Security and Data. 3.1 In this Framework and each Agreement, references to "controller", "data subject", "personal data", "personal data breach", "processor" and "processing" have the meanings set out in the GDPR (and "process" and "processed" shall be construed accordingly).
3.2 Each party will comply with applicable Data Protection Legislation in relation to its respective activities under and in connection with this Framework and each Agreement, including compliance with Article 5 GDPR (data protection principles) and all applicable data security requirements in respect of personal data that each party holds (including Article 32 GDPR).
3.3 Our Privacy Policy explains how we collect and use personal data.
3.4 We are, together, joint controllers with you in respect of our Service Offerings, except to the extent expressly stated otherwise in an Order. We are, for certain purposes, a controller in our own right where we determine the purposes for which we process data, such as the use of our own data assets (which may include cookies, other online identifiers, behavioural data and other personal data collected by us via our provision of the Service Offerings, as more fully explained in our Privacy Policy) to support and/or enhance the delivery of our Service Offerings and/or for the creation of new solutions or services created for the benefit of our clients.
3.5 Article 26 of the GDPR requires that joint controllers must determine, in a transparent manner, their respective responsibilities for compliance with the obligations under GDPR. Our respective responsibilities in this regard are set out below and in our Privacy Policy, except as may be amended by written agreement between us in an Order.
3.6 In respect of personal data that you share with us and/or that we collect when providing our Service Offerings to you:
(a) we shall process the personal data only for the agreed purposes identified in our Privacy Policy and each Agreement, and not for any other purpose;
(b) we shall promptly notify you and provide such co-operation and information as you may reasonably require if we:
(i) receive any written request, notice or complaint from a data subject exercising their rights under GDPR or any correspondence or written communication from the ICO or any other relevant regulator in relation to the processing of the personal data; and/or
(ii) become aware of any personal data breach affecting the personal data, in each case in (i) and (ii) to the extent required to enable you to...
Security and Data. 9.1 Abtech shall make all good faith efforts to safeguard and protect equipment, programs, Documentation, and files from damage, loss, or corruption while performing all services but cannot warrant or guarantee complete security. It shall be the sole responsibility of Client to ensure the security of their system, data, programs, and files. Transfer of Client data may be across the public internet and encryption is highly recommended for security. A reliable and verified system backup procedure shall be the responsibility of Client. Client shall have at a minimum, two (2) verified current system backups available prior to Abtech performing any task on Client equipment or Intellectual Property, or the installation of any hardware provided to Client by Abtech, regardless if Abtech personnel are involved in the services to implement such hardware or not. Abtech will not be responsible for loss of data under any circumstance, including but not limited to damage, theft, total or partial loss, corruption, or inaccuracy. If access to data is temporarily disrupted due to the gross negligence or willful misconduct of Abtech, Abtech shall, at its own expense and as Client’s sole remedy, restore Client data from Client’s verified current system backup.
Security and Data. 9.1 Instabase has implemented the Enterprise Security Measures detailed at xxxxx://xxxxxxxxx.xxx/trust/enterprise-security-measures/ to secure Customer Data in connection with Customer’s use of the Software. For further detail, please visit the Instabase Trust Center located at xxxxx://xxxxxxxxx.xxx/trust.
9.2 Customer represents and warrants that it has obtained all necessary rights and authorizations to submit Customer Data to Instabase for the purposes contemplated by the Agreement. If Customer Data includes any personal data relating to identifiable individuals, Customer is responsible for the lawfulness of such data and for providing notice to individuals and obtaining any necessary consents as required under applicable data protection laws. Customer is solely responsible for the accuracy, content and legality of Customer Data, and Instabase does not assume any obligations with respect to Customer Data other than as expressly set forth in the Agreement or as required by applicable law.
9.3 Customer agrees that it shall not submit any Customer Data to Instabase that (a) contains any worm, virus or other malicious code which is designed to destroy, disable, harm, disrupt the operation of, enable unauthorized access to, erase, destroy or modify any software, hardware, network or technology; or (b) violates applicable laws or any third-party intellectual property, privacy, publicity or other rights.
9.4 Customer shall not submit any Customer Data to Instabase that contains (i) cardholder data as defined under the Payment Card Industry Data Security Standard ("cardholder data") or (ii) protected health information as defined under the Health Insurance Portability and Accountability Act ("PHI") unless Customer has entered into an Order that explicitly permits the submission of such Customer Data.
