DATA PRIVACY AND PROTECTION Clause Samples

The Data Privacy and Protection clause establishes the obligations of parties to safeguard personal and sensitive information collected, processed, or shared during the course of their relationship. Typically, this clause requires compliance with applicable data protection laws, such as GDPR or CCPA, and may outline specific measures like encryption, access controls, or breach notification procedures. Its core function is to ensure that personal data is handled responsibly and securely, thereby reducing the risk of unauthorized disclosure and legal liability.
POPULAR SAMPLE Copied 1 times
DATA PRIVACY AND PROTECTION a. The default WDD software configuration covered by this Agreement does not include features or capabilities which (a) permit remote systems to access the local systems or data;
DATA PRIVACY AND PROTECTION. 7.1. In performing the Cloud Services, We will comply with the Incident IQ Privacy Policy, which is available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/privacy-policy and incorporated herein by reference, as well as the additional requirements detailed in paragraph 8, below. The Incident IQ Privacy Policy is subject to change at Our discretion; however, policy changes will not result in a material reduction in the level of protection provided for Your Data during the Services Period described in Your Order Form. 7.2. We will maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Your Data. Those safeguards will include, but will not be limited to, measures for preventing access, use, modification or disclosure of Your Data by Our personnel except (a) to provide the purchased Cloud Services and prevent or address service or technical problems, (b) as compelled by law in accordance with Section 6.3 above, or (c) as You expressly permit in writing.
DATA PRIVACY AND PROTECTION. All SDCOE content/data (to include but not limited to: students, teachers, interns, aides, Principals, and other administrative personnel) involved in this agreement shall continue to be the property of and under the control of the SDCOE. All content/data created by the SDCOE or by its students or personnel using the service(s) provided by Contractor pursuant to this Agreement will cease to be retained by the Contractor at the conclusion of this Agreement and will, in fact, be removed from the Contractor’s records. The Contractor will not use any information in a student or personnel record for any purposes other than those required or specifically permitted by this Agreement. Any other use of the SDCOE’s student and personnel information will not be undertaken without the express, written consent of the SDCOE. The Contractor certifies it uses and adheres to the following methods to ensure the privacy and security of all electronically stored information: transmission of student and personnel information is always via secure protocols (SFTP, SSL and/or encryption) no data transmission occurs via email student and personnel data are stored in an encrypted form and programmatic access to that data is done using secure coding standards without visible account or password information all server systems including data storage are maintained in a locked, secure, environmentally controlled facility all server systems have been hardened with industry standard recommended measures for security protection The Contractor will notify the SDCOE within 24 hours of the Contractor discovering an unauthorized access or disclosure of SDCOE data. The Contractor and the SDCOE will work together to ensure compliance with FERPA regulations as applicable.
DATA PRIVACY AND PROTECTION a. The default LaborKey Per Cap configuration covered by this Agreement does not include features or capabilities which (1) permit remote services to access data residing on local machines or a local network or which (2) compromise or weaken network or machine security. b. If Licensee shall send data files to L.K. Corp for assistance with data processing, L.K. Corp shall only process these data files on systems protected with levels of security which prevent unauthorized persons from accessing these data files. L.K. Corp shall maintain data files for 30 to 60 days, and the data files shall only be used to support Licensee if and when Licensee shall request or require additional assistance with data files. Any files provided by Licensee in the possession of L.K. Corp shall be and forever remain exclusively the property of Licensee.
