or other breach of this clause~~ available information; (~~including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of~~ vii) not allow any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to ~~conduct~~process such personal data on its behalf except with IEEE’s prior written consent; and (viii) ~~an audit and/or assessment~~ delete or (at IEEE’s choice) deliver to IEEE all records of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or such personal data upon termination of this Agreement or (if earlier) upon the ~~NDA~~data no longer being required for the purposes referred to in subsection (i) above. References to ‘personal data’ and to ‘processing’ in this section, ~~return~~ insofar as it concerns data collected in the EEA, shall have the meaning given to ~~IHiS all documents~~ these terms under the EU Data Protection Laws. IEEE or its representative shall have the right, on reasonable Notice, to review, inspect and/or audit Hotel’s security program, technical environment and ~~materials (~~business continuity arrangements and ~~all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied~~ its compliance with the other requirements of this ~~Clause 5.1~~section. ~~Notwithstanding~~ Hotel shall delete all of IEEE’s information within its custody or control, including, but not limited to, completed project data, email addresses and all other personal data processed on behalf of IEEE upon the ~~completion~~ earliest of (a) termination of this Agreement; (b) written request by IEEE; or (c) the personal data no longer being required for the performance of the ~~Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above~~services specified herein.

Appears in 2 contracts

Samples: Hotel Agreement, Hotel Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Parties may obtain certain information relating to identified or identifiable individuals (“Personal Data”), including but not limited to, from Platypus on Platypus’s or its affiliate(s)’ behalf and/or from Platypus affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Parties), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without Platypus’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to Platypus if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Parties shall: ~~fully~~ (i) comply with Platypus’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify Platypus of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform Platypus if, in its opinion, an instruction from Platypus infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection~~regulations and international accords or treaties pertaining to Personal Data; (v) take all appropriate legal, ~~use~~ organizational and ~~disclosure~~ technical measures to protect against unlawful and unauthorized processing of Personal Data; ~~process~~ and (vi) promptly notify Platypus’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with Platypus to promptly and effectively handle such requests with respect to Personal Data, and only respond to any such requests if expressly authorized to do so by Platypus. If Personal Data ~~only in accordance with~~ is transferred from the ~~written instructions given~~ European Economic Area or Switzerland to or by ~~IHiS~~ Seller and/or Seller Parties, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to ~~such extent necessary and~~ the appropriate legal instruments for the ~~completion~~ international transfer of data (such as the ~~Purpose~~EU-U.S. Privacy Shield Framework); ~~promptly deal with~~ or (b) execute: (1) the Standard Contractual Clauses as approved by the European Commission; and (2) where relevant, the Swiss Transborder Data Flow Agreement; or (c) execute mutually agreeable contractual instruments or Binding Corporate Rules (BCR) as such BCR are approved by the relevant supervisory authority. Seller shall be liable for the damage caused to any ~~enquiry from IHiS relating to the Company~~individual as a result of Seller’s processing of Personal Data; , where Seller has not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company complied with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS;~~ Section or ~~expiry~~ any applicable laws, regulations and international accords or ~~termination of the NDA~~treaties pertaining to Personal Data, ~~return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information~~ or ~~destroy the same, and certify in writing to IHiS that~~ where it has ~~complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose~~ acted outside or ~~return of the documents and materials as aforesaid, the Company shall continue~~ contrary to ~~be bound by the undertakings set out in Clauses 3 and 4 above~~lawful instructions from Platypus.

Appears in 1 contract

Samples: Development LLC Purchase Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Parties may obtain certain information relating to identified or identifiable individuals (“Personal Data”), including but not limited to, from Apple on Apple’s or its affiliate(s)’ behalf and/or from Apple affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Parties), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without Apple’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to Apple if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Parties shall: ~~fully~~ (i) comply with Apple’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify Apple of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform Apple if, in its opinion, an instruction from Apple infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection, use~~ regulations and ~~disclosure of~~ international accords or treaties pertaining to Personal Data; ~~process Personal Data only in accordance with the written instructions given by IHiS~~ (v) take all appropriate legal, organizational and technical measures to ~~such extent necessary~~ protect against unlawful and ~~appropriate for the completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s~~ unauthorized processing of Personal Data; and (vi) promptly notify Apple’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not ~~transfer or allow the~~ limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with Apple to promptly and effectively handle such requests with respect to Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuseData, and ~~that~~ only ~~authorised personnel have access~~ respond to ~~that Personal Data; that,~~ any such requests if expressly authorized to ~~the extent that the~~ do so by Apple. If Personal Data is ~~no longer required~~ transferred from the European Economic Area or Switzerland to or by Seller and/or Seller Parties, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to the appropriate legal instruments for the international transfer of data (such as the EU- U.S. Privacy Shield Framework); or (b) execute: (1) the Standard Contractual Clauses as approved by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS)European Commission; and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause2) where relevant, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the PurposeSwiss Transborder Data Flow Agreement; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.or

