COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.
Personal Effects The Employer agrees to provide adequate lock-up facilities for employees' personal effects, namely purses and/or wallets.
Processing of Personal Data 1.1. With regard to the Processing of Personal Data, You are the controller and determine the purposes and means of Processing of Personal Data You provide to Us (“Controller”) and You appoint Us as a processor (“Processor”) to process such Personal Data (hereinafter, “Data”) on Your behalf (hereinafter, “Processing”). 1.2. The details of the type and purpose of Processing are defined in the Exhibits attached hereto. Except where the DPA stipulates obligations beyond the Term of the Agreement, the duration of this DPA shall be the same as the Agreement Term. 1.3. You shall be solely responsible for compliance with Your obligations under the applicable Data Protection Laws, including, but not limited to, the lawful disclosure and transfer of Personal Data to Us by upload of source data into the Cloud Service or otherwise. 1.4. Processing shall include all activities detailed in this Agreement and the instructions issued by You. You may, in writing, modify, amend, or replace such instructions by issuing such further instructions to the point of contact designated by Us. Instructions not foreseen in or covered by the Agreement shall be treated as requests for changes. You shall, without undue delay, confirm in writing any instruction issued orally. Where We believe that an instruction would be in breach of applicable law, We shall notify You of such belief without undue delay. We shall be entitled to suspend performance on such instruction until You confirm or modify such instruction. 1.5. We shall ensure that all personnel involved in Processing of Customer Data and other such persons as may be involved in Processing shall only do so within the scope of the instructions. We shall ensure that any person Processing Customer Data is subject to confidentiality obligations similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Processing.
Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.
Benefits of Agreement; No Third-Party Rights The provisions of this Agreement are intended solely to benefit the Member and, to the fullest extent permitted by applicable law, shall not be construed as conferring any benefit upon any creditor of the Company (and no such creditor shall be a third-party beneficiary of this Agreement), and the Member shall have no duty or obligation to any creditor of the Company to make any contributions or payments to the Company.
Limitation of Vendor Indemnification and Similar Clauses This is a requirement of the TIPS Contract and is non-negotiable TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, is prohibited from indemnifying third-parties (pursuant to the Article 3, Section 52 of the Texas Constitution) except as otherwise specifically provided for by law or as ordered by a court of competent jurisdiction. Article 3, Section 52 of the Texas Constitution states that "no debt shall be created by or on behalf of the State … " and the Texas Attorney General has opined that a contractually imposed obligation of indemnity creates a "debt" in the constitutional sense. Tex. Att'y Gen. Op. No. MW-475 (1982). Thus, contract clauses which require TIPS to indemnify Vendor, pay liquidated damages, pay attorney's fees, waive Vendor's liability, or waive any applicable statute of limitations must be deleted or qualified with ''to the extent permitted by the Constitution and Laws of the State of Texas." Does Vendor agree? Yes, I Agree TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, does not agree to binding arbitration as a remedy to dispute and no such provision shall be permitted in this Agreement with TIPS. Vendor agrees that any claim arising out of or related to this Agreement, except those specifically and expressly waived or negotiated within this Agreement, may be subject to non-binding mediation at the request of either party to be conducted by a mutually agreed upon mediator as prerequisite to the filing of any lawsuit arising out of or related to this Agreement. Mediation shall be held in either Camp or Titus County, Texas. Agreements reached in mediation will be subject to the approval by the Region 8 ESC's Board of Directors, authorized signature of the Parties if approved by the Board of Directors, and, once approved by the Board of Directors and properly signed, shall thereafter be enforceable as provided by the laws of the State of Texas. Does Vendor agree? Yes, Vendor agrees Does Vendor agree? Yes, Vendor agrees Vendor agrees that nothing in this Agreement shall be construed as a waiver of sovereign or government immunity; nor constitute or be construed as a waiver of any of the privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department. The failure to enforce, or any delay in the enforcement, of any privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department under this Agreement or under applicable law shall not constitute a waiver of such privileges, rights, defenses, remedies, or immunities or be considered as a basis for estoppel. Does Vendor agree? Yes, Vendor agrees Vendor agrees that TIPS and TIPS Members shall not be liable for interest or late-payment fees on past-due balances at a rate higher than permitted by the laws or regulations of the jurisdiction of the TIPS Member. Funding-Out Clause: Vendor agrees to abide by the applicable laws and regulations, including but not limited to Texas Local Government Code § 271.903, or any other statutory or regulatory limitation of the jurisdiction of any TIPS Member, which requires that contracts approved by TIPS or a TIPS Member are subject to the budgeting and appropriation of currently available funds by the entity or its governing body.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
