Common use of Protection of Personal Information Clause in Contracts

Protection of Personal Information. 36.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 8.1. The Supplier Contractor acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT City is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 8.2. The Contractor agrees that they will at all times comply with POPIA and CCT's City’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 8.3. The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 8.4. The Contractor agrees that it shall notify CCT the City immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 8.5. Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe City. 36.6 8.6. The Contractor hereby indemnifies and holds the CCT City harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the City arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 8.7. The Contractor agrees that CCT the City may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 35.1 The Supplier acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT Purchaser is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 35.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Purchaser’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 35.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 35.4 The Contractor supplier agrees that it shall notify CCT the Purchaser immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 35.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe Purchaser. 36.6 35.6 The Contractor Supplier hereby indemnifies and holds the CCT Purchaser harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the Purchaser arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 35.7 The Contractor Supplier agrees that CCT the Purchaser may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. DRAFT 36.1 The Supplier acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT Purchaser is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Purchaser’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor supplier agrees that it shall notify CCT the Purchaser immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe Purchaser. 36.6 The Contractor Supplier hereby indemnifies and holds the CCT Purchaser harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the Purchaser arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor Supplier agrees that CCT the Purchaser may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. DRAFT 36.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 39.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 39.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 39.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors Suppliers or other authorised individuals comes into contact in relation to the service level agreement. 36.4 39.4 The Contractor Supplier agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 39.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 39.6 The Contractor Supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 39.7 The Contractor Supplier agrees that CCT may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 33.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 33.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 33.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors Suppliers or other authorised individuals comes into contact in relation to the service level agreement. 36.4 33.4 The Contractor Supplier agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 33.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 33.6 The Contractor Supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractorsSuppliers') non-compliance with applicable data protection laws and/or other legislation. 36.7 33.7 The Contractor Supplier agrees that Purchaser/CCT may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 The Supplier acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT Purchaser is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 35.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Purchaser’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 35.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 35.4 The Contractor supplier agrees that it shall notify CCT the Purchaser immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 35.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe Purchaser. 36.6 35.6 The Contractor Supplier hereby indemnifies and holds the CCT Purchaser harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the Purchaser arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 35.7 The Contractor Supplier agrees that CCT the Purchaser may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 42.1 The Supplier Contractor acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 42.2 The Contractor agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 42.3 The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 42.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 42.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 42.6 The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation.. - 36.7 42.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 38.1 The Supplier Contractor acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 38.2 The Contractor agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 38.3 The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 38.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 38.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 38.6 Subject to the supplier’s limitation of liability, the supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the supplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 38.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 The Supplier Contractor acknowledges that, in performing the Services, it may be processing Personal Information on behalf of the IESO and this section 11 shall apply to the extent that it does. The Contractor acknowledges that it holds all Personal Information on behalf of the IESO, that such Personal Information remains under the control of the IESO and that the Contractor shall not acquire any right, title or interest in or to any Personal Information. The Contractor acknowledges that the IESO is an institution under FIPPA and that all Personal Information processed by the Contractor on behalf of the IESO is subject to the provisions of FIPPA relating to the protection of personal information. The Contractor shall protect all Personal Information processed by it with physical, organizational and technological safeguards that are appropriate to the nature, quantity and sensitivity of such information, applying security standards and procedures at least equivalent to those used by it to protect its own confidential information and the personal information of the Contractor's personnel and other individuals whose information it collects or holds, and in conformity with any specific security instructions provided to it by the IESO. The Contractor shall limit access to all Personal Information to the Contractor's personnel who have a need for such access in order to perform the Services. The Contractor shall process Personal Information only for the purposes of performing the Services and in accordance with instructions received from the IESO. The Contractor shall promptly refer all requests by third parties for access to any Personal Information in its possession or custody to the IESO. The Contractor shall not disclose any Personal Information to third parties other than persons who have a need to know to enable the Contractor to perform the Services, except with the prior consent of the IESO or as may be required by law. The IESO and/or its authorized representatives shall have the right to enter upon any premises of the Contractor or any locations where the Contractor processes Personal Information at any time during normal business hours and from time to time, upon at least twenty-four (24) hours prior notice, for the purposes of inspecting and auditing the service level agreementContractor's adherence to the provisions of this Contract. Both during the term of this Contract and after any termination or expiry thereof, they may come into contact with the Contractor shall: 1) retain all records containing Personal Information for such period of time as is necessary to satisfy the requirements of all applicable laws, or have access to personal information and other information that for such longer period of time (if any) as may be classified specified by the IESO; and 2) promptly upon each request therefor, make available to the IESO any and all records containing any Personal Information so requested by the IESO. The foregoing provisions of this paragraph shall survive any termination or deemed as private or confidential and for which CCT is responsible in terms expiry of POPIAthis Contract. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The In the course of performing the Services, the Contractor agrees that they will shall at all times conduct itself in a manner that does not cause the IESO to be in contravention of Applicable Legal Requirements. The Contractor shall be responsible for compliance by all Contractor's subcontractors and personnel with the provisions of this section 11 and with all Applicable Legal Requirements. The Contractor shall notify the IESO forthwith upon its becoming aware of any Breach and shall provide to the IESO full information respecting such Breach sufficient to enable it to comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their its obligations in terms of the service level agreement. 36.3 under Applicable Legal Requirements. The Contractor agrees that it shall put in placenotify the IESO forthwith of any demand, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors order or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information requirement of a data subject has been accessed governmental authority to disclose or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA provide access to any third party without Personal Information and shall take all reasonable steps requested by the prior written consent of CCTIESO to respond to such demand, order or requirement, including assisting the IESO in opposing disclosure or access through court proceedings. 36.6 The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 6.1 The Supplier acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT City is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 6.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's City’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 6.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 6.4 The Contractor Supplier agrees that it shall notify CCT the City immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 6.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe City. 36.6 6.6 The Contractor Supplier hereby indemnifies and holds the CCT City harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the City arising from or in relation to the ContractorSupplier 's (and/or its employees', agents' and sub-contractors') non-non- compliance with applicable data protection laws and/or other legislation. 36.7 6.7 The Contractor Supplier agrees that CCT the City may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 33.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 33.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 33.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors Suppliers or other authorised individuals comes into contact in relation to the service level agreement. 36.4 33.4 The Contractor Supplier agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person.. ES DM VD 36.5 33.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 33.6 The Contractor Supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractorsSuppliers') non-compliance with applicable data protection laws and/or other legislation. 36.7 33.7 The Contractor Supplier agrees that Purchaser/CCT may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 The Supplier acknowledges that, for the purposes of the service level this agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT Purchaser is responsible in terms of Protection of Personal Information Act (“POPIA”). Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Purchaser’s Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor supplier agrees that it shall notify CCT the Purchaser immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCTthe Purchaser. 36.6 The Contractor Supplier hereby indemnifies and holds the CCT Purchaser harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT the Purchaser arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor Supplier agrees that CCT the Purchaser may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 The Supplier Contractor acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement. 36.3 The Contractor agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 The Contractor hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the Contractor's (and/or its employees', agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 33.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be deemed or considered as private and confidential as it relates to POPIA. 36.2 33.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, or to provide the goods and to perform their obligations in terms of the service level agreement.. KLJ PM PP ES 36.3 33.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors Suppliers or other authorised individuals comes into contact in relation to the service level agreement. 36.4 33.4 The Contractor Supplier agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 33.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior written consent of CCT. 36.6 33.6 The Contractor Supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and costs of whatsoever nature suffered by CCT arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractorsSuppliers') non-compliance with applicable data protection laws and/or other legislation. 36.7 33.7 The Contractor Supplier agrees that Purchaser/CCT may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard. 37. Performance Monitoring 37.1 As required by section 116(2)(b) of the Local Government: Municipal Financial Management Act 56 of 2003, the City shall monitor the performance of the supplier on at least a monthly basis, and the supplier agrees to provide the City with its full cooperation in this regard. KLJ PM PP . ‘ANNEXURE A’ Date CITY OF CAPE TOWN City Manager Civic Centre 00 Xxxxxxx Xxxxxxxxx Cape Town 8000 Dear Sir TENDER NO.: 102G/2022/23 NAME OF SUPPLIER: I, the undersigned, do hereby confirm and warrant that all the insurances required in terms of the abovementioned contract have been issued and/or in the case of blanket/umbrella policies, have been endorsed to reflect the interests of the CITY OF CAPE TOWN with regard to the abovementioned contract, and that all the insurances and endorsements, etc., are all in accordance with the requirements of the contract. I furthermore confirm that all premiums in the above regard have been paid. Yours faithfully Signed: KLJ PM PP ES For: (Supplier’s Insurance Broke

Protection of Personal Information. 36.1 The Supplier acknowledges that, for the purposes of the service level agreement, they may come into contact with or have access to personal information and other information that may be classified or deemed as private or confidential and for which CCT is responsible in terms of POPIA. Such personal information may also be alsobe deemed or considered as private and confidential as it relates to POPIA. 36.2 The Contractor Supplier agrees that they will at all times comply with POPIA and CCT's Privacy Notice, and that it shall only collect, use and process personal information it comes into contact with pursuant to this agreement in agreementin a lawful manner, and only to the extent required to execute the services, or to provide the goods and/or services and to perform their obligations in terms of the service level agreement. 36.3 The Contractor Supplier agrees that it shall put in place, and at all times maintain, appropriate physical, technological and contractual security measures to ensure the protection and confidentiality of the personal information that it, or its employees, its contractors suppliers or other authorised individuals comes into contact in relation to relationto the service level agreement. 36.4 The Contractor Supplier agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised unauthorized person. 36.5 Unless so required by law, the Contractor Supplier agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without the prior theprior written consent of CCT. 36.6 The Contractor Supplier hereby indemnifies and holds the CCT harmless against all claims, losses, damages and damagesand costs of whatsoever nature suffered by CCT arising from or in relation to the ContractorSupplier's (and/or its employees', agents' and sub-contractorssuppliers') non-compliance with applicable data protection laws and/or other legislation. 36.7 The Contractor Supplier agrees that CCT may conduct regular data protection audits on the Contractor Supplier and undertakes to give its full co-operation in this regard.

