Workstream 3 – Data and Information Security Sample Clauses

Workstream 3 – Data and Information Security. 12.1. Information and data governance in the project must ensure compliance with data protection regulations, including the General Data Protection Regulation (UK GDPR) and any other relevant laws. 12.2. It is anticipated there is no significant data migration required for the project as part of the Transfer, since the data for customers and staff are already held on the Authority’s systems. 12.3. Customer data will see a change in data controller from the Supplier to the Authority. 12.4. Privacy notices will be updated to reflect the new data controller, informing individuals of their rights and any implications this change has on their data. A renewed privacy notice shall be sent to customers prior to the Transfer.