9.5 Instabase will access, process and use Customer Data in connection with Customer’s use of the Software in accordance with applicable privacy and data protection laws. Instabase’s GDPR Data Protection Addendum (“DPA”), available at xxxxx://xxxxxxxxx.xxx/trust/DPA, is incorporated by reference and applies to the extent that Customer Data provided by or on behalf of Customer to Instabase includes any personal data that is subject to the General Data Protection Regulation 2016/679 or applicable data protection laws of the United Kingdom or Switzerland.
9.6 Instabase shall be permitted to delete any Customer Data which may be in its possession (e.g., if submitted vi...
Security and Data. Envestnet shall use all commercially reasonable efforts to provide accurate and fit for purpose data security and systems security which includes system level access security measures and data-level access security measures. Envestnet shall actively maintain security of the private label web pages through a combination of application level preventative checks and web-site exposure prevention. Envestnet shall use commercially reasonable efforts to ensure that all relevant data on Envestnet’s web server or other relevant computer systems relating to the Platform Services provided hereunder are backed up on a regular basis. At any time, FundQuest may submit a written request for a copy of the FundQuest Data. Following receipt of such request, Envestnet shall send FundQuest a copy of FundQuest Data stored on the FQ Platform. Without relieving FundQuest’s requirement to maintain all books and records in accordance with the Securities Exchange Act of 1934, as amended, or by the Investment Advisers Act of 1940, as amended, and any other applicable regulations, in the event there are any periods of time during the provision of Platform Services where FundQuest does not have a complete set of any records generated or received by Envestnet in performing the Platform Services and that are required under Rule 204-2 of the rules promulgated under the Advisers Act (including, without limitation, emails and written correspondence, trade tickets, error runs, journals, ledgers, FundQuest Data, etc.), Envestnet shall reasonably assist FundQuest by providing FundQuest with such records, as required by FundQuest, then in Envestnet’s possession.
Security and Data. 5.1. The Customer shall ensure (and maintain) the Account’s confidentiality and security for any activity in or through the Account.
5.2. The Customer guarantees that the Customer is entitled to upload, transmit and store the information (e.g. in the form of text, images, audio-visual material et al) that it uploads, transmits or stores via the Software.
5.3. The Customer shall use the Software only for business-appropriate and legal purposes and is not entitled to use the Software for other measures (including but not limited to uploading, transmitting, delivering, running, or saving malicious code, malware, or illegal content).
5.4. The Customer is required to comply with at each time the applicable software or hardware guidelines for ExtendaGO POS and third-party suppliers. Any violation of these T&Cs (including mentioned guidelines) will entitle the Supplier to terminate the Customer’s Account.
5.5. Any information the Customer submits to the Supplier’s website or via the Software can be intercepted by others, even if such information is encrypted. The Customer bears the full risk of hacking, viruses or breaches in relation to its submission and shall indemnify the Supplier in case of any damages caused under such circumstances.
5.6. When the Customer creates an account, the Customer simultaneously uploads various requisite business information that is needed to use the Software (“Account Content”). The Customer ensures not to, either through its Account or Sub-accounts, upload or allow to be uploaded content to the Software, unless the Customer is entitled to upload the relevant information and use it within the Software. Also, the Customer ensures that such information uploaded shall be free from bugs, viruses or similar interruptions.
5.7. The Customer grants the Supplier an unrestricted, non-exclusive, royalty-free, fully-paid, transferable right to use, reproduce, modify, adapt, publish, prepare derivative work of, distribute, publicly perform and publicly display any Account Content and transaction data, worldwide on/in all media to provide and promote the Software and the Supplier’s business.
5.8. The Customer agrees that the Supplier may collect, use and disclose quantitative data derived from the use of the Software for industry analysis, benchmarking, analytics, marketing, and other business purposes. All data collected, used, and disclosed must be in aggregate form only and must not identify the Customer or its users
Security and Data. 7.1 Kong’s Security Measures. Kong will maintain and implement technical and organizational measures and applicable policies and procedures to help protect any personal data and Customer Confidential Information collected by it in performance of this Agreement against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and which provide a level of security appropriate to the risk represented by the processing and the nature of the data to be protected. Further, Kong will maintain a security program under which Kong documents, implements and maintains the physical, administrative, and technical safeguards necessary to comply with the law, including applicable data protection laws, that applies to Kong’s provision of the Software, Support Services and/or Professional Services to Customer under this Agreement.
