Data Return and Destruction of Data (a) Protecting PII from unauthorized access and disclosure is of the utmost importance to the EA, and Contractor agrees that it is prohibited from retaining PII or continued access to PII or any copy, summary or extract of PII, on any storage medium (including, without limitation, in secure data centers and/or cloud-based facilities) whatsoever beyond the period of providing Services to the EA, unless such retention is either expressly authorized for a prescribed period by the Service Agreement or other written agreement between the Parties, or expressly requested by the EA for purposes of facilitating the transfer of PII to the EA or expressly required by law. As applicable, upon expiration or termination of the Service Agreement, Contractor shall transfer PII, in a format agreed to by the Parties to the EA. (b) If applicable, once the transfer of PII has been accomplished in accordance with the EA’s written election to do so, Contractor agrees to return or destroy all PII when the purpose that necessitated its receipt by Contractor has been completed. Thereafter, with regard to all PII (including without limitation, all hard copies, archived copies, electronic versions, electronic imaging of hard copies) as well as any and all PII maintained on behalf of Contractor in a secure data center and/or cloud-based facilities that remain in the possession of Contractor or its Subcontractors, Contractor shall ensure that PII is securely deleted and/or destroyed in a manner that does not allow it to be retrieved or retrievable, read or reconstructed. Hard copy media must be shredded or destroyed such that PII cannot be read or otherwise reconstructed, and electronic media must be cleared, purged, or destroyed such that the PII cannot be retrieved. Only the destruction of paper PII, and not redaction, will satisfy the requirements for data destruction. Redaction is specifically excluded as a means of data destruction. (c) Contractor shall provide the EA with a written certification of the secure deletion and/or destruction of PII held by the Contractor or Subcontractors. (d) To the extent that Contractor and/or its subcontractors continue to be in possession of any de-identified data (i.e., data that has had all direct and indirect identifiers removed), they agree not to attempt to re-identify de-identified data and not to transfer de-identified data to any party.
Applicability of Data Privacy Protections In the event that Personal Information will be Processed by Supplier in connection with the performance under this Agreement (including any SOW), then and only then shall the provisions of this Section ‘Data Protection and Privacy’ be applicable. For the avoidance of doubt, the data security requirements contained in section ‘Information Security’ shall apply regardless of whether Personal Information is Processed under this Agreement or any SOW. All Personal Information obtained from or on behalf of DXC or in connection with performance pursuant to this Agreement shall be Processed and protected pursuant to this Section ‘Data Protection and Privacy’, the Section ‘Information Security’ and any other Sections of this Agreement that address Personal Information.
Standard of Care; Uncontrollable Events; Limitation of Liability SMC shall use reasonable professional diligence to ensure the accuracy of all services performed under this Agreement, but shall not be liable to the Company for any action taken or omitted by SMC in the absence of bad faith, willful misfeasance, negligence or reckless disregard by it of its obligations and duties. The duties of SMC shall be confined to those expressly set forth herein, and no implied duties are assumed by or may be asserted against SMC hereunder. SMC shall maintain adequate and reliable computer and other equipment necessary or appropriate to carry out its obligations under this Agreement. Upon the Company's reasonable request, SMC shall provide supplemental information concerning the aspects of its disaster recovery and business continuity plan that are relevant to the services provided hereunder. Notwithstanding the foregoing or any other provision of this Agreement, SMC assumes no responsibility hereunder, and shall not be liable for, any damage, loss of data, delay or any other loss whatsoever caused by events beyond its reasonable control. Events beyond SMC's reasonable control include, without limitation, force majeure events. Force majeure events include natural disasters, actions or decrees of governmental bodies, and communication lines failures that are not the fault of either party. In the event of force majeure, computer or other equipment failures or other events beyond its reasonable control, SMC shall follow applicable procedures in its disaster recovery and business continuity plan and use all commercially reasonable efforts to minimize any service interruption. SMC shall provide the Company, at such times as the Company may reasonably require, copies of reports rendered by independent public accountants on the internal controls and procedures of SMC relating to the services provided by SMC under this Agreement. Notwithstanding anything in this Agreement to the contrary, in no event shall SMC, its affiliates or any of its or their directors, officers, employees, agents or subcontractors be liable for exemplary, punitive, special, incidental, indirect or consequential damages, or lost profits, each of which is hereby excluded by agreement of the parties regardless of whether such damages were foreseeable or whether either party or any entity has been advised of the possibility of such damages.
