Return or Deletion of Personal Data. 8.1. Upon termination of the Provider Agreement or upon request by RSA, whichever is first, Provider shall, and ensure that its Representatives, Subcontractors, and Subprocessors immediately cease all Processing of RSA Data and return the RSA Data to RSA in a secure manner as directed by RSA, or dispose of, destroy, or render permanently anonymous all RSA Data and certify in writing that the RSA Data has been disposed of, destroyed, or rendered permanently anonymous. 8.2. If a law, rule, or regulation requires Provider to keep any RSA Data, Provider shall not use the RSA Data for any purpose other than as required by such law, rule, or regulation. Provider shall remain bound to the provisions of the Provider Agreement and any non-disclosure agreement for as long as the RSA Data is in Provider’s possession or control.
Appears in 5 contracts
Samples: Data Processing Addendum, Data Processing Addendum, Data Protection Agreement