Appears in 1 contract

Samples: Operations Europe Ltd. Purchase Agreement

Protection of Personal Data. The Company shall, in relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure of Personal Data; process Personal Data only in accordance with the written instructions given by IHiS and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within ~~SEVEN~~ seven (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 1 contract

Samples: Non Disclosure Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Affiliates may obtain certain information relating to identified or identifiable individuals (“Personal Data”), including but not limited to, from Apple on Apple’s or its affiliate(s)’ behalf and/or from Apple affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Affiliates), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without Apple’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to Apple if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Affiliates shall: ~~fully~~ (i) comply with Apple’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify Apple of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform Apple if, in its opinion, an instruction from Apple infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection~~regulations and international accords or treaties pertaining to Personal Data; (v) take all appropriate legal, ~~use~~ organizational and ~~disclosure~~ technical measures to protect against unlawful and unauthorized processing of Personal Data; ~~process~~ and (vi) promptly notify Apple’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with Apple to promptly and effectively handle such requests with respect to Personal Data, and only respond to any such requests if expressly authorized to do so by Apple. If Personal Data ~~only in accordance with~~ is transferred from the ~~written instructions given~~ European Economic Area or Switzerland to or by ~~IHiS~~ Seller and/or Seller Affiliates, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to ~~such extent necessary and~~ the appropriate legal instruments for the ~~completion~~ international transfer of data (such as the ~~Purpose~~EU-U.S. Privacy Shield Framework); ~~promptly deal with~~ or (b) execute: (1) the Standard Contractual Clauses as approved by the European Commission; and (2) where relevant, the Swiss Transborder Data Flow Agreement; or (c) execute mutually agreeable contractual instruments or Binding Corporate Rules (BCR) as such BCR are approved by the relevant supervisory authority. Seller shall be liable for the damage caused to any ~~enquiry from IHiS relating to the Company~~individual as a result of Seller’s processing of Personal Data; , where Seller has not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company complied with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS;~~ Section or ~~expiry~~ any applicable laws, regulations and international accords or ~~termination of the NDA~~treaties pertaining to Personal Data, ~~return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information~~ or ~~destroy the same, and certify in writing to IHiS that~~ where it has ~~complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose~~ acted outside or ~~return of the documents and materials as aforesaid, the Company shall continue~~ contrary to ~~be bound by the undertakings set out in Clauses 3 and 4 above~~lawful instructions from Apple.

