Data Processing and Data Protection Clause Samples

The Data Processing and Data Protection clause establishes the obligations and standards for handling personal or sensitive data within the scope of an agreement. It typically outlines how data must be collected, stored, processed, and shared, often requiring compliance with relevant data protection laws such as the GDPR. This clause ensures that both parties understand their responsibilities regarding data security and privacy, thereby reducing the risk of data breaches and legal non-compliance.
Data Processing and Data Protection. 16.1. The Parties acknowledge that these Arrangements are subject to the requirements of Data Protection Legislation. This clause 16 is in addition to, and does not relieve, remove or replace, a Council’s obligations under the Data Protection Legislation. 16.2. The Parties acknowledge that for the purposes of Data Protection Legislation, they are Data Controllers and Data Processors. The Information Sharing Protocol at Schedule 6 sets out the scope, nature and purpose of processing by the Parties, the duration of the processing and the types of Personal Data and categories of Data Subject. 16.3. Without prejudice to the generality of clause 15.1 the Parties’ will ensure that they have identified the basis for processing including consent where appropriate and appropriate notices in place to enable the lawful processing of Personal Data in the performance of the Services and for the duration and purposes of this Agreement. 16.4. The Parties shall, in relation to any Personal Data or Sensitive Personal Data processed in connection with the performance of these Arrangements: 16.4.1. ensure that it has in place appropriate technical and organisational measures, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it); 16.4.2. not transfer any Personal Data outside of the European Economic Area unless both Parties consent and the following conditions are fulfilled: 16.4.2.1. One or both Parties have provided appropriate safeguards in relation to the transfer; 16.4.2.2. the Data Subject has enforceable rights and effective remedies; 16.4.2.3. the Parties comply with their obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is trans...
View SourceView Similar (3)
Data Processing and Data Protection. 1. Expedia is entitled to all rights to the data TRX processes for Expedia.
View SourceView Similar (2)
Data Processing and Data Protection. 10.1. The information provided in Clause 10 is only an informative introduction to data protection. Information concerning data privacy and security are addressed in SFM’s Privacy Policy at ▇▇▇▇▇://▇▇▇.▇▇▇-▇▇▇▇▇▇▇▇.▇▇▇/privacypolicy.html. Such Privacy Policy is incorporated herein by reference. SFM may update or change this Privacy Policy from time to time. Any change to this Privacy Policy will become effective when we post the revised Privacy Policy on the Website. SFM encourages you to periodically review this Privacy Policy to stay informed about how we collect, use, and share personal data. 10.2. SFM will process personal data which as per the definition found in the General Data Protection Regulation (“GDPR”) means any information relating to an identified or identifiable natural person also referred to as data subject. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The processing of data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, retrieval, consultation, adaption or alteration, use, disclosure by transmission, dissemination and suppression of such personal data or otherwise making available, alignment or combination, restriction, erasure or destruction. The recipients of the personal data may include SFM affiliated companies acting as subcontractors or auxiliaries, the registered agents in the jurisdictions relevant to the services, our IT suppliers or financial providers such as our payment acquirers, other third-party service providers, including Banks, that the Client has expressly requested to be introduced to, the public companies’ registries, or the legal authorities. All these disclosures which have been listed shall only occur in accordance with the GDPR and/or any applicable data privacy law. Our business relationship with these third party providers shall be a contractual one whereby both parties agree to abide by the obligations found in the GDPR and/or any applicable data privacy law such as the obligation of confidentiality on whoever is handling the personal data of the dat...
View SourceView Similar (2)
Data Processing and Data Protection. 12.1. The Director agrees to his personal data being stored, processed and used for purposes of personnel administration and payroll accounting. 12.2. The Director is committed to data secrecy pursuant to Sec. 5 German Data Protection Act (Bundesdatenschutzgesetz) and acknowledges that any breach may constitute a criminal offence. The Director may not collect, process, disclose or make public, or use protected personal data for other proposes than fulfilling his contractual obligations. The commitment to data secrecy outlasts the term of the Agreement and shall remain in effect, even after the service relationship terminates.
View Source
Data Processing and Data Protection. 1. SFM will process personal data. which as per the definition found in the General Data Protection Regulation (GDPR) means any information relating to an identified or identifiable natural person also referred to as data subject. