PERSONAL DATA PROTECTION ACT 7.1. PAH is committed to protecting the privacy, confidentiality and security of all personal data to which it is entrusted. It has been our policy to ensure your personal information are protected. With the introduction of the Malaysian Personal Data Protection Act 2010 ("PDPA"), we are even committed to ensure the privacy and confidentiality and security of all personal data are protected in line with the PDPA. We process personal data which you have provided to us voluntarily through our website upon your registration and this includes personal data such as your name, address, NRIC and contact details. In this regards, you have expressly consent to our processing of your personal data. If you give us personal data or information about another person, you must first confirm that he/she has appointed you to act for him/her, to consent to the processing of his/her personal data and to receive on his/her behalf any data protection notices. We may request your assistance to procure the consent of such persons whose personal data is provided by you to us and you agree to do so. You shall indemnify us in the event we suffer loss and damage as a result of your failure to comply with the same. We will only retain your personal data for as long as necessary for the fulfilment of the specified purposes or as legislated
7.2. E-Bidders shall be responsible for the confidentiality and use of password and not to reveal the password to anyone at any time and under any circumstances whether intentionally or unintentionally.
7.3. E-Bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. In the event that the password is compromised, the E-Bidders shall immediately notify PAH.
Data Protection Legislation the UK Data Protection Legislation and any other European Union legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of Personal Data (including, without limitation, the privacy of electronic communications) and the guidance and codes of practice issued by the Information Commissioner or relevant government department in relation to such legislation.
Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor.
7.2 The Contractor shall:
7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term);
7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body;
7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department;
7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data;
7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services;
7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7;
7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department;
7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation;
7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department;
7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract;
7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and
7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department.
7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.
Anti-Money Laundering and Red Flag Identity Theft Prevention Programs The Trust acknowledges that it has had an opportunity to review, consider and comment upon the written procedures provided by USBFS describing various tools used by USBFS which are designed to promote the detection and reporting of potential money laundering activity and identity theft by monitoring certain aspects of shareholder activity as well as written procedures for verifying a customer’s identity (collectively, the “Procedures”). Further, the Trust and USBFS have each determined that the Procedures, as part of the Trust’s overall Anti-Money Laundering Program and Red Flag Identity Theft Prevention Program, are reasonably designed to: (i) prevent each Fund from being used for money laundering or the financing of terrorist activities; (ii) prevent identity theft; and (iii) achieve compliance with the applicable provisions of the Bank Secrecy Act, Fair and Accurate Credit Transactions Act of 2003 and the USA Patriot Act of 2001 and the implementing regulations thereunder. Based on this determination, the Trust hereby instructs and directs USBFS to implement the Procedures on the Trust’s behalf, as such may be amended or revised from time to time. It is contemplated that these Procedures will be amended from time to time by the parties as additional regulations are adopted and/or regulatory guidance is provided relating to the Trust’s anti-money laundering and identity theft responsibilities. USBFS agrees to provide to the Trust:
(a) Prompt written notification of any transaction or combination of transactions that USBFS believes, based on the Procedures, evidence money laundering or identity theft activities in connection with the Trust or any Fund shareholder;
(b) Prompt written notification of any customer(s) that USBFS reasonably believes, based upon the Procedures, to be engaged in money laundering or identity theft activities, provided that the Trust agrees not to communicate this information to the customer;
(c) Any reports received by USBFS from any government agency or applicable industry self-regulatory organization pertaining to USBFS’ Anti-Money Laundering Program or the Red Flag Identity Theft Prevention Program on behalf of the Trust;
(d) Prompt written notification of any action taken in response to anti-money laundering violations or identity theft activity as described in (a), (b) or (c) immediately above; and
(e) Certified annual and quarterly reports of its monitoring and customer identification activities pursuant to the Procedures on behalf of the Trust. The Trust hereby directs, and USBFS acknowledges, that USBFS shall (i) permit federal regulators access to such information and records maintained by USBFS and relating to USBFS’ implementation of the Procedures, on behalf of the Trust, as they may request, and (ii) permit such federal regulators to inspect USBFS’ implementation of the Procedures on behalf of the Trust.
IMPLICATIONS UNDER THE LISTING RULES As the relevant percentage ratios (as defined under the Listing Rules) in respect of the maximum amount of financial assistance granted to the Borrowers or their associates pursuant to the Loan Agreement exceed 5% but are under 25%, the transaction contemplated thereunder constitutes a discloseable transaction of the Company and is therefore subject to the announcement requirement but exempt from obtaining Shareholders’ approval under Chapter 14 of the Listing Rules.
Rights Protection Mechanisms and Abuse Mitigation ‐ Registry Operator commits to implementing and performing the following protections for the TLD:
i. In order to help registrars and registrants identify inaccurate data in the Whois database, Registry Operator will audit Whois data for accuracy on a statistically significant basis (this commitment will be considered satisfied by virtue of and for so long as ICANN conducts such audits).
ii. Work with registrars and registrants to remediate inaccurate Whois data to help ensure a more accurate Whois database. Registry Operator reserves the right to cancel a domain name registration on the basis of inaccurate data, if necessary.
iii. Establish and maintain a Domains Protected Marks List (DPML), a trademark protection service that allows rights holders to reserve registration of exact match trademark terms and terms that contain their trademarks across all gTLDs administered by Registry Operator under certain terms and conditions.
iv. At no cost to trademark holders, establish and maintain a Claims Plus service, which is a notice protection mechanism that begins at the end of ICANN’s mandated Trademark Claims period.
v. Bind registrants to terms of use that define and prohibit illegal or abusive activity.
vi. Limit the use of proxy and privacy registration services in cases of malfeasance.
vii. Consistent with the terms of this Registry Agreement, reserve the right to exclude from distribution any registrars with a history of non-‐compliance with the terms of the Registrar Accreditation Agreement.
viii. Registry Operator will be properly resourced to perform these protections.
Compliance with Data Protection Laws 2.1 bookinglab shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data.
2.2 The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.
PERSONAL DATA PROTECTION 7.1 By accessing ESZAM AUCTIONEER SDN BHD website, the E-Bidders acknowledge and agree that ESZAM AUCTIONEER SDN BHD website may collect, retain, or disclose the E-Bidder’s information or any information by the e-bidders for the effectiveness of services, and the collected, retained or disclosed information shall comply with Personal Data Protection Act 2010 and any regulations, laws or rules applicable from time to time.
7.2 ESZAM AUCTIONEER SDN BHD will process E-bidder personal data such as name, address, NRIC and contact number for registration and E-bidding purposes. E-bidders shall be responsible for the username and password of eZ2Bid and not to reveal the password to anyone.
7.3 E-bidders agree to accept all associated risks when using the service in the ESZAM AUCTIONEER SDN BHD website and shall not make any claim for any unauthorized access or any consequential loss or damages suffered.
7.4 E-bidders shall be responsible for the confidentiality and the use of password and not to reveal the password to anyone at any time and under any circumstances, whether intentionally or unintentionally.
7.5 E-bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service.
7.6 E-bidders accept the responsibility that in any event that the password is in the possession of any other person whether intentionally or unintentionally, the E-Bidders shall take precautionary steps for the disclosure, discovery, or the Bidders shall immediately notify ESZAM AUCTIONEER SDN BHD
Implementation Legislation The Contracting Parties shall enact any legislation necessary to comply with, and give effect to, the terms of the Agreement.
Compliance with Anti-Corruption Laws and Sanctions Maintain in effect and enforce policies and procedures designed to ensure compliance by the Borrower, its Subsidiaries and their respective directors, officers, employees and agents with Anti-Corruption Laws and applicable Sanctions.