Appears in 1 contract

Samples: Lithuania Uab Purchase Agreement

Protection of Personal Data. As a result of this Agreement, Seller and Seller Parties may obtain certain information relating to identified or identifiable individuals (“Personal Data”), including but not limited to, from ACWN on ACWN’s or its affiliate(s)’ behalf and/or from ACWN affiliates located in any jurisdiction. Seller shall have no right, title or interest in Personal Data obtained by it as a result of this Agreement. The ~~Company shall~~details of the type of Personal Data and categories of data subjects shall be determined in a PO, statements of work or other contractual instruments executed in ~~relation~~ connection with this Agreement. Seller may only disclose Personal Data to third parties (including Seller Parties), who have a need to know and have signed agreements that require them to protect Personal Data in the same manner as detailed in this Agreement. Seller shall not engage any third party to perform any portion of the Services if such party may obtain or otherwise process Personal Data, without ACWN’s prior written consent. Notwithstanding such consent, Seller shall not be relieved of any obligations under this Section and shall remain solely liable to ACWN if the third party fails to fulfil its obligations with respect to Personal Data. Seller and Seller Parties shall: ~~fully~~ (i) comply with ACWN’s or its affiliate’s reasonable instructions regarding Personal Data, unless otherwise required by applicable law, in which case, Seller shall promptly notify ACWN of the applicable legal requirement before processing Personal Data, unless such applicable legal requirement prohibits such notification for public interest reasons; (ii) immediately inform ACWN if, in its opinion, an instruction from ACWN infringes Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 or other applicable data protection laws; (iii) collect, access, maintain, use, process and transfer Personal Data solely for the purpose of performing Seller’s obligations under this Agreement; (iv) comply with all ~~requirements of the PDPA~~applicable laws, ~~including the requirements concerning the collection~~regulations and international accords or treaties pertaining to Personal Data; (v) take all appropriate legal, ~~use~~ organizational and ~~disclosure~~ technical measures to protect against unlawful and unauthorized processing of Personal Data; ~~process~~ and (vi) promptly notify ACWN’s Privacy Counsel at xxxxxxx_xxxxxxxxxxxxx@xxxxx.xxx if it receives any requests from an individual with respect to Personal Data, including but not limited to, “opt-out” specifications, information access requests, information rectification requests and all like requests. Seller shall work with ACWN to promptly and effectively handle such requests with respect to Personal Data, and only respond to any such requests if expressly authorized to do so by ACWN. If Personal Data ~~only in accordance with~~ is transferred from the ~~written instructions given~~ European Economic Area or Switzerland to or by ~~IHiS~~ Seller and/or Seller Parties, as processor and/or sub-processor, to a jurisdiction which the European Commission or, where relevant, the Swiss Federal Data Protection and Information Commissioner, have not determined as ensuring an adequate level of protection of personal data, then Seller shall either: (a) subscribe to ~~such extent necessary and~~ the appropriate legal instruments for the ~~completion~~ international transfer of data (such as the ~~Purpose~~EU-U.S. Privacy Shield Framework); ~~promptly deal with~~ or (b) execute: (1) the Standard Contractual Clauses as approved by the European Commission; and (2) where relevant, the Swiss Transborder Data Flow Agreement; or (c) execute mutually agreeable contractual instruments or Binding Corporate Rules (BCR) as such BCR are approved by the relevant supervisory authority. Seller shall be liable for the damage caused to any ~~enquiry from IHiS relating to the Company~~individual as a result of Seller’s processing of Personal Data; , where Seller has not transfer or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company complied with its obligations under this ~~Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS;~~ Section or ~~expiry~~ any applicable laws, regulations and international accords or ~~termination of the NDA~~treaties pertaining to Personal Data, ~~return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information~~ or ~~destroy the same, and certify in writing to IHiS that~~ where it has ~~complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose~~ acted outside or ~~return of the documents and materials as aforesaid, the Company shall continue~~ contrary to ~~be bound by the undertakings set out in Clauses 3 and 4 above~~lawful instructions from ACWN.

