Data Storage Where required by applicable law, Student Data shall be stored within the United States. Upon request of the LEA, Provider will provide a list of the locations where Student Data is stored.
Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.
Advertising Limitations Provider is prohibited from using, disclosing, or selling Student Data to (a) inform, influence, or enable Targeted Advertising; or (b) develop a profile of a student, family member/guardian or group, for any purpose other than providing the Service to LEA. This section does not prohibit Provider from using Student Data (i) for adaptive learning or customized student learning (including generating personalized learning recommendations); or (ii) to make product recommendations to teachers or LEA employees; or (iii) to notify account holders about new education product updates, features, or services or from otherwise using Student Data as permitted in this DPA and its accompanying exhibits
Parent Access To the extent required by law the LEA shall establish reasonable procedures by which a parent, legal guardian, or eligible student may review Education Records and/or Student Data correct erroneous information, and procedures for the transfer of student-generated content to a personal account, consistent with the functionality of services. Provider shall respond in a reasonably timely manner (and no later than forty five (45) days from the date of the request or pursuant to the time frame required under state law for an LEA to respond to a parent or student, whichever is sooner) to the LEA’s request for Student Data in a student’s records held by the Provider to view or correct as necessary. In the event that a parent of a student or other individual contacts the Provider to review any of the Student Data accessed pursuant to the Services, the Provider shall refer the parent or individual to the LEA, who will follow the necessary and proper procedures regarding the requested information.
Notices Any notice, request or other document required or permitted to be given or delivered to the Holder by the Company shall be delivered in accordance with the notice provisions of the Purchase Agreement.
Additional Services Registry Operator shall be entitled to provide the Registry Services described in clauses (a) and (b) of the first paragraph of Section 2.1 in the Specification 6 attached hereto (“Specification 6”) and such other Registry Services set forth on Exhibit A (collectively, the “Approved Services”). If Registry Operator desires to provide any Registry Service that is not an Approved Service or is a material modification to an Approved Service (each, an “Additional Service”), Registry Operator shall submit a request for approval of such Additional Service pursuant to the Registry Services Evaluation Policy at xxxx://xxx.xxxxx.xxx/en/registries/rsep/rsep.html, as such policy may be amended from time to time in accordance with the bylaws of ICANN (as amended from time to time, the “ICANN Bylaws”) applicable to Consensus Policies (the “RSEP”). Registry Operator may offer Additional Services only with the written approval of ICANN, and, upon any such approval, such Additional Services shall be deemed Registry Services under this Agreement. In its reasonable discretion, ICANN may require an amendment to this Agreement reflecting the provision of any Additional Service which is approved pursuant to the RSEP, which amendment shall be in a form reasonably acceptable to the parties.
Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.
Public Records Taxpayer acknowledges that GO-Biz is subject to the California Public Records Act (PRA) (Gov. Code, § 6250 et seq.). This Agreement and materials submitted by Taxpayer to GO-Biz may be subject to a PRA request. In such an event, GO-Biz will notify Taxpayer, as soon as practicable that a PRA request for Taxpayer’s information has been received, but not less than five (5) business days prior to the release of the requested information to allow Taxpayer to seek an injunction. GO-Biz will work in good faith with Taxpayer to protect the information to the extent an exemption is provided by law, including, but not limited to, notes, drafts, proprietary information, financial information, and trade secret information. GO-Biz will also apply the “balancing test” as provided for under Government Code section 6255, to the extent applicable. Notwithstanding the foregoing, GO-Biz agrees that any information provided to GO-Biz by the FTB, in connection with this Agreement will be treated as confidential tax information protected by Article 2 (commencing with Section 19542) of Chapter 7 of Part 10.2 of the RTC, assuming that FTB can rely on such a section and shall not be disclosed to any party, other than personnel of GO-Biz or the Committee, without Taxpayer’s prior written consent. Taxpayer acknowledges that this Agreement in whole or in part will be made available to the public at least ten (10) calendar days prior to the Committee hearing. Pursuant to RTC sections 17059.2 and 23689, in the event of approval by the Committee of this Agreement, Taxpayer acknowledges and agrees that GO-Biz will post on its website the following information:
Annual Notification of Rights If the LEA has a policy of disclosing Education Records and/or Student Data under FERPA (34 CFR § 99.31(a)(1)), LEA shall include a specification of criteria for determining who constitutes a school official and what constitutes a legitimate educational interest in its annual notification of rights.
Data Ownership and Authorized Access 1. Student Data Property of LEA. All Student Data transmitted to the Provider pursuant to the Service Agreement is and will continue to be the property of and under the control of the LEA. The Provider further acknowledges and agrees that all copies of such Student Data transmitted to the Provider, including any modifications or additions or any portion thereof from any source, are subject to the provisions of this DPA in the same manner as the original Student Data. The Parties agree that as between them, all rights, including all intellectual property rights in and to Student Data contemplated per the Service Agreement, shall remain the exclusive property of the LEA. For the purposes of FERPA, the Provider shall be considered a School Official, under the control and direction of the LEA as it pertains to the use of Student Data, notwithstanding the above.