Transfers of Personal Data Oracle may store or transfer Your Content on a global basis as necessary for the Purpose(s). Oracle and its affiliates may perform certain aspects of the Services (e.g., administration, maintenance, support, disaster recovery, data processing, etc.) from locations and through subcontractors, worldwide. Data transfers are made subject to the terms of the EU Standard Contractual Clauses for Controllers (“Clauses”) if: (a) You (or Your data partner) share, use, or process Personal Data under this Agreement; and (b) such data transfer is: (i) subject to any restrictions or requirements under Directive 95/46/EC or Regulation (EU) 2016/679 repealing Directive 95/46/EC (General Data Protection Regulation); and (ii) made to countries, jurisdictions or recipients outside the EEA or Switzerland not recognized by the European Commission as ensuring an adequate level of protection pursuant to Directive 95/46/EC or General Data Protection Regulation. You and Oracle agree that incorporation of the Clauses into this Agreement acts as a legally-binding execution of the Clauses as entered into between Oracle (acting in its own name and in the name and on behalf of the Oracle affiliates) and You (acting in Your own name and in the name and on behalf of Your affiliates).
Transfer of Personal Information Supplier warrants to DXC that Personal Information provided to Supplier or obtained by Supplier under this Agreement on behalf of DXC (including any SOW) shall not be transferred across national boundaries unless authorized by law or specified within this Agreement or the applicable SOW as authorized for transfer across national boundaries. Supplier agrees that any such transfer will only be made in compliance with applicable Data Privacy Laws. If there is a conflict between this Section ‘Data Protection and Privacy’ and the other provisions of this Agreement, the requirements of this Section shall take precedence.
Transfer of Personal Data The Participant authorizes, agrees and unambiguously consents to the transmission by the Company (or any Subsidiary) of any personal data information related to the RSUs awarded under this Agreement for legitimate business purposes (including, without limitation, the administration of the Plan). This authorization and consent is freely given by the Participant.
Your Personal Data 17.1. PCSIL is a registered Data Controller with the Data Protection Commission in Ireland.
17.2. In order for us to provide you with the services relating to your Account, we are required to collect and process personal data about you, Additional Cardholders and Authorised Persons, with your consent or on a legal basis to meet our obligations for Anti-Money Laundering legislation or other governmental organisation. Where applicable, if an Account holder is under 16, then parental consent is explicitly required.
17.3. Your consent will be sought for collection of your data and you have the right to agree or decline. Where you decline consent for the collection and processing of your data, we reserve our right to discontinue service due to our obligations as a financial services institution.
17.4. We may disclose or check your personal data with other organisations and obtain further information about you in order to verify your identity and comply with applicable money laundering and governmental regulations. A record of our enquiries will be left on your file.
17.5. We may pass your personal data on to third-party service providers contracted to PCSIL in the course of dealing with your Account. Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to fulfil the service they provide you on our behalf. Where we transfer the personal data to a third country or international organisation, we ensure this is done securely and that they meet a minimum standard of data protection in their country.
17.6. You have the right to receive information concerning the personal data we hold about you and to rectify such data where it is inaccurate or incomplete. You have the right to object to or withdraw any consent you have given for certain types of processing such as direct marketing.
17.7. Your data will be retained for 6 years after the end of the provision of services to you, where your data will be destroyed in compliance with the requirements of the General Data Protection Regulation.
17.8. In the event that you wish to make a complaint about how your personal data is being processed by us (or third parties as described in 17.5 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PCSIL’s Data Protection Officer.
17.9. Our Privacy Policy provides full details on your rights as a data subject and our obligations as a data controller. Please read this document carefully and ensure you understand your rights.
Personal Data Registry Operator shall (i) notify each ICANN-‐accredited registrar that is a party to the registry-‐registrar agreement for the TLD of the purposes for which data about any identified or identifiable natural person (“Personal Data”) submitted to Registry Operator by such registrar is collected and used under this Agreement or otherwise and the intended recipients (or categories of recipients) of such Personal Data, and (ii) require such registrar to obtain the consent of each registrant in the TLD for such collection and use of Personal Data. Registry Operator shall take reasonable steps to protect Personal Data collected from such registrar from loss, misuse, unauthorized disclosure, alteration or destruction. Registry Operator shall not use or authorize the use of Personal Data in a way that is incompatible with the notice provided to registrars.
Confidential Information and Restricted Activities Employee has entered into the Company’s Employee Proprietary Information Agreement (“EPIA”) and acknowledges his or her obligations thereunder. The EPIA is specifically incorporated into this Agreement.