Appears in 1 contract

Samples: Network LLC Purchase Agreement

Protection of Personal Data. The ~~Company shall~~Service Provider undertakes to guarantee the secrecy, security and confidentiality of personal data as defined by Law No. 09-08 on the protection of individuals with regard to the processing of personal data communicated to him by the Client in the context of this Contract and / or of which he may have become aware of it during the execution of this Contract (the "Data"). For this purpose, the Service Provider undertakes to:  take all necessary precautions, in ~~relation~~ order to ~~Personal Data: fully comply with all requirements~~ preserve the security of the ~~PDPA~~Data, in particular to prevent them from being deformed, damaged and prevent any access not previously authorized by the Client;  treat the Data only within the framework of instructions and authorization received from the Client;  treat the Data exclusively and exclusively within and under this Contract;  not to use the services of a subcontractor, except that the latter is previously and expressly authorized by the Client and acts under the responsibility and control of the Service Provider. This subcontracting must be carried out under a contract incorporating the provisions of this article and submitted to the prior approval of the Client and to ensure compliance with the obligations subscribed by the Service Provider. It is the sole responsibility of the Service Provider to ensure that the subcontractor provides sufficient guarantees to ensure the implementation of the obligations to which the Service Provider has committed;  respect its obligation of secrecy, security and confidentiality, during all maintenance and remote maintenance operations, carried out within the Service Provider's premises or any other company involved in the processing;  take all security measures, including physical and logical, to ensure the ~~requirements concerning~~ preservation and integrity of the ~~collection, use and disclosure of Personal~~ processed Data; ~~process Personal~~  implement appropriate technical and organizational measures to protect the Data ~~only~~ against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, as well as any other form of unlawful processing;  take all measures to prevent misuse, malicious or fraudulent use of the Data processed;  at the expiration or termination of this Contract for any reason whatsoever, destroy the Data and computerized or manual files or any medium on which the Data appears. In addition, the Services Provider is prohibited from:  to disclose, in ~~accordance~~ any form whatsoever, all or part of the Data as well as the computerized or manual files or any medium on which the Data appears;  to use all or part of the Data as well as the computerized or manual files or any medium on which the Data appear, on its behalf or on behalf of third parties, for professional, personal or private purposes other than those defined in this Contract ;  to take copy or store, in whatever form and purpose, all or part of the Data as well as the computerized or manual files or any medium on which the Data appears. In addition, the Service Provider undertakes:  at the Client's first request to provide evidence, that he has the organizational and technical means to ensure compliance with his obligations under this article;  to cooperate with the ~~written instructions given~~ Client in all circumstances likely to affect the respect by ~~IHiS and~~ the Service Provider of his obligations under this article;  to ~~such extent necessary and appropriate for~~ inform the ~~completion~~ Client immediately in case of loss or alteration of all or part of the ~~Purpose; promptly deal with~~ Data or any ~~enquiry from IHiS relating to~~ event affecting the ~~Company’s processing~~ security and / or confidentiality of ~~Personal~~ all or part of the Data; ~~not transfer~~  to enable the Client or allow the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any ~~Personal Data belonging to IHiS or its Affiliates which is held~~ person authorized by the ~~Company~~ latter and provided that this person is ~~protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that~~not a competitor of the Service Provider, to ~~the extent~~ carry out any audit to verify that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company Service Provider complies with its obligations under this ~~Clause 4~~article. ~~RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of~~ the ~~Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return~~ Service Provider undertakes to ~~IHiS all documents~~ cooperate in good faith and ~~materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied~~ without reservation with the ~~requirements~~ auditors as soon as it is notified of ~~this Clause 5.1. Notwithstanding~~ the completion of an audit;  to implement at its expense and without delay any corrective measures outlined in the ~~Purpose or return~~ audit report;  to inform the Client as soon as he becomes aware of a control of the ~~documents~~ CNDP. The Service Provider acknowledges that in the event of a breach of its obligations as defined in this article:  that his responsibility may be criminally liable;  that he may be held liable to the Client for any damage that may be caused as a result of the breach, as well as for the payment of compensation for the damage suffered;  that the Client may terminate this Contract immediately and ~~materials as aforesaid,~~ without compensation in favor of the ~~Company shall continue~~ Service Provider without prejudice to ~~be bound~~ damages to which he could claim. The Service Provider undertakes to respect and to enforce the respect of all the obligations mentioned in this article by ~~the undertakings set out in Clauses 3~~ its management and ~~4 above~~personnel.

