Common use of SECURITY BREACH MANAGEMENT AND NOTIFICATION Clause in Contracts

SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 ZeeMee will promptly notify College, without undue delay, after ZeeMee becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unlawful access to any College’s Personal Data that is transmitted, stored or otherwise Processed by ZeeMee or its Subprocessors of which ZeeMee becomes aware (“Security Breach”). ZeeMee will use reasonable efforts to identify the cause of such Security Breach and shall promptly and without undue delay: (a) investigate the Security Breach and provide College with information about the Security Breach, including if applicable, such information a Data Processor must provide to a Data Controller under Article 33(3) of the GDPR to the extent such information is reasonably available; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach to the extent the remediation is within ZeeMee’s reasonable control. The obligations herein shall not apply to any breach that is caused by College or it Authorized Users. Notification will be delivered to College in accordance with Section 7.3 below. 7.2 ZeeMee’s obligation to report or respond to a Security Breach under this Section is not and will not be construed as an acknowledgement by ZeeMee of any fault or liability with respect to the Security Breach.

SECURITY BREACH MANAGEMENT AND NOTIFICATION. 7.1 ZeeMee will promptly notify College, without undue delay, after ZeeMee becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unlawful access to any College’s Personal Data that is transmitted, stored or otherwise Processed by ZeeMee or its Subprocessors of which ZeeMee becomes aware (“Security Breach”). ZeeMee will use reasonable efforts to identify the cause of such Security Breach and shall promptly and without undue delay: (a) investigate the Security Breach and provide College with information about the Security Breach, including if applicable, such information a Data Processor must provide to a Data Controller under Article 33(3) of the GDPR to the extent such information is reasonably available; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach to the extent the remediation is within ZeeMee’s reasonable control. The obligations herein shall not apply to any breach that is caused by College or it Authorized Users. Notification will be delivered to College in accordance with Section 7.3 below. 7.2 . ZeeMee’s obligation to report or respond to a Security Breach under this Section is not and will not be construed as an acknowledgement by ZeeMee of any fault or liability with respect to the Security Breach.