Protection of Personal Information. 36.1 a) The Supplier acknowledges thatfollowing terms shall bear the same meaning as contemplated in Section 1 of the Protection of Personal Information Act 4 of 2013 (“POPIA”): consent; person; personal information; processing; record; Regulator as well as any terms derived from these terms of the POPIA. b) Transnet will process all information by the Respondent in terms of the requirements contemplated in Section 4(1) of the POPIA: Accountability; Processing limitation; Purpose specification; Further processing limitation; Information quality; Openness; Security safeguards and Data subject participation. c) Transnet agrees that in submitting any information or documentation requested in the RFP and in this Agreement, the Service provider consents to the processing of their personal information for the purposes purpose of, but not limited to, risk assessment, contract award, contract management, auditing, legal opinions/litigation, investigations (if applicable), document storage for the legislatively required period, destruction, de-identification and publishing of the service level agreement, personal information by Transnet and/or its authorized appointed third parties. d) The Parties agree that they may come into contact with or obtain and have access to personal information for the fulfilment of the rights and other obligations contained herein. In performing the obligations as set out in this Agreement, the Parties shall always ensure that: i. they process personal information that may be classified or deemed as private or confidential and only for the express purpose for which CCT it was obtained. ii. once processed for the purposes for which it was obtained, all personal information will be destroyed to an extent that it cannot be reconstructed to its original form, subject to any legal retention requirements. iii. Personal information is responsible provided only to authorized personnel who strictly require the personal iv. they do not disclose personal information of the other Party, other than in terms of POPIA. Such this Agreement. v. they have all reasonable technical and organizational measures in place to protect all personal information may also be deemed or considered as private and confidential as it relates to POPIAfrom unauthorized access and/or use. 36.2 The Contractor agrees that vi. they will at all times comply with POPIA have appropriate technical and CCT's Privacy Noticeorganizational measures in place to safeguard the security, integrity, and that it shall only collect, use and process personal authenticity of all information it comes into contact with pursuant to this agreement in a lawful manner, and only to the extent required to execute the services, their possession or to provide the goods and to perform under their obligations control in terms of the service level agreementthis Agreement. 36.3 vii. they identify all reasonably foreseeable internal and external risks to personal information in their possession or under their control; establish and maintain appropriate safeguards against the risks identified; regularly verify that the safeguards are effectively implemented; and ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards. viii. such personal information is protected against unauthorized or unlawful processing, accidental loss, destruction or damage, alteration, disclosure, or access. 23.1 The Contractor agrees Parties agree that if personal information will be processed for additional purposes beyond the original purpose for which it shall put in placewas obtained, and at all times maintain, appropriate physical, technological and contractual security measures explicit consent must be obtained beforehand from those persons whose information will be subject to ensure the protection and confidentiality of such processing. 23.2 Should it be necessary for either Party to disclose or otherwise make available the personal information that it, or its employees, its contractors or other authorised individuals comes into contact in relation to the service level agreement. 36.4 The Contractor agrees that it shall notify CCT immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person. 36.5 Unless so required by law, the Contractor agrees that it shall treat the personal information as confidential and further not disclose any personal information as defined in POPIA to any third party without (including sub-contractors and employees) that is not already consented to, it may do so only with the prior written consent of CCTthe other Party. The Party requiring such consent shall require of all such third parties, appropriate written undertakings to be provided, containing similar terms to that set forth in this clause, and dealing with that third party's obligations in respect of its processing of the personal information. Following approval by the other Party, the Party requiring consent agrees that the provisions of this clause shall mutatis mutandis apply to all authorized third parties who process personal information. 36.6 23.3 The Contractor hereby indemnifies Parties shall ensure that any persons authorized to process information on their behalf (including employees and holds third parties) will safeguard the CCT harmless security, integrity, and authenticity of all information. Where necessary to meet this requirement, the Parties shall keep all personal information and any analyses, profiles, or documents derived therefrom logically separated from all other information and documentation held by it. 23.4 The Parties shall carry out regular assessments to identify all reasonably foreseeable internal and external risks to the personal information in its possession or under its control. The Parties shall implement and maintain appropriate safeguards against all claimsthe risks which it identifies and shall also regularly verify that the safeguards which it has in place have been effectively implemented. 23.5 The Parties agree that they will promptly return, losses, damages and costs of whatsoever nature suffered by CCT arising from destroy or de-identify any personal information in their possession or control which belongs to the other Party once it no longer serves the purpose for which it was collected in relation to this Agreement, subject to any legal retention requirements. This may be at the Contractor's (and/or request of the other Party and includes circumstances where a person has requested the Parties to delete all instances of their personal information. The information will be destroyed or de-identified in such a manner that it cannot be reconstructed to its employees'original form, agents' and sub-contractors') non-compliance with applicable data protection laws and/or other legislationlinking it to any individual or organization. 36.7 The Contractor agrees that CCT may conduct regular data protection audits on the Contractor and undertakes to give its full co-operation in this regard.