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identified such as a name, an identification number, location data, an online identified or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The processing of data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, retrieval, consultation, adaption or alteration, use, disclosure by transmission, dissemination and suppression of such personal data. or otherwise making available, alignment or combination, restriction, erasure or destruction. The recipients of the personal data may include SFM affiliated companies acting as subcontractors or auxiliaries, the registered agents in the jurisdictions relevant to the services, our IT suppliers or financial providers such as our payment acquirers, other third-party service providers, including banks, whom the Client has expressly requested to be introduced to, the public companies’ registries, or the legal authorities. All these disclosures which have been listed shall only occur in accordance with the GDPR and our business relationship with these third part providers shall be a contractual one whereby both parties agree to abide by the obligations found in the GDPR such as the obligation of confidentiality on whoever is handling the personal data of the data subjects. To comply withKnow your client” obligations and ensure the correct service delivery, the processed data will include particulars of the Client, such as the full legal name(s), the nationality, the date of birth, domicile and residential addresses, passport numbers, passport validity dates, and contact details of identifiable individuals, as well as supporting documents evidencing such personal data and service instructions from the Client. The Client is under an obligation to maintain his/her personal data up to date during the entire contractual relationship with SFM, and to submit any required supporting document in relation to his/her update obligation in t...
View Source
Data Processing and Data Protection. 10.1. The Customer acknowledges the importance of protecting personal data and guarantees compliance with data protection and electronic communications legislation, including but not limited to the European General Data Protection Regulation ("GDPR") and all secondary (European or national) legislation adopted under the GDPR, such as the Belgian Act of 13 June 2005 on Electronic Communications, insofar as applicable to the Customer. In this regard, the Customer agrees and guarantees to assist Ads & Data in fulfilling its data protection obligations, including, if applicable, signing and adhering to an appropriate DPA. 10.2. The Customer commits to and guarantees that, in the context of the Advertisements, it will only collect (or allow the collection of) data for the purpose of (i) placing the Advertisements and (ii) statistical measurement of the Advertisements. Except as provided in Article 10.4, the Customer shall not collect (or allow the collection of) any data, including personal data, for any other purpose or for the benefit of any third party. The Customer will exclusively use code (such as but not limited to cookies and other trackers) to perform quantitative and qualitative measurements related to the placed Advertisements. Beyond the foregoing, the Customer is expressly prohibited from collecting information, storing information in, or accessing information on the equipment of users of the media for which Ads & Data manages the advertising space, via cookies, scripts, or any other means. Specifically, collecting information for purposes including, but not limited to, retargeting, audience targeting, and behavioral targeting, or collecting information about user behavior is not allowed without the explicit, written, and prior consent of Ads & Data. 10.3. The Customer acknowledges and agrees that, without prior, explicit, and written consent from Ads & Data, it is not permitted for the Customer to collect (or allow the collection of) personal data via the Advertisements for the purpose of creating and/or enriching any database to (re)use it for its own benefit and/or for third parties. 10.4. If the Customer has obtained the legitimate consent of the data subject for personalized direct marketing purposes and can provide evidence of this consent, the Customer may use the data subject’s personal data in the Advertisement in accordance with the obtained consent. In such cases, the Customer shall unconditionally and without limitation indemnify and ho...
View Source
Data Processing and Data Protection. 7.1. Nilfisk uses and processes your personal data provided by the Customer only as is necessary to provide you with the functions set out in Section 2, and will not share that data with any other party except Nilfisk business partners that support Nilfisk in providing those functions. Nilfisk and the Customer have legitimate commercial interests in ensuring that you can access those functions in order to carry out your work on Customer’s behalf. 7.2. Nilfisk will provide data, conclusions and findings generated by the Software to Customer, which controls the operation, of the cleaning equipment used for collecting data, including when, how and where the equipment is used. Customer can use the data to identify you and/or operator of individual cleaning machines. Under data protection laws, Customer is the data controller and Nilfisk is its data processor. 7.3. If instructed by the Customer, you must clearly advise each operator of the Nilfisk machines that Nilfisk collects data on how, when and where a machine is operated at any time. You may not provide Nilfisk with any personal data of equipment operators, including, without limitation, names, titles, employee ID numbers, or other information about work or personal life. 7.4. Nilfisk and Customer will comply with applicable laws governing data privacy, including, if it is applicable, the
View Source
Data Processing and Data Protection. (UK GDPR) 23.1 The client will be able to view the purposes and methods relating to the processing of personal data provided under this contract in the Information document on the Processing of Personal Data. This document must be accepted upon activation of the service. The Client undertakes from now on not to communicate, insert or provide particular categories of personal data (sensitive data) pursuant to article 9 of UK GDPR, intended as data suitable for detecting racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of trade unions and associations, as well as data suitable for detecting the Customer's state of health, life or sexual orientation.
View Source

Related to Data Processing and Data Protection

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the ▇▇▇▇ of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (▇▇▇▇)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Data Processing In this clause:

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.