Review of legality and data minimisation (a) The data importer agrees to review the legality of the request for disclosure, in particular whether it remains within the powers granted to the requesting public authority, and to challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful under the laws of the country of destination, applicable obligations under international law and principles of international comity. The data importer shall, under the same conditions, pursue possibilities of appeal. When challenging a request, the data importer shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the personal data requested until required to do so under the applicable procedural rules. These requirements are without prejudice to the obligations of the data importer under Clause 14(e). (b) The data importer agrees to document its legal assessment and any challenge to the request for disclosure and, to the extent permissible under the laws of the country of destination, make the documentation available to the data exporter. It shall also make it available to the competent supervisory authority on request.
Insurance and Fingerprint Requirements Information Insurance If applicable and your staff will be on TIPS member premises for delivery, training or installation etc. and/or with an automobile, you must carry automobile insurance as required by law. You may be asked to provide proof of insurance. Fingerprint It is possible that a vendor may be subject to Chapter 22 of the Texas Education Code. The Texas Education Code, Chapter 22, Section 22.0834. Statutory language may be found at: xxxx://xxx.xxxxxxxx.xxxxx.xxxxx.xx.xx/ If the vendor has staff that meet both of these criterion: (1) will have continuing duties related to the contracted services; and (2) has or will have direct contact with students Then you have ”covered” employees for purposes of completing the attached form. TIPS recommends all vendors consult their legal counsel for guidance in compliance with this law. If you have questions on how to comply, see below. If you have questions on compliance with this code section, contact the Texas Department of Public Safety Non-Criminal Justice Unit, Access and Dissemination Bureau, FAST-FACT at XXXX@xxxxx.xxxxx.xx.xx and you should send an email identifying you as a contractor to a Texas Independent School District or ESC Region 8 and TIPS. Texas DPS phone number is (000) 000-0000. See form in the next attribute to complete entitled: Texas Education Code Chapter 22 Contractor Certification for Contractor Employees
Provide Data In Compliance With Laws LEA shall provide data for the purposes of the DPA in compliance with the FERPA, PPRA, IDEA, 603 C.M.R. 23.00, 603 CMR 28.00, and Massachusetts General Law, Chapter 71, Sections 34D to 34H, and the other privacy statutes quoted in this DPA. LEA shall ensure that its annual notice under FERPA includes vendors, such as the Provider, as “School Officials.”
Penalties for Non-compliance to Service Level Agreement Where the Supplier/Service Provider fails to deliver the Goods/Services within the agreed and accepted milestone timelines and provided that the cause of the delay was not due to a fault of Transnet, penalties shall be imposed at …………………………………………………… .
RETURN AND DELETION OF PERSONAL DATA 7.1 We shall return to You and, to the extent allowed by applicable law, delete Your Personal Data as set out in the Agreement. We are obliged to ensure that any Sub-processors adhere to the same obligation
Effect and invariability of the Clauses These Clauses set out appropriate safeguards, including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46(2)(c) of Regulation (EU) 2016/679 and, with respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679, provided they are not modified, except to select the appropriate Module(s) or to add or update information in the Appendix. This does not prevent the Parties from including the standard contractual clauses laid down in these Clauses in a wider contract and/or to add other clauses or additional safeguards, provided that they do not contradict, directly or indirectly, these Clauses or prejudice the fundamental rights or freedoms of data subjects.
Data Deletion Google will delete Customer Data in accordance with Section 6 (Data Deletion) of the Data Processing Amendment.