Appears in 1 contract

Samples: Service Contract

Protection of Personal Data. ~~The Company shall, in relation to Personal Data: fully comply with all requirements~~ THINGS SOLVER will maintain appropriate technical and organisation measures for protection of the ~~PDPA~~security, ~~including the requirements concerning the collection~~confidentiality and integrity of Customer Data which will include, ~~use and~~ but will not be limited to, measures designed to prevent unauthorized access to or disclosure of ~~Personal~~ Customer Data~~; process Personal Data only~~ . The terms of the personal data processing are specified at legal.thingsolver/data/processing/agreement.pdf (DPA). New release: New version of the services or its component will be provided to the Customer at no charge in accordance with THINGS SOLVER internal new release distribution plan. In the ~~written instructions given~~ event that the delivery of a new version requires provision of integration services, the costs of these services shall be charged to Customer by ~~IHiS~~ Things Solver subsequently, based on the special agreement or Purchase Order, which shall be signed by the Parties. CUSTOMER OBLIGATIONS Customer hereby undertakes to: • use the Services only in compliance with this Agreement and applicable laws and government regulations; • not to ~~such extent necessary and appropriate for the completion~~ make copies of the ~~Purpose~~received documentation except for its own needs without the prior consent of the THINGS SOLVER; ~~promptly deal~~ • perform all obligations under this Agreement in professional manner; • notify the THINGS SOLVER in writing within 15 days from the day of the occurrence of any changes that may be relevant for business cooperation. If the Customer does not act in compliance with this point, and the THINGS SOLVER suffers damage as a result, the Customer is obliged to fully compensate him; • use the Services exclusively for its own needs, i.e. that it cannot transfer its right of use to third parties; • report any ~~enquiry from IHiS relating~~ issue in the operation of the Services to the ~~Company’s processing~~ responsible person of ~~Personal Data; not transfer or allow~~ the Personal Data to be transferred outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company will undertake, THINGS SOLVER as soon as ~~reasonably practicable~~possible; • notify the THINGS SOLVER of changes in the name, ~~all steps to prevent further unauthorised access~~title, ~~disclosure~~ address, status, as well as equipment or ~~other breach~~ services installed on its side which have influence on the THINGS SOLVER’s operations; • comply with the THINGS XXXXXX's instructions regarding the use of ~~this clause (including providing IHiS with such reports or information concerning such steps~~ Services; • Ensure for the conditions necessary for the performance of the Agreement, as ~~and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify~~ well as access to the ~~Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”),~~ information and resources necessary and to ~~perform~~ appoint from among its ~~duties or discharge its liabilities in connection~~ employees the persons who will collaborate with the ~~Purpose~~ THING SOLVERS’s representatives under the Agreement and applicable Purchase Order; • Timely pay the invoices issued by the THINGS SOLVER under the conditions of the Agreement; • to inform the THINGS SOLVER in a timely manner ~~which is consistent with~~ of all facts and changes in circumstances that significantly affect or could affect the ~~PDPA Documentation, and will not cause IHiS to be in breach~~ fulfilment of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 abovecontractual obligations.

Appears in 1 contract

Samples: Subscription Agreement

Protection of Personal Data. The ~~Company shall, in relation to Personal Data: fully comply with all requirements of~~ Law on the ~~PDPA, including the requirements concerning the collection, use and disclosure~~ Protection of Personal ~~Data; process~~ Data effective as of April 7, 2016 (the “Law”) defines the personal data as any information relating to an identified or identifiable natural personal. The Supplier agrees and undertakes that any Personal Data ~~only~~ shared by CCI whether in written or oral form, is obtained, processed and shared in accordance with the ~~written instructions given by IHiS~~ Law and relevant legislation. The Supplier hereby agrees and undertakes to ~~such extent necessary~~ fully comply with the Law and ~~appropriate for~~ relevant legislation; to keep the ~~completion of~~ Personal Data confidential; to prevent the ~~Purpose; promptly deal with any enquiry~~ Personal Data from ~~IHiS relating to the Company’s processing of Personal Data~~unlawful process and access; not to transfer ~~or allow~~ the Personal Data to ~~be transferred outside~~ third parties or overseas; to use and store the Personal Data limited with the purpose and duration of ~~Singapore~~the Agreement or the transaction in general; not to process the Personal Data without explicit consent of the data subject and CCI; without the necessity of a notification from CCI, ~~unless expressly instructed~~ to erase, destroy or ~~authorised by IHiS;~~ otherwise anonymize the Personal Data immediately after the reasons of processing has expired, save for the statutory obligations. The Supplier further undertakes to take all technical and ~~provide all necessary co~~administrative precautions to prevent the Personal Data from unlawful processing and to store the Personal Data limited with the purpose and legal period pursuant to the Law and the relevant legislation. The Supplier guarantees to commensurately identify the authorization of its personnel, sub-~~operation and assistance~~ contractors’ personnel or other individuals (~~whether to IHiS or otherwise~~together shall mean “Personnel”) to ~~allow~~ access ~~and/or correction of~~ and process the Personal Data in ~~accordance~~ a limited manner and in line with the ~~PDPA~~Law and the relevant legislation. ~~Without prejudice~~ The Supplier further ensures that such Personnel shall not transfer or share the methods/passwords used for the authorization to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, access and ~~that only authorised personnel have access to that Personal Data; that, to the extent that~~ process the Personal Data ~~is no longer required by~~ and to inform and educate the ~~Company for legal or business purposes,~~ Personnel about the obligations set forth in the Law and relevant legislation. The Supplier undertakes that ~~Personal Data is destroyed or returned to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other~~ its Personnel shall not breach the terms of this ~~Clause 4 and~~ undertaking even they have ceased working for the ~~Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach~~ Supplier after the signature date of this ~~clause (including providing IHiS with such reports or information concerning such steps as~~ undertaking; otherwise to be under joint and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection several liability together with the ~~Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach~~ related Personnel. The Supplier’s obligations arising out of the ~~same. For~~ Law and relevant legislation survives after the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry expiration or termination of the ~~NDA~~Agreement; however, in any case following the termination/expiration of the Agreement, the Supplier shall return all Personal Data obtained from CCI; shall not keep a record of the same for whatever reason and destroy all Personal Data. The Supplier agrees to ~~IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with~~ fulfill the requirements of CCI pertaining to return or destroy of Personal Data within five (5) business day commencing from the receipt of such requirement. Reporting of any Possible Misconduct Those suppliers who believe that an employee of CCI or any person acting for and on behalf of CCI have engaged in any illegal or otherwise improper conduct should report this ~~Clause 5.1~~to the Company. ~~Notwithstanding~~ The supplier may contact the ~~completion~~ manager of such employee or the ~~Purpose or return~~ Legal Directorate and, apply to third-party operated CCI Ethics Line via telephone at +00 000 000 00 00. The relationship of ~~the documents and materials as aforesaid, the Company~~ a supplier with CCI shall ~~continue to~~ not be ~~bound by the undertakings set~~ affected from a possible misconduct reporting carried out in ~~Clauses 3 and 4 above~~good faith.