Authorization to Release and Transfer Necessary Personal Information The Grantee hereby explicitly and unambiguously consents to the collection, use and transfer, in electronic or other form, of the Grantee’s personal data by and among, as applicable, the Company and its Subsidiaries for the exclusive purpose of implementing, administering and managing the Grantee’s participation in the Plan. The Grantee understands that the Company may hold certain personal information about the Grantee, including, but not limited to, the Grantee’s name, home address and telephone number, date of birth, social security number (or any other social or national identification number), salary, nationality, job title, number of Award Units and/or shares of Common Stock held and the details of all Award Units or any other entitlement to shares of Common Stock awarded, cancelled, vested, unvested or outstanding for the purpose of implementing, administering and managing the Grantee’s participation in the Plan (the “Data”). The Grantee understands that the Data may be transferred to the Company or to any third parties assisting in the implementation, administration and management of the Plan, that these recipients may be located in the Grantee’s country or elsewhere, and that any recipient’s country (e.g., the United States) may have different data privacy laws and protections than the Grantee’s country. The Grantee understands that he or she may request a list with the names and addresses of any potential recipients of the Data by contacting his or her local human resources representative or the Company’s stock plan administrator. The Grantee authorizes the recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the sole purpose of implementing, administering and managing the Grantee’s participation in the Plan, including any requisite transfer of such Data to a broker or other third party assisting with the administration of Award Units under the Plan or with whom shares of Common Stock acquired pursuant to the vesting of the Award Units or cash from the sale of such shares may be deposited. Furthermore, the Grantee acknowledges and understands that the transfer of the Data to the Company or to any third parties is necessary for the Grantee’s participation in the Plan. The Grantee understands that the Grantee may, at any time, view the Data, request additional information about the storage and processing of the Data, require any necessary amendments to the Data or refuse or withdraw the consents herein by contacting the Grantee’s local human resources representative or the Company’s stock plan administrator in writing. The Grantee further acknowledges that withdrawal of consent may affect his or her ability to vest in or realize benefits from the Award Units, and the Grantee’s ability to participate in the Plan. For more information on the consequences of refusal to consent or withdrawal of consent, the Grantee understands that he or she may contact his or her local human resources representative or the Company’s stock plan administrator.
Consent to Transfer Personal Data By signing this Agreement, the Recipient voluntarily acknowledges and consents to the collection, use, processing and transfer of personal data as described in this paragraph. The Recipient is not obliged to consent to such collection, use, processing and transfer of personal data. However, failure to provide the consent may affect the Recipient's ability to participate in the Plan. The Company and its subsidiaries hold certain personal information about the Recipient, including name, home address and telephone number, date of birth, social security number or other employee identification number, salary, nationality, job title, any shares of stock or directorships held in the Company, details of all entitlement to shares of stock awarded, canceled, purchased, vested, unvested or outstanding in the Recipient's favor, for the purpose of managing and administering the Plan ("Data"). The Company and/or its subsidiaries will transfer Data amongst themselves as necessary for the purpose of implementation, administration and management of the Plan, and the Company and/or any of its subsidiaries may each further transfer Data to any third parties assisting the Company in the implementation, administration and management of the Plan. These recipients may be located in the European Economic Area, or elsewhere throughout the world, including the United States. The Recipient authorizes such recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the purposes of implementing, administering and managing the Recipient's participation in the Plan, including any requisite transfer of such Data as may be required for the administration of the Plan and/or the subsequent holding of shares of stock on the Recipient's behalf to a broker or other third party with whom the Recipient may elect to deposit any shares of stock acquired pursuant to the Plan. The Recipient may, at any time, review Data, require any necessary amendments to it or withdraw the consents herein in writing by contacting the Company; however, withdrawing consent may affect the Recipient's ability to participate in the Plan.
Protection of Personal Information Party agrees to comply with all applicable state and federal statutes to assure protection and security of personal information, or of any personally identifiable information (PII), including the Security Breach Notice Act, 9 V.S.A. § 2435, the Social Security Number Protection Act, 9 V.S.A. § 2440, the Document Safe Destruction Act, 9 V.S.A. § 2445 and 45 CFR 155.260. As used here, PII shall include any information, in any medium, including electronic, which can be used to distinguish or trace an individual’s identity, such as his/her name, social security number, biometric records, etc., either alone or when combined with any other personal or identifiable information that is linked or linkable to a specific person, such as date and place or birth, mother’s maiden name, etc.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
