Technical and organisational precautions Sample Clauses

Technical and organisational precautions. The Data Processor must, as a minimum, take the technical and organisational steps described below in connection with the processing of personal data covered by the Data Processing Agreement. If more detailed technical and organisational steps are necessary to ensure compliance with clause 4 of the Data Processing Agreement, these steps must always be taken.
AutoNDA by SimpleDocs
Technical and organisational precautions. The Data Processor must, as a minimum, take the technical and organisational steps described below in connection with the processing of personal data covered by the Data Processing Agreement. If more detailed technical and organisational steps are necessary to ensure compliance with clause 4 of the Data Processing Agreement, these steps must always be taken. The Data Processor must take the measures necessary to identify, evaluate and limit any reasonably foreseeable internal and external risks to the availability, confidentiality or integrity of all personal data covered by the Data Processing Agreement. The Data Processor must take appropriate technical steps to limit the risk of any unauthorised access. The Data Processor must evaluate and improve the effectiveness of these precautions when necessary. The Data Processor must document identified risks, as well as when a risk is reduced to an acceptable level. The above obligation involves the Data Processor carrying out a risk evaluation followed by measures to counter identified risks. This could include any relevant measures from the following list: Pseudonymisation and encryption of personal data Capability to ensure continued confidentiality, integrity, availability and resilience of processing systems and services Capability to correctly re-establish availability of and access to personal data in the case of a physical or technical incident A procedure for regular trial, assessment and evaluation of the effectiveness of the technical and organisational measures for ensuring security of processing. The Data Processor must have formal procedures for handling security incidents. The Data Processor must be able to document which employees are authorised to access personal data processed under the Data Processing Agreement. Output data materials are covered by the same instructions as input data materials, with the following addition: Output data may only be used by persons who are engaged in purposes for which the personal data is being processed, as well as for auditing, technical maintenance, operational monitoring and corrective measures etc. There must be a register of the mobile storage units used in connection with data processing. The Data Processor must regularly check that backups are readable. This must include a perspective of preparedness – for example, for significant changes in a system’s technical set-up.

Related to Technical and organisational precautions

  • Technical and Organisational Measures 1. Before the commencement of processing, the Supplier shall document the execution of the necessary Technical and Organisational Measures, set out in advance of the awarding of the Order or Contract, specifically with regard to the detailed execution of the contract, and shall present these documented measures to the Client for inspection. Upon acceptance by the Client, the documented measures become the foundation of the contract. Insofar as the inspection/audit by the Client shows the need for amendments, such amendments shall be implemented by mutual agreement. 2. The Supplier shall establish the security in accordance with Article 28 Paragraph 3 Point c, and Article 32 GDPR in particular in conjunction with Article 5 Paragraph 1, and Paragraph 2 GDPR. The measures to be taken are measures of data security and measures that guarantee a protection level appropriate to the risk concerning confidentiality, integrity, availability and resilience of the systems. The state of the art, implementation costs, the nature, scope and purposes of processing as well as the probability of occurrence and the severity of the risk to the rights and freedoms of natural persons within the meaning of Article 32 Paragraph 1 GDPR must be taken into account. [Details in Appendix 2]. 3. The Technical and Organisational Measures are subject to technical progress and further development. In this respect, it is permissible for the Supplier to implement alternative adequate measures. In so doing, the security level of the defined measures must not be reduced. Substantial changes must be documented.

  • Certification Regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code, PROVIDER certifies it is not engaged in business with Iran, Sudan, or a foreign terrorist organization. PROVIDER acknowledges this Purchase Order may be terminated if this certification is or becomes inaccurate.

  • Safety Precautions Resident acknowledges that neither Owner nor any of its agents, employees or representatives has made any representations or warranties, either written or oral, concerning the safety of the Property, the bedroom space or any apartment, or the effectiveness or operability of any security devices or safety, health or security measures at the Property, the bedroom space or any apartment. Resident acknowledges that Owner neither warrants nor guarantees the safety or security of residents or their Guests against any criminal or wrongful acts of third parties. Resident and his or her Guests are responsible for protecting their own respective person and property and hereby release Owner and its agents, employees and representatives for any and all damage to person and property. Owner’s safety measures are neither a warranty of safety nor a guaranty against crime or of a reduced risk of crime. Resident acknowledges that security devices or measures may be changed or removed by Owner without notice or compensation, and/or may fail or be thwarted by criminals or by electrical or mechanical malfunctions. Therefore, Resident acknowledges that he or she should not rely on such devices or measures and should take steps to protect himself or herself and his or her existing property notwithstanding these devices. Resident agrees to immediately notify Owner’s representative of any malfunctions involving locks and life-safety building components. Should Resident become seriously injured or imperiled at the Property, Resident authorizes Owner and its agents to call 911 Emergency at Resident’s expense, without legal obligation to do so.

  • Function of Joint Health and Safety Committee All incidents involving aggression or violence shall be brought to the attention of the Joint Health and Safety Committee. The Employer agrees that the Joint Health and Safety Committee shall concern itself with all matters relating to violence to staff.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!