DATA PRIVACY AND PROTECTION. 13.1 The Service Provider acknowledges that in providing the Services to Sentech, the Service Provider may be exposed to Sentech’s Data, including Data of any of Sentech’s clients and/or other third parties. 13.2 The Parties specifically record that all Data provided by Sentech to the Service Provider, or to which the Service Provider may be exposed, shall constitute Confidential Information and as such, the Service Provider shall comply with all the provisions of clause 10 with regard to such Data. 13.3 The Service Provider hereby warrants in favour of Sentech that it shall at all times strictly comply with all applicable legislation and with all the provisions and requirements of the Sentech's Data protection policies and procedures, as may be updated from time to time, and any further requirements of which Sentech may, from time to time, advise the Service Provider in writing, or which may be required by legislation, regulation or any relevant industry body, whether within the Republic of South Africa or elsewhere in the world. 13.4 The Service Provider hereby warrants and undertakes that it shall not, at any time copy, compile, collect, collate, process, mine, store, transfer, alter, delete, interfere with or in any other manner use Data for any purpose other than with the express prior written consent of Sentech, and to the extent necessary to provide the Services to Sentech. All data and software, including Sentech Data, provided by Sentech or accessed (or accessible) by Service Provider Staff members shall be used by such Staff members only in connection with the provision of the Services and shall not be commercially exploited by the Service Provider in any manner whatsoever. 13.5 The Service Provider further warrants that it shall ensure that all its systems and operations which it uses to provide the Services, including all systems on which Data is copied, compiled, collected, collated, processed, mined, stored, transmitted, altered or deleted or otherwise used as part of providing the Services, shall at all times be of a minimum standard required by law and further be of a standard no less than the standards which are in compliance with the international best practice for the protection, control and use of Data. 13.6 The Service Provider indemnifies and holds harmless Sentech for any loss, whether direct or indirect, arising out of a failure to process any Sentech Data in accordance with the applicable laws.
DATA PRIVACY AND PROTECTION. The Buyer shall (i) comply with all applicable data protection laws in respect of the Processing of Personal Data, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”); (ii) only Process Personal Data to the extent necessary to perform its obligations under this GTCoS and for no other purpose; and (iii) implement and maintain appropriate technical, organizational and security measures to ensure that Personal Data is adequately protected against unauthorized Processing, disclosure, loss or misuse. The Buyer shall not transfer any Personal Data to any recipient without the Seller’s prior written consent. The Buyer shall promptly notify the Seller if it suspects, or is aware of, any data breach involving Personal Data within 24 hours after having become aware of it, in which case, the Seller shall be entitled to terminate all transactions and business relationship with the Buyer. As used in this clause, “Personal Data” and “Process/Processing” have the meanings set out in the GDPR. The Buyer shall comply with any directions and/or requirements of the Seller pertaining to any mandatory breach of Personal Data notification requirements under any applicable law.
DATA PRIVACY AND PROTECTION a. The default WageKey configuration covered by this Agreement does not include features or capabilities which (1) permit remote systems to access the local systems or data; (2) compromise or weaken firewall, network or machine security; or (3) submit or post any union member or contractor data to any off-site system, machine or party, with the exceptions of electronic WD-10 survey submissions and any deliberate data synchronizations and posted backups (both compressed & encrypted with passwords) initiated by WageKey users. Licensee may choose to have special or custom features enabled which are not included within the default WageKey configuration, and these special or custom features may access remote servers and submit processed data, software user entries or requests to specific secure remote servers for the purpose of accessing specific data services required by Licensee. b. If Licensee shall send data files to LaborKey for assistance with data processing, LaborKey shall only process these data files on systems protected with levels of security which prevent unauthorized persons from accessing these data files. LaborKey shall maintain data files for 30 to 60 days, and the data files shall only be used to support Licensee if and when Licensee shall request or require additional assistance with data files. Any files provided by Licensee in the possession of LaborKey shall be and forever remain exclusively the property of Licensee.