7.2 Customer’s Security Measures. Kong does not host the Software or control the Customer Network Environment, and the Customer acknowledges and agrees that Customer must undertake technical and organizational measures to help protect the Software, the Customer Network Environment and Customer Payload Data. Customer is responsible for properly configuring and using the Software and taking its own steps to maintain appropriate security, protection and backup of its data, including Customer Payload Data.
Security and Data. CoinList shall provide accurate and fit-for-purpose data security and systems security which includes, without limitation, system level access security measures and data-level access security measures and measures to prevent the theft or compromise of authorized users’ credentials or other Customer Data. CoinList shall ensure that all relevant data on CoinList’s web server or other relevant computer systems relating to the Services provided hereunder are backed up on a regular basis. CoinList will maintain at all times policies and procedures that address administrative, technical and physical safeguards that are reasonably designed to insure the security and confidentiality of any Customer Data, protecting against any reasonably anticipated threats or unauthorized access to or use of such Customer Data. CoinList will promptly notify Customer of any actual or reasonably suspected unauthorized access, use, or disclosure of Customer Data. Customer will have the right, during normal business hours upon reasonable advance notice, to inspect CoinList’s policies and practices for preserving the security of Customer Data.
Security and Data. 36.1. The Service Provider must comply with the Authority’s policies concerning Baseline Personnel Security Standard clearance and such modifications to those policies or replacement policies as are notified to the Service Provider from time to time.
36.2. The Service Provider must notify the Authority of any matter or other change in circumstances which might adversely affect future Baseline Personnel Security Standard clearance.
36.3. The Service Provider shall not delete or remove any proprietary notices contained within or relating to the Data.
36.4. The Service Provider shall not store, copy, disclose, or use the Data except as necessary for the performance by the Service Provider of its obligations under this Contract or as otherwise expressly authorised in writing by the Authority.
36.5. The Service Provider shall preserve the integrity of Data and prevent the corruption or loss of Data, ensuring at all times that the relevant Data is under its control or the control of any Sub- contractor.
36.6. The Service Provider shall perform secure back-ups of all Data and shall ensure that up-to-date back-ups are stored off-site in accordance with the BCDR Plan. The Service Provider shall ensure that such back-ups are available to the Authority (or to such other person as the Authority may direct) at all times upon request and are delivered to the Authority at such other intervals as may be agreed in writing between the Parties.
36.7. The Service Provider shall ensure that any system on which the Service Provider holds any Data, including back-up data, is a secure system that complies with the Security Plan.
36.8. The Service Provider shall at all times when performing the Services comply with the terms of BCDR Plan.
36.9. If the Data is corrupted, lost or sufficiently degraded as a result of the Service Provider's Default so as to be unusable, the Authority may:
36.9.1. require the Service Provider (at the Service Provider's expense) to restore or procure the restoration of Data to the extent and in accordance with the requirements specified in Schedule 6 (Testing Procedures & Business Continuity and Disaster Recovery) Section B and the Service Provider shall do so as soon as practicable but not later than 5 Working Days from the date of receipt of the Authority’s notice; and/or
36.9.2. itself restore or procure the restoration of Data, and shall be repaid by the Service Provider any reasonable expenses incurred in doing so to the extent and in accordance wi...
Security and Data. 10.1 Abtech shall make all good faith efforts to safeguard and protect equipment, programs, documentation, and files from damage, loss, or corruption while performing Service but cannot warrant or guarantee complete security. It shall be the sole responsibility of Client to ensure the security of their system, data, programs, and files. Transfer of Client data may be across the public internet and encryption is highly recommended for security. A reliable and verified system backup procedure shall be the responsibility of Client. Client shall have at a minimum, two (2) verified current system backups available prior to Abtech performing any task on Client equipment or Intellectual Property. Abtech will not be responsible for loss of data under any circumstance, including but not limited to damage, theft, total or partial loss, corruption, or inaccuracy. If access to data is temporarily disrupted due to the gross negligence or willful misconduct of Abtech, Abtech shall, at its own expense and as Client’s sole remedy, restore Client data from Client’s verified current system backup.
10.2 At no time will Abtech accept, store, or be responsible for any data that is regulated by law, including but not limited to Protected Health Information (as defined by HIPAA Privacy rule), personally identifying information, credit card information, or any financial information.
Security and Data. 12 Security 12.1 We will, from time to time, specify Security Procedures which must be adopted in order to use the Service. We may also make changes to this Agreement in accordance with clause 7 in connection with changes to the Security Procedures or require that you enter into supplemental or separate agreements in respect of such procedures.