Appears in 1 contract

Samples: ccicomtrcdn.cci.com.tr

Protection of Personal Data. ~~The Company shall~~With respect to the parties'’ rights and obligations under this Contract and each Access Agreement, the parties agree that (a) each LAthe CUSTOMER is the Data Controller in ~~relation to Personal Data: fully comply with all requirements of the PDPA, including the requirements concerning the collection, use and disclosure~~ respect of Personal ~~Data; process~~ Data attributable to functions exercisable by that LA CUSTOMER and (b) that the SERVICE PROVIDER is the Data Processor. The SERVICE PROVIDER shall: Pprocess the Personal Data only in accordance with instructions from the ~~written~~ relevant LA CUSTOMER (which may be specific instructions ~~given~~ or instructions of a general nature as set out in this Contract, the applicable Access Agreement or as otherwise notified by ~~IHiS~~ the LA CUSTOMER to the SERVICE PROVIDER during the Term); Pprocess the Personal Data only to the extent, and to in such ~~extent~~ manner, as is necessary ~~and appropriate~~ for the ~~completion~~ provision of the ~~Purpose~~Ordered Software Application Solutions or as is required by Law or any Regulatory Body; ~~promptly deal with any enquiry from IHiS relating~~ implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the ~~Company’s processing~~ harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected; take reasonable steps to ensure the reliability of any SERVICE PROVIDER Personnel who have access to the Personal Data; ~~not~~ obtain prior written consent from each LAthe CUSTOMER in order to transfer ~~or allow~~ the Personal Data attributable to ~~be transferred outside~~ functions exercisable by that LA CUSTOMER to any Sub-Contractors or Affiliates for the provision of ~~Singapore, unless expressly instructed or authorised by IHiS~~the Ordered Software Application Solutions; ~~and provide~~ ensure that all ~~necessary co-operation and assistance (whether~~ SERVICE PROVIDER Personnel required to ~~IHiS or otherwise) to allow~~ access and/or correction of Personal Data in accordance with the PDPA. Without prejudice to Clause 4.1 above, the Company ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data ~~is no longer required by~~ are informed of the ~~Company for legal or business purposes, that~~ confidential nature of the Personal Data ~~is destroyed or returned to IHiS~~ and comply with the obligations set out in ~~accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of~~ this Clause 4 and the Company will undertake, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS)14; and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach ensure that none of the ~~same. For~~ SERVICE PROVIDER Personnel publish, disclose or divulge any of the ~~purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for~~ Personal Data attributable to functions exercisable by any ~~and all potential loss and damage caused~~ LA CUSTOMER to ~~IHiS and/or its Affiliates arising from or in connection with~~ any ~~breach of this clause. Notwithstanding and further to anything stated elsewhere in the NDA, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent~~ third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with its obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within SEVEN (7) days of: completion of the Purpose; receipt of a written request from IHiS; or expiry or termination of the NDA, return to IHiS all documents and materials (and all copies thereof) containing IHiS’ Confidential Information or destroy the same, and certify unless directed in writing to ~~IHiS~~ do so by that LAe CUSTOMER; notify each LAthe CUSTOMER (within five (5) Working Days) if it has complied with the requirements of this Clause 5.1. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.receives:

