Security and Security Breaches. Huacheng shall implement appropriate administrative, organisational, physical and technical safeguards to protect the confidentiality, integrity and availability of the Personal Data consistent with applicable Regulations, including, without limitation, to protect the Personal Data against destruction, loss, unauthorised disclosure or access, or any other form of unlawful processing. To clarify, Huacheng shall consider the state of the art and implementation costs when considering the appropriateness of such administrative, organisational, physical and technical safeguards, and ensure that such measures offer an appropriate level of security given the risks associated with Processing and the nature of the Personal Data to be protected. Huacheng shall implement and maintain in any event adequate Security Measures (Appendix 2). Huacheng may update or modify the Security Measures from time to time, provided that such updates and modifications do not result in any degradation of the level of security. Huacheng shall, without undue delay and, where feasible, but no later than thirty-six (36) hours after discovery, notify Partner of any actual or reasonably suspected (i) accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed; or (ii) a breach of the security measures as referred to in this Article 6 (a “Security Breach”). Huacheng shall also notify Partner if a Security Breach takes place at a Subprocessor. Huacheng shall maintain procedures aimed at detecting, responding to and recovering from Security Breaches. The notification shall at least: describe the nature of the Security Breach, including, where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned; describe whether the Personal Data are encrypted, anonymised or otherwise made incomprehensible; communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; describe the likely consequences of the Security Breach; and describe the measures that Huacheng has taken, or proposes taking, to address the Security Breach, including, where appropriate, measures to mitigate its possible adverse effects. At Partner’s request, Huacheng shall provide all reasonable cooperation to handling the Security Breach, such as informing Supervisory Authorities an...
Security and Security Breaches. 6.1. Dahua shall implement appropriate administrative, organisational, physical and technical safeguards to protect the confidentiality, integrity and availability of the Personal Data consistent with applicable Regulations, including, without limitation, to protect the Personal Data against destruction, loss, unauthorised disclosure or access, or any other form of unlawful processing. To clarify, Dahua shall consider the state of the art and implementation costs when considering the appropriateness of such administrative, organisational, physical and technical safeguards, and ensure that such measures offer an appropriate level of security given the risks associated with Processing and the nature of the Personal Data to be protected.
Security and Security Breaches. 7.1. Processor shall implement appropriate administrative, organisational, physical and technical safeguards to protect the confidentiality, integrity and availability of the Personal Data consistent with Applicable Regulations, including, without limitation, to protect the Personal Data against destruction, loss, unauthorised disclosure or access, or any other form of unlawful processing, modification or copying. To clarify, Processor shall consider the state of the art and implementation costs when considering the appropriateness of such administrative, organisational, physical and technical safeguards, and ensure that such measures offer an appropriate level of security given the risks associated with Processing and the nature of the Personal Data to be protected.
Security and Security Breaches. 7.1. Optos shall implement appropriate organisational and technical measures to protect the confidentiality, integrity and availability of the Personal Data consistent with Data Protection Laws, including, without limitation, to protect the Personal Data against destruction, loss, unauthorised disclosure or access, or any other form of unlawful processing. To clarify, Optos shall consider the state of the art and implementation costs when considering the appropriateness of such organisational and technical measures and ensure that such measures offer an appropriate level of security given the risks associated with Processing and the nature of the Personal Data to be protected.
Security and Security Breaches. All IC must adopt, implement, and maintain appropriate administrative, technical and physical safeguards to protect against anticipated threats or hazards to the security of confidential information, including Customer and IC Data. These safeguards must be appropriate to the sensitivity of the information. Appropriate safeguards for electronic and paper records may include but are not limited to: (i) encrypting data before electronically transmitting it; (ii) storing records in a secure location; and (iii) password-protecting computer files and securely shredding paper files containing confidential information. IC must keep confidential information secure from all persons who do not have legitimate business needs to see or use such information. IC must ensure they obtain and maintain consent from prospective Customers/ICs and existing Customers/ICs before sharing such data with the Company. IC must comply with all applicable privacy and data security laws, including any security breach notification laws. Without limitation of the preceding sentence, in the event of an actual or suspected Security Breach affecting Company’s data, the applicable IC shall first promptly notify the Company Compliance Department in writing after becoming aware of such Security Breach, and if instructed by the Compliance Department, notify applicable Customers/ICs. Any such notification to Customers/ICs shall be made in compliance with applicable law and shall specify the following: (i) the extent to which Customer/IC Data was or was suspected to be disclosed or compromised; (ii) the circumstances of the Security Breach; (iii) the date or period of time on which it occurred; (iv) a description of the information affected; (v) a description of the steps taken to reduce the risk of harm from the Security Breach; (vi) contact informa- tion for a person able to answer questions regarding the Security Breach; (vii) any other information required by the applicable law; and (viii) in the case of a notice to a privacy commissioner or other regulatory body, an assessment of the risk of harm to any affected persons and an estimate of the number of persons affected. ICs shall promptly comply with all applicable information Security Breach disclosure laws. ICs, at their expense, shall cooperate with Company, any applicable privacy commissioner or other regulatory body and the applicable Customers/ICs and use their best efforts to mitigate any potential damage caused by a breach of their obl...