DATA PRIVACY AND PROTECTION. 11.1. DMB Data shall- 11.1.1. use its best efforts to keep Personal Information confidential and shall not disclose any Personal Information to any other person except as required by law, save to the extent set out herein. The Customer grants DMB Data the right to disclose Personal Information to its Affiliates for the purposes of providing the Services; 11.1.2. utilize security technologies and techniques in accordance with best industry practice for the purpose of complying with its obligations in terms of clause 11.1.1; 11.1.3. at all times strictly comply with any applicable laws, regulation or code relating to data protection in South Africa, or other requirements enforced by any relevant industry or self-regulatory body within the Republic of South Africa in the provision of the Services; and 11.1.4. not, at any time copy, compile, collect, collate, process, mine, store, transfer, alter, delete, interfere with or in any other manner use Data for any purpose other than providing the Services to the Customer other than with the express prior written consent of the Customer. 11.2. The Parties record that all Data, in whatever form, is the Customer’s Intellectual Property. Accordingly, the Customer retains all right, title and interest in and to the Data. 11.3. The Customer acknowledges that it is primarily responsible for complying with any data protection obligations imposed in terms of any law, including the common law, in relation to any Personal Information and shall obtain any consents necessary for the disclosure of Personal Information to DMB Data for the purposes of this Agreement. 11.4. The Customer shall separate any Personal Information from any other Data provided to DMB Data for the purpose of providing the Service and shall designate the Personal Information as such before disclosing or otherwise making it available to DMB Data.
DATA PRIVACY AND PROTECTION. (a) VI shall, in relation to any processing of personal data by it or VE, maintain a framework and make arrangements to allow the VE Members to comply with EU data protection laws, including the Data Protection Directive 95/46/EC and any legislation in force from time to time which implements the Data Protection Directive 95/46/EC and its successors (the “EU Member State Data Protection Laws”), particularly in connection with the transfer of personal data outside of the European Economic Area - 42 - (“Trans-Border Dataflow”) and the evolving privacy landscape (including EU privacy norms). (b) The parties agree that the current compliance model (a “Privacy Compliance Model”) maintained by VI and VE (under which VE acts as data controller with responsibility for Trans-Border Dataflow) allows the VE Members to comply with EU Member State Data Protection Laws (as such current Privacy Compliance Model is set out in the VE operating regulations in force immediately prior to the Closing, the VE Constitutional Documents and membership deeds between the VE Members and VE). VI shall ensure that the current Privacy Compliance Model will remain in place following the Closing by entering into a deed poll substantially in the form attached hereto as Exhibit K (the “Deed Poll”), and procuring that VE enters into the Deed Poll, for the benefit of all VE Members, which obliges VE to maintain in place, and comply with, the current Privacy Compliance Model (notwithstanding any termination of the VE Constitutional Documents and membership deeds between the VE Members and VE) until an alternative compliance solution has been implemented pursuant to Section 6.12(c) or (d) below. The Deed Poll shall be governed by English law and VI and VE shall irrevocably submit to the jurisdiction of the courts of England in connection with any proceedings arising out of or in connection with the deed poll and waive any objection to proceedings in any such court on the ground of venue or on the ground that proceedings have been brought in an inconvenient forum. (c) VI may implement an alternative Privacy Compliance Model under which: (i) the VE Members contract directly with VI, and VI offers to enter into direct EU Model Contracts (such EU Model Contracts to be in a form approved by the European Commission) with each VE Member; or (ii) the VE Members enter into new contracts with VE whereby VE acts as data controller with sole responsibility for any Trans-Border Dataflow, such new contracts ...
DATA PRIVACY AND PROTECTION. 10.1 The Customer shall own all rights, title and interest in and to all of the Customer Data and shall have sole responsibility of the legality, reliability, integrity, accuracy and quality of the Customer Data. 10.2 In the event of any loss or damage to Customer Data, the Customer’s sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data if maintained by the Supplier and if relevant considering the nature of the Service. 10.3 The Customer shall ensure that its use of the Service and its treatment of Customer Data complies with all applicable laws, rules, regulations and orders. 10.4 The Customer expressly warrants and undertakes that it shall at all times comply with any contractual terms and conditions or legal requirements applicable to the use of location based services and hereby indemnify and hold the Supplier harmless against any damages, losses, liabilities, settlements and expenses of whatsoever nature howsoever arising whether in delict, contract or statute. 10.5 To the extent that the Supplier’s acts or omissions could impact on the security of the Customer’s card holder data environment, it is recorded that the Supplier has been assessed and found to be in compliance with the relevant PCI DSS standard. The Customer acknowledges and agrees that the Service does not by itself ensure compliance with PCI DSS and that they remain responsible to ensure that they comply therewith.