LIABILITY FOR UNAUTHORIZED USE-LOST/STOLEN CARD NOTIFICATION You agree to notify Credit Union immediately, orally or in writing at Florida Credit Union, X.X. Xxx 0000, Xxxxxxxxxxx, XX 00000 or telephone (000) 000-0000 twenty four
Protection of Personal Data 25.1 The Parties agree that they may obtain and have access to personal data for the duration of the Agreement for the fulfilment of the rights and obligations contained herein. In performing the obligations as set out in this Agreement, the Parties shall at all times ensure that: a) they process data only for the express purpose for which it was obtained; b) once processed for the purposes for which it was obtained, all data will be destroyed to an extent that it cannot be reconstructed to its original form; c) data is provided only to authorised personnel who strictly require the personal data to carry out the Parties’ respective obligations under this Agreement; d) they do not disclose personal data of the other Party, other than in terms of this Agreement; e) they have all reasonable technical and organisational measures in place to protect all personal data from unauthorised access and/or use; f) they have appropriate technical and organisational measures in place to safeguard the security, integrity and authenticity of all data in its possession or under its control in terms of this Agreement; g) such personal data is protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access. 25.2 The Parties agree that if personal data will be processed for additional purposes beyond the original purpose for which it was obtained, explicit consent must be obtained beforehand from those persons whose information will be subject to further processing. 25.3 Should it be necessary for either Party to disclose or otherwise make available the personal data to any third party (including sub-contractors and employees), it may do so only with the prior written permission of the other Party. The Party requiring such permission shall require of all such third parties, appropriate written undertakings to be provided, containing similar terms to that set forth in this clause 25, and dealing with that third party's obligations in respect of its processing of the personal data. Following approval by the other Party, the Party requiring permission agrees that the provisions of this clause 25 shall mutatis mutandis apply to all authorised third parties who process personal data. 25.4 The Parties shall ensure that any persons authorized to process data on their behalf (including employees and third parties) will safeguard the security, integrity and authenticity of all data. Where necessary to meet this requirement, the Parties shall keep all personal data and any analyses, profiles, or documents derived therefrom logically separated from all other data and documentation held by it. 25.5 The Parties shall carry out regular assessments to identify all reasonably foreseeable internal and external risks to the personal data in its possession or under its control. The Parties shall implement and maintain appropriate safeguards against the risks which it identifies and shall also regularly verify that the safeguards which it has in place has been effectively implemented. 25.6 The Parties agree that they will promptly return or destroy any personal data in their possession or control which belongs to the other Party once it no longer serves the purpose for which it was collected in relation to this Agreement, subject to any legal retention requirements. This may be at the request of the other Party and includes circumstances where a person has requested the Parties to delete all instances of their personal data. The information will be destroyed in such a manner that it cannot be reconstructed to its original form, linking it to any particular individual or organisation.
Collection of Personal Information 10.1 The Subscriber acknowledges and consents to the fact that the Issuer is collecting the Subscriber’s personal information for the purpose of fulfilling this Agreement and completing the Offering. The Subscriber acknowledges that its personal information (and, if applicable, the personal information of those on whose behalf the Subscriber is contracting hereunder) may be included in record books in connection with the Offering and may be disclosed by the Issuer to: (a) stock exchanges or securities regulatory authorities, (b) the Issuer's registrar and transfer agent, (c) tax authorities, (d) authorities pursuant to the PATRIOT Act (U.S.A.) and (e) any of the other parties involved in the Offering, including the Issuer’s Counsel. By executing this Agreement, the Subscriber is deemed to be consenting to the foregoing collection, use and disclosure of the Subscriber's personal information (and, if applicable, the personal information of those on whose behalf the Subscriber is contracting hereunder) for the foregoing purposes and to the retention of such personal information for as long as permitted or required by applicable laws. Notwithstanding that the Subscriber may be purchasing the Note as agent on behalf of an undisclosed principal, the Subscriber agrees to provide, on request, particulars as to the nature and identity of such undisclosed principal, and any interest that such undisclosed principal has in the Issuer, all as may be required by the Issuer in order to comply with the foregoing. 10.2 Furthermore, the Subscriber is hereby notified that the Issuer may deliver to any government authority having jurisdiction over the Issuer, the Subscriber or this Subscription, including the SEC and/or any state securities commissions, certain personal information pertaining to the Subscriber, including the Subscriber’s full name, residential address and telephone number, the number of Shares or other securities of the Issuer owned by the Subscriber, the principal amount of Note purchased by the Subscriber, the total Subscription Amount paid for the Note and the date of distribution of the Note.
