Security of Personal Data. 5.1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of Processing Personal Data.
Security of Personal Data. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Company shall maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing Personal Data. Exhibit C sets forth additional information about Company’s technical and organizational security measures.
Security of Personal Data a. The Processor shall at a minimum implement the technical and organizational measures specified in Appendix 2 to ensure the security of the Personal Data. This includes protecting the Personal Data against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to the Personal Data. In assessing the appropriate level of security, the parties shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purposes of processing and the risks involved for the Data Subjects.
b. The Processor shall grant access to the Personal Data undergoing processing to members of its personnel only to the extent necessary for implementing, managing and monitoring of the Services Agreement. The Processor shall ensure that persons authorized to process the Personal Data received have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
Security of Personal Data. 6.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Zoom shall maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of Processing Personal Data, including, but not limited to, the security measures set out in Exhibit B.
6.2 The Zoom shall implement such measures to ensure a level of security appropriate to the risk involved, including as appropriate:
6.2.1 the pseudonymisation and encryption of personal data;
6.2.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
6.2.3 the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and
6.2.4 a process for regularly testing, assessing and evaluating the effectiveness of security measures.
Security of Personal Data. 6.1 Zoom may not update the Services in a way that would remove Customer's choice to apply end to end encryption to Meetings, introduce any functionality that would purposefully allow anyone not authorized by the Customer to gain access to Customer encryption keys or Customer content, or remove the ability to store recordings locally.
6.2 Zoom certifies that it has not purposefully created any “back doors” or similar programming in the Services that could be used by third parties to access the system and/or personal data. Zoom has not purposefully created or changed its business processes in a manner that facilitates such third party access to personal data or systems. Zoom certifies there is no applicable law or government policy that requires Zoom as importer to create or maintain back doors or to facilitate access to personal data or systems or for the importer to be in possession of or to hand over the encryption key.
6.3 Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Zoom shall maintain appropriate technical and organizational measures with regard to Customer Personal Data and to ensure a level of security appropriate to the risk, including, but not limited to, the “Security Measures” set out in Annex II to the Standard Contractual Clauses (attached here as EXHIBIT B). Customer acknowledges that the Security Measures are subject to technical progress and development and that Zoom may update or modify the Security Measures from time to time, provided that such updates and modifications do not degrade or diminish the overall security of the Services.
Security of Personal Data. We will take appropriate technical, physical and organisational measures to protect the Personal Data collected through the Website from misuse or accidental, unlawful or unauthorised destruction, loss, alteration, disclosure, acquisition or access, that are consistent with applicable privacy and data security laws and regulations. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control. Our Website may contain links to other websites. We are not responsible for the privacy practices, content or security used by such other websites, which shall not be governed by this Privacy Policy. We advise you to always carefully read the privacy policies on these other websites.
Security of Personal Data a. Adobe has implemented and maintains reasonable and appropriate Technical and Organizational Measures for Cloud Services regarding the protection of Personal Data Processed under these terms, assessable via this link: xxxxx://xxx.xxxxx.xxx/go/CloudSvcsTOSM.
b. Adobe has obtained the third-party certifications and audits evaluating these Technical and Organizational Measures and which are listed on Adobe´s Trust Center website (also accessible via xxxxx://xxx.xxxxx.xxx/security/compliance.html).
c. Adobe´s Technical and Organizational Measures are subject to technical progress and further development. Accordingly, Adobe reserves the right to modify the Technical and Organizational Measures provided that the functionality and security of the Cloud Services are not degraded.
Security of Personal Data. 1. Considering the scope of technical knowledge, cost of implementation, and the character, scope, context and purposes of processing, as well as the risk of violation of the rights and freedoms of physical persons of different probabilities and seriousness levels, The Data Processor shall implement proper technical and organizational means to ensure that processing of Personal Data takes place in compliance with GDPR.
2. The list of technical and organisational means implemented by the Data Processor constitutes Appendix #1 to this Agreement.
3. The Data Processor shall perform recurring reviews and updates of the technical and organisational means employed to ensure they are compliant with GDPR at any given time. Changes to Appendix #1 shall not constitute changes to this Data Processing Agreement.
Security of Personal Data. 4.4.1. PROVIDER warrants that it maintains and shall continue to maintain adequate security measures (technical and organisational) to protect Personal Data against accidental loss, destruction, damage, alteration, unauthorized disclosure of, or access to, and against all other unlawful forms of processing, considering (i) the nature, scope, context, and purposes of the processing, (ii) risks posed to Data Subjects, (iii) the state-of-the-art, and (iv) implementation expenses, including, inter alia, as appropriate: • the pseudonymisation and/or encryption of Personal Data when possible/appropriate; • the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services; • the ability to restore the availability of and access to Personal Data in a timely manner in the event of a physical or technical incident; • an established process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures; • measures to identify vulnerabilities with regards to the processing of Personal Data in systems used to provide PROVIDER Services to the COMPANY; • other reasonable security measures agreed upon by the Parties. A specification of technical and organisational measures implemented by PROVIDER is available at xxxxx://xxx.xxxxxxx.xxx/assets/downloads/Technical_and_organisational_measures.pdf, and a list of certifications is available at xxxxx://xxx.xxxxxxx.xxx/company.
4.4.2. At the request of the COMPANY, PROVIDER shall demonstrate the measures it has taken pursuant to this Article, allowing the COMPANY to audit and test such measures in accordance with Article 4.7. of this DPA.
4.4.3. The COMPANY acknowledges that the PROVIDER Services include certain features and functionalities that INFOBIP requires as a minimum standard, for the COMPANY to implement and use since those may impact the security of the data processed by the COMPANY’s use of the PROVIDER Services. The list of security rules and recommendations, maintained by PROVIDER in accordance with applicable best practices, is regularly updated and available to the COMPANY at xxxxx://xxx.xxxxxxx.xxx/docs/essentials/security-recommendations. The COMPANY is responsible for the proper configuration of configurable parameters and usage of the available features and functionalities to maintain the appropriate level of security considering the nature of the data processed through PROVIDER Services. In case the COMPAN...
Security of Personal Data. Both organisations have responsibilities under the General Data Protection Regulation and the Data Protection Act and it is essential that all staff are trained in this regard and understand their responsibilities to ensure personal and organisational compliance in this area. PHSO and LGSCO have exchanged copies of appropriate information handling policies and both parties are satisfied that there are appropriate policies in place for handling and processing of personal data and Information Security, including the handling of information security breaches. Data Protection training is in place at both organisations and regularly rolled out to all staff. In the event of a security breach involving joint working information or staff, there must be liaison between the two bodies’ Data Protection Officers straightaway so that a risk assessment can be undertaken and decisions made about the best approach in terms of containment of the breach and any requirements to report the breach to the Information Commissioner’s Office. Each organisation’s Senior Information Risk Owner can decide to report a breach by their own organisation (while simultaneously discussing this with the other organisation). If one organisation’s SIRO becomes aware of a breach by the other organisation, they should raise it with the other organisation’s Data Protection Officer straightaway, but will reserve the right to report the breach even if the other organisation’s SIRO decides not to.