Common use of April 2001 Clause in Contracts

April 2001. If the task involves the processing of confidential or sensitive data, the Consultant shall respect the enhanced security measures stipulated in chapter 3 of the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities. At the request of the Customer, the Consultant shall immediately provide full information, such that the Customer can assess and determine that the necessary security measures have been set up and are being obeyed. The Consultant shall clarify any possible doubt as to the fulfillment of the security measures, including contacting the Customer. The Consultant shall inform the Customer of detected infringement of the security. Particular notice should be paid to the following: • The information must not be stored longer than necessary in view of what is necessary for the purposes for which the information is collected. • The information must not be disclosed to a third-party, unless the obligation arises from applicable law or from the instruction of the Customer. • The Consultant shall ensure that only persons authorised by the Consultant have access to the personal data being processed. • The Consultant shall ensure that the processing of personal data takes place in accordance with the rules in the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities including processing of data via the Internet or other open or wireless networks. • The Consultant shall ensure that the processing of personal dat a outside of The Consultant’s premises, including home offices, takes place in accordance with the rules in the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities. • The transfer of personal data to third countries shall take place in accordance with section 27 in the Danish Act on Processing of Personal Data. All processing of personal data after 25 May 2018 must comply wit h Regulation (EU) 2016/679 Of The European Parliament And Of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the forthcoming Danish Data Protection Act.

April 2001. If the task involves the processing proceesing of confidential or sensitive data, the Consultant Consulta nt shall respect the enhanced security measures stipulated in chapter 3 of the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities. At the request of the Customer, the Consultant shall immediately provide full information, such that the Customer can assess and determine that the necessary security measures have been set up and are being obeyed. The Consultant shall clarify any possible doubt as to the fulfillment of the security measures, including contacting the Customer. The Consultant shall inform the Customer of detected infringement of the security. Particular notice should be paid to the following: • The information must not be stored longer than necessary in view of what is necessary for the purposes for which the information infomation is collected. , and the information must be deleted […] • The information must not be disclosed to a third-party, unless the obligation arises from applicable law or from the instruction of the Customer. • The Consultant shall ensure that only persons authorised by the Consultant have access to the personal data being processed. • The Consultant shall ensure that the processing of personal data takes place in accordance with the rules in the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities including processing of data via the Internet or other open or wireless networks. • The Consultant shall ensure that the processing of personal dat a outside of The Consultant’s premises, including home offices, takes place in accordance with the rules in the Danish Order on Security Measures for the Processing of Personal Data by Public Authorities. • The transfer of personal data to third countries shall take place in accordance with section 27 in the Danish Act on Processing of Personal Data. All processing of personal data after 25 May 2018 must comply wit h Regulation (EU) 2016/679 Of The European Parliament And Of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the forthcoming Danish Data Protection Act.