Segregation control. It is ensured that personal data collected for different purposes are not mixed in their processing. To this end, multitenant systems are used where necessary, or systems are physically or logically separated.
Segregation control. Separation of personal data must be ensured by different storage locations or by client separation.
Segregation control. Personal data collected for different purposes is processed separately in compliance with Swedish legislation and Volvo security rules. Test and production environments are strictly separated from each other, according to Dealer rules, and a developer can never update the production environment. This ensures separation of duties. Data from different customers are in most cases divided from each other physically. However, the storage philosophy adopted by Volvo IT depends on shattering. This means that all information is split between different media, which in turn means that if one physical media would be compromised, the information would not be able to be recovered. Client data are stored via CIFS for internal Customers using ACL (Access Control List) in AD and for external customers Volvo IT has dedicated logical storage systems. NFS is the storage system holding export rights. Servers/data base via FCP are using LUN security in the storage system and Zoning in the SAN network, to secure correct access of server disks.
Segregation control. Personal data collected for different purposes is processed separately in compliance with Swedish legislation and VOLVO security rules.
Segregation control. The Service Provider must process data collected for different purposes separately (i.e. measures to provide for separate processing (storage, amendment, deletion, transmission) of data for different purposes must be in place). In addition, the Service Provider and any of its subcontractors will not store, process or access any data received from the ESM outside of the euro area without the ESM’s prior written consent. If the Service Provider or any of its subcontractors want to store, process or access any personal data received from the ESM outside of the European Economic Area, in addition to receiving the ESM’s prior written consent, the Parties will agree on adequate contractual safeguards with respect to the protection of personal data outside of the European Economic Area. The Service Provider is responsible for ensuring that all of its Employees, subcontractors and any other persons acting on behalf of the Service Provider in the performance of the Services will comply with all aspects of and all obligations arising out of this § 12 and Xxxxx XX and III and will be liable for any breach by them of these obligations. Without prejudice to Clause 1.5 (Reporting) of Xxxxx XX hereto the Service Provider shall report to the ESM any actual or suspected breach of confidentiality, integrity and/or availability of ESM data, including personal data, held by or processed by the Service Provider. Such reports shall be issued within 24 hours upon identifying the breach and shall contain details on the actions undertaken to investigate and repair such breach.
Segregation control. Processor undertakes the following measures to separate the Processing of Personal Data: • Data Processing for different controllers is made on server systems which are separated by a system of logical and physical access controls in the network as required such that each controller only has access to its own data.
Segregation control. Sophos maintains and applies a quality control process for the deployment of new cus- tomer products; • Testing and production environments are separate; • New software, systems and developments are tested prior to release to the production environment.
Segregation control. The Data Processor separates the environment for development, software, engineering, from the environment for testing and the environment for operations and has put in place several controls to ensure the code development, testing and production data handling environments are separated. E.g. employees within the development team do not have access to the same systems as the employees within the test or operation team. Separate cryptographic credentials are used to access development, test, operations and production environments, critical network operations systems are further isolated from the corporate, development and test network environments. The separation is supervised by granular logging of access to the production and operations servers, change control processes and by the responsible management.
Segregation control. “Trennungskontrolle”)
Segregation control. Measures to ensure that data collected for different purposes can be processed separately, in particular but not limited to user profiles and authorisation concept.
