DATA PROTECTION1 Clause Samples

The Data Protection clause establishes the obligations of parties to safeguard personal and sensitive information exchanged or processed under the agreement. It typically requires compliance with applicable data protection laws, such as the GDPR, and may specify measures like secure data storage, restricted access, and prompt notification in the event of a data breach. This clause ensures that both parties handle data responsibly, reducing the risk of unauthorized disclosure and legal liability.
DATA PROTECTION1. 19.1 This Clause 19 will apply only to the extent that Personal Data is provided by BT to the Supplier or otherwise acquired by the Supplier in relation to the Contract. For the purposes of this Clause 19, “BT” will also mean any company that is from time to time in the same group (as defined by s.474(1) Companies Act 2006) as BT which provides Personal Data to the Supplier or in relation to which the Supplier acquires or generates Personal Data in relation to the Contract. 19.2 The Supplier will only Process Personal Data (limited to business contact details) of BT’s personnel (employees, agents and subcontractors) as Controller for purposes of contract administration and it will do so strictly in accordance with Data Protection Legislation. In the event of a Personal Data Breach, the Supplier will promptly notify BT of the Personal Data Breach and provide any information BT may reasonably require relating to that Personal Data Breach. 19.3 Neither Party will Process Personal Data on behalf of the other Party as Processor for the purposes of the Contract. If either Party anticipates that any change (a) to the Goods, Software and/or Services; or (b) to the interpretation of the Goods, Software and/or Services under the Data Protection Legislation, would require the Processing of Personal Data by the Supplier on BT’s behalf as Processor, then the relevant Party will immediately notify the other in writing and the Parties will negotiate in good faith to incorporate appropriate data protection provisions into the Contract in accordance with Data Protection Legislation. No such changes will be made until appropriate data protection provisions have been agreed by the Parties.
View SourceView Similar (5)
DATA PROTECTION1. 19.1.1.1 This Clause 19 will apply only to the extent that Personal Data is provided by EE to the Supplier or otherwise acquired by the Supplier in relation to the Contract. For the purposes of this Clause 19, “EE” will also mean any company that is from time to time in the same group (as defined by s.474(1) Companies Act 2006) as EE which provides Personal Data to the Supplier or in relation to which the Supplier acquires or generates Personal Data in relation to the Contract. 19.1.1.2 The Supplier will only Process Personal Data (limited to business contact details) of EE’s personnel (employees, agents and subcontractors) as Controller for purposes of contract administration and it will do so strictly in accordance with Data Protection Legislation. In the event of a Personal Data Breach, the Supplier will promptly notify EE of the Personal Data Breach and provide any information EE may reasonably require relating to that Personal Data Breach.
View SourceView Similar (2)
DATA PROTECTION1. 6.1 To the extent that either Party processes Personal Data, it shall each comply with Data Protection Laws and the obligations as set out in the Data Processor Agreement. 1 Note for KPL: roles of data controller & data processor TBC
View Source
DATA PROTECTION1. 23.1 In carrying out its obligation under the Agreement, each Party shall comply in all material respects with its respective obligations pursuant to all data protection legislation from time to time in force, including the Data Protection ▇▇▇ ▇▇▇▇ and FOIA. 23.2 The Placement Provider warrants that it has appropriate technical and organisational measures in place to protect any personal data it is processing on the Authority’s behalf against any unauthorised or unlawful processing and against any accidental loss, destruction or damage and undertakes to maintain such measures during the course of this Agreement. The Placement Provider shall also take all reasonable steps to ensure the reliability of its staff and/or agents, consultants and sub-contractors having access to any such personal data and that the same only have such access to such personal data as is strictly necessary for the provision of the Services pursuant to this Agreement. 23.3 Upon reasonable notice the Placement Provider shall allow the Authority access to any relevant Premises owned or controlled by it to enable the Authority to inspect its procedures described at Clause 23.2 above and will upon the Authority’s request from time to time prepare a report for it on the 1 The terms of the Fair Processing Notice which “Learners” are asked to sign when their personal data is initially captured needs to be understood. technical and organisational measures it has in place to protect the personal data it is processing on the Authority’s behalf.
View Source
DATA PROTECTION1. 10.1. You shall (and procure that any of your staff involved in connection with the activities under this agreement) shall comply with any notification requirements under the Data Protection ▇▇▇ ▇▇▇▇ (“DPA”) and the parties will duly observe all their obligations under the DPA, which arise in connection with this agreement.
View Source

Related to DATA PROTECTION1

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (▇▇▇▇)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the ▇▇▇▇ of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto. 8.2 The Receiving Party warrants that it and its Agents have the appropriate technical and organisational measures in place against unauthorised or unlawful processing of data relating to the Bid and against accidental loss or destruction of, or damage to such data held or processed by them.

  • Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.