Additional Cloud Services Security Controls Sample Clauses
Additional Cloud Services Security Controls. Area Control(s) Data Protection (Availability Control, Transmission Control, Data Deletion) Failover Procedures. Citrix implements mechanisms designed to address loss of availability of Partner Personal Data, including storing copies of Partner Personal Data in a different place from where the primary computer equipment processing the Partner Personal Data is located. Data Beyond Boundaries. Citrix encrypts or enables Partner to encrypt Partner Personal Data that is transmitted over public networks that are part of a Service. Retention. Citrix may retain Partner Personal Data following the Service period and archiving for Partner access where required for legal purposes. Citrix will comply with the requirements of this Exhibit until such Partner Personal Data has been permanently deleted. Subject to Return directly below, Citrix is under no obligation to retain Partner Personal Data following termination of the Service. Return. Subject to availability and the applicable Services Description, Partner has thirty (30) days to download Partner Personal Data after expiration. Area Control(s) Data Deletion. Citrix will securely delete Partner Personal Data when no longer needed for a legitimate purpose. Secure operations Event Logging. In certain Services, Citrix collects Logs. Logs may include access ID, time, authorization granted or denied, diagnostic data such as trace and crash files, and other relevant activity. Logs are used (i) for providing, securing, managing, measuring and improving the Services and associated analytics, (ii) as directed or instructed by Partner and its Users, and/or (iii) for compliance with Citrix policies, applicable law, regulation, or governmental request. This may include monitoring the performance, stability, usage and security of the Services and related components. Partner may not block or interfere with this monitoring. Citrix may supplement Logs with information collected from third parties for the purposes specified above. Logs may be used for purposes not specified in this Exhibit only in aggregate form. Business Continuity and Disaster Recovery Back-ups. Except where otherwise noted in the respective Services Description, Services are maintained in high availability, active-active clusters spanning multiple physical sites. Systems not maintained in an active-active configuration are backed up according to the specific Service’s Service Level Goals.
Additional Cloud Services Security Controls. Area Control(s) Data Protection (Availability Control, Transmission Control, Data Deletion) Failover Procedures. Citrix implements mechanisms designed to address loss of availability of Customer Content, including storing copies of Customer Content in a different place from where the primary computer equipment processing the Customer Content is located. Data Beyond Boundaries. Citrix encrypts or enables Customer to encrypt Customer Content that is transmitted over public networks that are part of a Service. Retention. Citrix may retain Customer Content following the Service period and archiving for customer access where required for legal purposes. Citrix will comply with the requirements of this Exhibit until such Customer Content has been permanently deleted. Subject to Return directly below, Citrix is under no obligation to retain Customer Content following termination of the Service. Return. Subject to availability and the applicable Services Description, Customer has thirty (30) days to download Customer Content after expiration. Data Deletion. Citrix will securely delete Customer Content when no longer needed for a legitimate purpose. Secure Operations Event Logging. In certain Services, Citrix collects Logs. Logs may include access ID, time, authorization granted or denied, diagnostic data such as trace and crash files, and other relevant activity. Logs are used (i) for providing, securing, managing, measuring and improving the Services and associated analytics, (ii) as directed or instructed by Customer and its Users, and/or (iii) for compliance with Citrix policies, applicable law, regulation, or governmental request. This may include monitoring the performance, stability, usage and security of the Services and related components. Customer may not block or interfere with this monitoring. Citrix may supplement Logs with information collected from third parties for the purposes specified above. Logs may be used for purposes not specified in this Exhibit only in aggregate form. Area Control(s) Business Continuity and Disaster Recovery Back-ups. Except where otherwise noted in the respective Services Description, Services are maintained in high availability, active-active clusters spanning multiple physical sites. Systems not maintained in an active-active configuration are backed up according to the specific Service’s Service Level Goals.