Appears in 1 contract

Samples: Software Application Solutions Framework Agreement

Protection of Personal Data. The Company shall, in relation to Personal ~~Data:~~ Data:- ensure that it has, in relation to all Personal Data obtained and/or collected by it, fully ~~comply~~ complied with all requirements of the ~~PDPA, including the requirements concerning the collection, use and disclosure~~ Personal Data Protection Act (No. 26 of ~~Personal Data~~2012); process Personal Data only in accordance with the written instructions given by IHiS and to such extent necessary and appropriate for the completion of the Purpose; promptly deal with any enquiry from IHiS relating to the Company’s processing of Personal Data; not transfer or allow the Personal Data to be ~~transferred~~ transferred, outside of Singapore, unless expressly instructed or authorised by IHiS; and provide all necessary co-operation and assistance (whether to IHiS or otherwise) to allow access and/or correction of Personal Data in accordance with the ~~PDPA~~Personal Data Protection Act 2012. Without prejudice to Clause 4.1 above, the Company shall take all reasonable measures to ensure: that any Personal Data belonging to IHiS or its Affiliates which is held by the Company is protected against loss, unauthorised access, use, modification, disclosure or other misuse, and that only authorised personnel have access to that Personal Data; that, to the extent that the Personal Data is no longer required by the Company for legal or business purposes, that Personal Data is destroyed or ~~returned~~ re-delivered to IHiS in accordance with Clause 5 below; that IHiS is immediately alerted in writing (with full particulars) of any unauthorised access, disclosure or other breach of this Clause 4 and the Company ~~will undertake~~undertakes, as soon as reasonably practicable, all steps to prevent further unauthorised access, disclosure or other breach of this clause (including providing IHiS with such reports or information concerning such steps as and when requested by IHiS); and it keeps itself appraised of any and all notices and circulars which IHiS may from time to time notify to the Company, including without limitation any policies, guidelines, circulars or notices relating to personal data (“PDPA Documentation”), and to perform its duties or discharge its liabilities in connection with the Purpose in a manner which is consistent with the PDPA Documentation, and will not cause IHiS to be in breach of the same. For the purposes of this clause, the Company hereby expressly acknowledges and agrees that it has read the PDPA Documentation and is aware of and will compensate IHiS for any and all potential loss and damage caused to IHiS and/or its Affiliates arising from or in connection with any breach of this clause. Notwithstanding and further to anything stated elsewhere in the ~~NDA~~Agreement, IHiS reserves the right and the Company agrees that IHiS may conduct (or appoint a qualified, independent third party to conduct) an audit and/or assessment of the standard of compliance or non-compliance by the Company with ~~its~~ the obligations under this Clause 4. RETURN OF CONFIDENTIAL INFORMATION The Company shall within ~~SEVEN (7)~~ seven days of: completion of the Purpose; or receipt of a written request from IHiS; or expiry or termination of the ~~NDA~~Agreement, return to IHiS all documents and materials (and all copies thereof) containing the IHiS’ Confidential Information or destroy the same, and certify in writing to IHiS that it has complied with the requirements of this ~~Clause 5.1~~sub-clause. Notwithstanding the completion of the Purpose or return of the documents and materials as aforesaid, the Company shall continue to be bound by the undertakings set out in Clauses 3 and 4 above.

Appears in 1 contract

Samples: Non Disclosure Agreement

Common use of Protection of Personal Data Clause in Contracts