Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto.
8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.
Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them:
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor.
7.2 The Contractor shall:
7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term);
7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body;
7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department;
7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data;
7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services;
7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7;
7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department;
7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation;
7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department;
7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract;
7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and
7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department.
7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.
Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.
Virus Protection The Bank is not responsible for any electronic virus or viruses that you may encounter. We suggest that you routinely scan your PC using a virus protection product. An undetected virus may corrupt and destroy your programs, files, and your hardware.
PERSONAL DATA PROTECTION ACT 7.1. PAH is committed to protecting the privacy, confidentiality and security of all personal data to which it is entrusted. It has been our policy to ensure your personal information are protected. With the introduction of the Malaysian Personal Data Protection Act 2010 ("PDPA"), we are even committed to ensure the privacy and confidentiality and security of all personal data are protected in line with the PDPA. We process personal data which you have provided to us voluntarily through our website upon your registration and this includes personal data such as your name, address, NRIC and contact details. In this regards, you have expressly consent to our processing of your personal data. If you give us personal data or information about another person, you must first confirm that he/she has appointed you to act for him/her, to consent to the processing of his/her personal data and to receive on his/her behalf any data protection notices. We may request your assistance to procure the consent of such persons whose personal data is provided by you to us and you agree to do so. You shall indemnify us in the event we suffer loss and damage as a result of your failure to comply with the same. We will only retain your personal data for as long as necessary for the fulfilment of the specified purposes or as legislated
7.2. E-Bidders shall be responsible for the confidentiality and use of password and not to reveal the password to anyone at any time and under any circumstances whether intentionally or unintentionally.
7.3. E-Bidders agree to comply with all the security measures related to safety of the password or generally in respect of the use of the service. In the event that the password is compromised, the E-Bidders shall immediately notify PAH.
System Protection To prevent compromise of systems which contain DSHS Data or through which that Data passes:
a. Systems containing DSHS Data must have all security patches or hotfixes applied within 3 months of being made available.
b. The Contractor will have a method of ensuring that the requisite patches and hotfixes have been applied within the required timeframes.
c. Systems containing DSHS Data shall have an Anti-Malware application, if available, installed.
d. Anti-Malware software shall be kept up to date. The product, its anti-virus engine, and any malware database the system uses, will be no more than one update behind current.
COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).
Legal Protection 7.14.1 The University shall provide legal representation to any Member of the Bargaining Unit who is named a defendant in a civil action based on performance of the Member’s duties within the scope of employment. Legal representation will be at the Member’s request, subject to the approval of the Ohio Attorney General and in accordance with Ohio law. Pursuant to Ohio Revised Code Section 9.87 the University shall seek indemnification from the state for liability or judgment of any Member of the Bargaining Unit resulting from the performance of his or her duties for the University. Nothing in this Section is intended to expand or conflict with current Ohio law.
7.14.2 As long as the University continues to provide liability insurance coverage pursuant to ORC 3345.202 for any member of the University Board of Trustees or any University officer, the University shall continue to provide that level of liability insurance coverage for each Bargaining Unit Faculty Member.
