Technical and Organisational Measures (1) Before the commencement of processing, the Supplier shall document the execution of the necessary Technical and Organisational Measures, set out in advance of the awarding of the Order or Contract, specifically with regard to the detailed execution of the contract, and shall present these documented measures to the Client for inspection. Upon acceptance by the Client, the documented measures become the foundation of the contract. Insofar as the inspection/audit by the Client shows the need for amendments, such amendments shall be implemented by mutual agreement.
(2) The Supplier shall establish the security in accordance with Article 28 Paragraph 3 Point c, and Article 32 GDPR in particular in conjunction with Article 5 Paragraph 1, and Paragraph 2 GDPR. The measures to be taken are measures of data security and measures that guarantee a protection level appropriate to the risk concerning confidentiality, integrity, availability and resilience of the systems. The state of the art, implementation costs, the nature, scope and purposes of processing as well as the probability of occurrence and the severity of the risk to the rights and freedoms of natural persons within the meaning of Article 32 Paragraph 1 GDPR must be taken into account. [Details in Appendix 1]
(3) The Technical and Organisational Measures are subject to technical progress and further development. In this respect, it is permissible for the Supplier to implement alternative adequate measures. In so doing, the security level of the defined measures must not be reduced. Substantial changes must be documented.
Technical and Organizational Measures The following sections define SAP’s current technical and organizational measures. SAP may change these at any time without notice so long as it maintains a comparable or better level of security. Individual measures may be replaced by new measures that serve the same purpose without diminishing the security level protecting Personal Data.
Certification Regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code, PROVIDER certifies it is not engaged in business with Iran, Sudan, or a foreign terrorist organization. PROVIDER acknowledges this Purchase Order may be terminated if this certification is or becomes inaccurate.
Public Posting of Approved Users’ Research Use Statement The PI agrees that information about themselves and the approved research use will be posted publicly on the dbGaP website. The information includes the PI’s name and Requester, project name, Research Use Statement, and a Non-Technical Summary of the Research Use Statement. In addition, and if applicable, this information may include the Cloud Computing Use Statement and name of the CSP or PCS. Citations of publications resulting from the use of controlled-access datasets obtained through this DAR may also be posted on the dbGaP website.
Professional Organizations During the Term, Executive shall be reimbursed by the Company for the annual dues payable for membership in professional societies associated with subject matter related to the Company's interests. New memberships for which reimbursement will be sought shall be approved by the Company in advance.
Table C - Receiving Organisation Enterprise The Receiving Organisation/Enterprise will provide financial support to the trainee for the traineeship: Yes ☐ No ☐ If yes, amount (EUR/month): ……….. The Receiving Organisation/Enterprise will provide a contribution in kind to the trainee for the traineeship: Yes ☐ No ☐ If yes, please specify: …. The Receiving Organisation/Enterprise will provide an accident insurance to the trainee (if not provided by the Sending Institution): Yes ☐ No ☐ The accident insurance covers: - accidents during travels made for work purposes: Yes ☐ No ☐ - accidents on the way to work and back from work: Yes ☐ No ☐ The Receiving Organisation/Enterprise will provide a liability insurance to the trainee (if not provided by the Sending Institution): Yes ☐ No ☐ The Receiving Organisation/Enterprise will provide appropriate support and equipment to the trainee. Upon completion of the traineeship, the Organisation/Enterprise undertakes to issue a Traineeship Certificate within 5 weeks after the end of the traineeship. By signing this document, the trainee, the Sending Institution and the Receiving Organisation/Enterprise confirm that they approve the Learning Agreement and that they will comply with all the arrangements agreed by all parties. The trainee and Receiving Organisation/Enterprise will communicate to the Sending Institution any problem or changes regarding the traineeship period. The Sending Institution and the trainee should also commit to what is set out in the Erasmus+ grant agreement. The institution undertakes to respect all the principles of the Erasmus Charter for Higher Education relating to traineeships. Trainee Trainee Responsible person12 at the Sending Institution Supervisor13 at the Receiving Organisation During the Mobility Table A2 - Exceptional Changes to the Traineeship Programme at the Receiving Organisation/Enterprise (to be approved by e-mail or signature by the student, the responsible person in the Sending Institution and the responsible person in the Receiving Organisation/Enterprise) Planned period of the mobility: from [month/year] ……………. till [month/year] ……………. Knowledge, skills and competences to be acquired by the end of the traineeship (expected Learning Outcomes): Address of the Receiving Organisation/Enterprise [street, city, country, phone, e-mail address], website:
Abuse and Neglect of Children and Vulnerable Adults:
Abuse Registry Party agrees not to employ any individual, to use any volunteer or other service provider, or to otherwise provide reimbursement to any individual who in the performance of services connected with this agreement provides care, custody, treatment, transportation, or supervision to children or to vulnerable adults if there has been a substantiation of abuse or neglect or exploitation involving that individual. Party is responsible for confirming as to each individual having such contact with children or vulnerable adults the non-existence of a substantiated allegation of abuse, neglect or exploitation by verifying that fact though (a) as to vulnerable adults, the Adult Abuse Registry maintained by the Department of Disabilities, Aging and Independent Living and (b) as to children, the Central Child Protection Registry (unless the Party holds a valid child care license or registration from the Division of Child Development, Department for Children and Families). See 33 V.S.A. §4919(a)(3) and 33 V.S.A. §6911(c)(3).
CERTIFICATION REGARDING CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree to the following required by Texas law as of September 1, 2021: Proposing Company is prohibited from entering into a contract or other agreement relating to critical infrastructure that would grant to the company direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the Proposing Company for product warranty and support purposes. Company, certifies that neither it nor its parent company nor any affiliate of company or its parent company, is (1) owned by or the majority of stock or other ownership interest of the company is held or controlled by individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; (2) a company or other entity, including governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or (3) headquartered in China, Iran, North Korea, Russia, or a designated country. For purposes of this contract, “critical infrastructure” means “a communication infrastructure system, cybersecurity system, electric grid, hazardous waste treatment system, or water treatment facility.” See Tex. Gov’t Code § 2274.0101(2) of SB 1226 (87th leg.). The company verifies and certifies that company will not grant direct or remote access to or control of critical infrastructure, except for product warranty and support purposes, to prohibited individuals, companies, or entities, including governmental entities, owned, controlled, or headquartered in China, Iran, North Korea, Russia, or a designated country, as determined by the Governor.
State Approval of Replacement Personnel The Engineer may not replace the project manager or key personnel without prior consent of the State. The State must be satisfied that the new project manager or other key personnel is qualified to provide the authorized services. If the State determines that the new project manager or key personnel is not acceptable, the Engineer may not use that person in that capacity and shall replace him or her with one satisfactory to the State within forty-five (45) days.
Certification Regarding Prohibition of Boycotting Israel (Tex Gov. Code 2271)
