Subject Access Requests. 12.1 Subject to clause 12.3, the Provider shall notify the Council immediately if it:
(a) receives a Data Subject Access Request (or purported Data Subject Access Request);
(b) receives a request to rectify, block or erase any Personal Data;
(c) receives any other request, complaint or communication relating to either Party's obligations under the Data Protection Legislation;
(d) receives any communication from the Information Commissioner or any other regulatory authority in connection with Personal Data processed under this Agreement;
(e) receives a request from any third Party for disclosure of Personal Data where compliance with such request is required or purported to be required by Law; or
(f) becomes aware of a Data Loss Event.
12.2 The Contractor’s obligation to notify under clause 12.1 shall include the provision of further information to the Council in phases, as details become available.
12.3 The Provider acknowledges that the Council is responsible for responding to requests from individuals for access to their Personal Data and shall assist and cooperate with the Council in complying with its statutory obligations.
12.4 The Provider shall:
12.4.1 transfer the Subject Access Request to the Council as soon as practicable and in any event within three Working Days of receipt;
12.4.2 ensure that once in receipt or made aware that a Subject Access Request has been submitted, all the requested information is retained for potential disclosure;
12.4.3 provide the Council with a copy of all the Personal Data in its possession (including the sources of the information), in the form the Council requires within seven Working Days of receiving the request (or such shorter period as may be specified); and
12.4.4 provide all necessary assistance as reasonably requested to enable the Council to respond to the Subject Access Request within the time for compliance set out in Data Protection Legislation.
12.5 Under no circumstances shall the Provider respond directly to a Subject Access Request unless expressly authorised to do so in writing by the Council.
Subject Access Requests. ND(J)L shall promptly notify the Customer if it receives a request from a Data Subject for access to, rectification, restriction, blocking, porting or erasure of that person’s Personal Data. ND(J)L shall provide all reasonable assistance to the Customer in assisting the Customer fulfil its obligations under law but ND(J)L will not respond to any Data Subject directly without prior authorisation from the Customer. The responsibility for responding to any request from a Data Subject lies solely with the Customer.
Subject Access Requests. 5.1 In accordance with Data Protection Legislation, the Parties acknowledge that they may receive a data subject access request (“DSAR”) from a young person and/or parent/carer and/or an adult. The Party receiving the DSAR will take responsibility for the DSAR and will discuss this with its legal adviser and the other Party before releasing any information. The Parties acknowledge and agree that they must comply with Data Protection Legislation in considering and responding to DSARs.
Subject Access Requests. Will Be Directed To Customer Feedback, Information and Improvement Team (BMBC processed data) Headteacher (school processed data)
Subject Access Requests. If a customer asks for the personal details held about them, you must refer the request to your Community Library Officer from the Council as soon as possible. Under legislation it is necessary to respond within 40 (forty) calendar days of a written request, subject to receiving proof of the individual’s ID and payment of a fee. Personal Data about a customer should only be kept for as long as it is needed for the purpose it was obtained. For example: a customer joins the Summer Reading Challenge. You must only keep that Personal Data and use it for the duration of administering the Summer Reading Challenge and securely dispose of once the promotion and monitoring period is complete.
Subject Access Requests. Some services we conduct for schools require us to hold information only during the time period in which we carry out the task, once this is complete, we will securely dispose of this data. As such if we receive a SAR request, we may need to direct this to the school who are the data controllers in this instance. If you would like to find out more about how we use your personal data or want to see a copy of information about you that we hold, please follow the link below for further details Privacy Notice Schools can terminate agreements by giving notice in writing to the services provider: Governor Clerking Service. Charges will continue unless the Service Provider is given at least one full term written notice that the Services will no longer be required for the remaining year or next academic year. Failure to give notice will incur a charge for the service provided up to the date the Service Provider is notified.
Subject Access Requests. 13.1 Under the Data Protection Act 1998, individuals have a right of access to information held about them unless an exemption applies.
13.2 Any subject access request received from, or on behalf of, a service user or appropriate person will be dealt with according to the existing Data Protection Policy of the organisation who “controls” the data.
Subject Access Requests. Under the Data Protection and Freedom of Information Acts, customers can ask to see the information that is held on computer and in some paper records about them. This is called a Subject Access Request. If customers wish to know what information is held about them, requests must be put in writing to the organisation processing the data. Further contact information on the appropriate officers can be found in the Fair Processing Notice.
Subject Access Requests. Some services we conduct for schools require us to hold information only during the time period in which we carry out the task, once this is complete, we will securely dispose of this data. As such if we receive a SAR request, we may need to direct this to the school who are the data controllers in this instance.
Subject Access Requests. Under the UK Data Protection Act, You have the right to ask Us to see the personal information that We hold about You (this is known as a 'subject access request') by writing to Us. We will generally respond to a subject access request within 40 calendar days of receiving: (a) information that We need in order to identify You and (b) the information You need.