Security, etc. 5.1 The Product is supplied “as is,” and QBNK makes no warranty or representation (whether express or implied) that the Product will be free from error, uninterrupted or about the accuracy or fitness for any particular purpose. When Processing Personal Data, Processor shall adopt appropriate technical and organizational measures to ensure a level of security that is appropriate in relation to the level of risk, and to protect Personal Data from unauthorized or unlawful processing, accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to such Personal Data. Under all circumstances, Processor shall implement the measures specified in Appendix 2 of the Agreement. 5.2 Processor shall without undue delay inform Controller in writing of any suspicion of or actual personal data breach that may lead to unintentional or unlawful destruction, loss or modification, or to unauthorized disclosure of or unauthorized access to Personal Data. 5.3 Processor shall provide Controller with the following information in the event of a personal data breach: a) a description of the nature of the personal data breach, categories of and the approximate number of Data Subjects affected, as well as the categories of and approximate number of personal data entries affected; b) the name and contact details of the data protection officer or other contact from whom further details can be obtained; and c) a description of the measures taken or proposed by Processor to address the personal data breach, including measures to mitigate its potential adverse effects. 5.4 When Processing Personal Data, Processor shall assist Controller in meeting its obligations in relation to data protection impact assessments, prior consultations with the supervisory authority concerned and the implementation of appropriate technical and organizational measures, to the extent required by Applicable Data Protection Legislation. If such effort requested from Processor is significant, Processor shall have the right to invoice Controller for such effort on a time and material basis, provided Controller has been notified thereabout before Processor commencing such chargeable work.
Appears in 4 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement