SECURITY BREACH MANAGEMENT AND NOTIFICATION. Conga maintains security incident management policies and procedures and shall, to the extent permitted by law, promptly notify You of any actual or reasonably suspected unauthorized disclosure of Personal Data, by Conga or its Sub-processors of which Conga becomes aware (a “Security Breach”). To the extent such Security Breach is caused by a violation of the requirements of this DPA by Conga, Conga shall make reasonable efforts to identify and remediate the cause of such Security Breach.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 If Bluecore becomes aware of a Security Breach, Bluecore will promptly notify Customer of the Security Breach. Notifications made pursuant to this section will describe, to the extent possible, details of the Security Breach, including steps taken to mitigate the potential risks and steps Bluecore recommends Customer take to address the Security Breach.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 CA will promptly notify Customer, without undue delay, after CA becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unlawful access to any Customer’s Personal Data that is transmitted, stored or otherwise Processed by CA or its Subprocessors of which CA becomes aware (“Security Breach”). CA will use reasonable efforts to identify the cause of such Security Breach and shall promptly and without undue delay: (a) investigate the Security Breach and provide Customer with information about the Security Breach, including if applicable, such information a Data Processor must provide to a Data Controller under Article 33(3) of the GDPR to the extent such information is reasonably available; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach to the extent the remediation is within CA’s reasonable control. The obligations herein shall not apply to any breach that is caused by Customer or it Authorized Users. Notification will be delivered to Customer in accordance with Section 7.3 below.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 ZeeMee will promptly notify College, without undue delay, after ZeeMee becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unlawful access to any College’s Personal Data that is transmitted, stored or otherwise Processed by ZeeMee or its Subprocessors of which ZeeMee becomes aware (“Security Breach”). ZeeMee will use reasonable efforts to identify the cause of such Security Breach and shall promptly and without undue delay: (a) investigate the Security Breach and provide College with information about the Security Breach, including if applicable, such information a Data Processor must provide to a Data Controller under Article 33(3) of the GDPR to the extent such information is reasonably available; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach to the extent the remediation is within ZeeMee’s reasonable control. The obligations herein shall not apply to any breach that is caused by College or it Authorized Users. Notification will be delivered to College in accordance with Section 7.3 below.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. FF maintains security incident management policies and procedures and shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by FF or its Sub-processors of which FF becomes aware (a “Customer Data Incident”). FF shall make reasonable endeavours to identify the cause of such Customer Data Incident and take those steps as FF deems necessary and reasonable in order to remediate the cause of such a Customer Data Incident to the extent the remediation is within FF’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. Xactly maintains security incident management policies and procedures and shall, to the extent permitted by law, notify Customer’s designated contact as set forth by Customer in the signature block below, without undue delay (and in any event within 72 hours of confirmation), of any breach of security leading to the actual or reasonably suspected unauthorized disclosure of Personal Data by Xactly or its Sub-processors of which Xactly becomes aware (a “Security Breach”). Any such notification is not an acknowledgement of fault or responsibility. To the extent such Security Breach is caused by a violation of the requirements of this DPA by Xactly, Xactly shall make reasonable efforts to identify and remediate the cause of such Security Breach. Xactly will reasonably assist the Customer to comply with its reporting obligations under applicable Data Protection Laws and Regulations in connection with the Security Breach, including by providing at least the following information to the extent available:
SECURITY BREACH MANAGEMENT AND NOTIFICATION. Conga maintains security incident management policies and procedures and shall, to the extent permitted by law, without undue delay, and in any event within 48 hours of becoming aware, notify Customer of any actual or reasonably suspected unauthorized access, use, modification, or disclosure of Personal Data in connection with the Processing of that Personal Data by Conga or Conga’s Sub-processors (a “Security Breach”). Such notice will include all available details required under Data Protection Laws and Regulations to enable Customer to comply with its notification obligations to regulatory authorities or to Data Subjects affected by the Security Breach. Conga shall make all reasonable efforts to identify and take all reasonable steps to remediate the cause of such Security Breach.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 Service Provider shall, in accordance with the EU Rules, notify the Customer and/or the supervisory authority as soon as any Personal Data Breach with respect to the Personal Data occurs, but no later than 48 hours from the discovery of such a Personal Data Breach. Service Provider’s notification of or response to a Personal Data Breach under this Section 7.1 will not be construed as an acknowledgement by Service Provider of any fault or liability with respect to the Personal Data Breach.
SECURITY BREACH MANAGEMENT AND NOTIFICATION. IIJ maintains security incident management policies and procedures and shall, notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by IIJ or its Sub-processors of which IIJ becomes aware (a “Customer Data Incident”). IIJ shall make reasonable efforts to identify the cause of such Customer Data Incident and take those steps as IIJ deems necessary and reasonable in order to remediate the cause of such a Customer Data Incident to the extent the remediation is within IIJ’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users. IIJ will not contact data subject directly, unless the controller is unable to do so itself, requests IIJ’s assistance in notifying the data subject and IIJ has the reasonable means to make a notification on the controller’s behalf.
SECURITY BREACH MANAGEMENT AND NOTIFICATION eGain maintains security incident management policies and procedures specified in its Security, Privacy and Architecture Documentation (or its equivalent) and shall, to the extent permitted by law, promptly notify Customer of any actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored, or otherwise Processed by eGain or its Sub-processors, of which eGain becomes aware (a “Security Breach”). To the extent such Security Breach is caused by a violation of the requirements of this ADDENDUM by eGain, eGain shall make reasonable efforts to identify and remediate the cause of such Security Breach to the extent remediation is within eGain's reasonable control. RETURN AND DELETION OF CUSTOMER DATA eGain shall return Customer Data to Customer or delete Customer Data in accordance with the procedures and timeframes specified in the Security, Privacy and Architecture Documentation or in the Agreement, unless there is a legal requirement to hold the Customer Data. Customer is responsible for specifying the amount of storage and data retention period for Customer Data in the Agreement and is responsible for all costs associated with this requirement.
