Data Security Incidents Clause Samples
POPULAR SAMPLE Copied 2 times
Data Security Incidents. (a) The Supplier must document, implement and maintain a plan setting out the Suppliers' policies, systems and procedures for responding to any Data Security Incident (the Data Security Response Plan). The Supplier must make the Data Security Response Plan available for inspection by Suncorp if requested by Suncorp.
(b) The Supplier must implement and maintain robust mechanisms in place to detect and respond to any actual or suspected Data Security Incidents.
(c) The Supplier must:
(i) immediately, and in any event within 24 hours, inform Suncorp in writing of (A) any actual or suspected Data Security Incident or (B) any data security incident that has been notified to other regulators in Australia or other jurisdictions. The notification given by the Supplier must, at a minimum:
A. describe the nature of the Data Security Incident and, if applicable, the categories and numbers of persons, and the categories and numbers of Personal Information records, affected or otherwise concerned;
B. include the name and contact details of the data protection officer or other relevant contact from whom more information may be obtained;
C. where available, describe the likely consequences of the Data Security Incident and any measures taken or proposed to be taken to address it;
(ii) regularly update Suncorp on all known details about the Data Security Incident, including details of the Suncorp Data, Personal Information and/or systems of Suncorp and/or the Supplier that have been accessed or compromised, whether the Data Security Incident has ceased or is ongoing, the root cause of the Data Security Incident, and any the progress of any remedial actions;
(iii) take immediate action to stop the Data Security Incident (including where relevant by preventing access) and minimise and mitigate its effects;
(iv) retain and preserve all data critical to identifying the nature, extent and cause of the Data Security Incident;
(v) follow all reasonable directions from Suncorp regarding the Data Security Incident and cooperate with Suncorp in any investigation or audit in respect of the Data Security Incident.
(d) Suncorp is solely responsible for determining whether a Data Security Incident would be likely to result in serious harm to any of the individuals to whom any Personal Information the subject of the actual or suspected Data Security Incident relates, and the Supplier must not disclose to any third party (including any regulatory authority) the existence of or circumstan...
Data Security Incidents. Seller has implemented commercially reasonable administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of the Acquired Assets and any data processed or stored in connection therewith. To SD’s and S▇▇▇▇▇’s knowledge, during the past twenty-four (24) months there has been no unauthorized access to, breach of, or material compromise of any of the systems used in connection with the Acquired Assets, except as disclosed on Schedule 12.
Data Security Incidents. ESE is responsible for any and all Data Security Incidents involving Confidential Utility Information that is Processed by, or on behalf of, ESE. ESE shall notify Utility in writing immediately (and in any event within forty-eight (48) hours) whenever ESE reasonably believes that there has been a Data Security Incident. After providing such notice, ESE will investigate the Data Security Incident, and immediately take all necessary steps to eliminate or contain any exposure of Confidential Utility Information and keep Utility advised of the status of such Data Security Incident and all matters related thereto. ESE further agrees to provide, at ESE’s sole cost:, (1) reasonable assistance and cooperation requested by Utility and/or Utility’s designated representatives, in the furtherance of any correction, remediation, or investigation of any such Data Security Incident; (2) and/or (2) the mitigation of any damage, including any notification required by law or that Utility may determine appropriate to send to individuals impacted or potentially impacted by the Data Security Incident; and (3), and/or (3) the provision of any credit reporting service required by law or that Utility deems appropriate to provide to such individuals. In addition, within thirty (30) days of identifying or being informedconfirmation of a Data Security Incident, ESE shall develop and execute a plan, subject to Utility’s approval, which approval will not be unreasonably withheld, that reduces the likelihood of a recurrence of such Data Security Incident. ESE agrees that Utility may at its discretion and without penalty immediately suspend performance hereunder and/or terminate the AddendumAgreement if a Data Security Incident occurs and it has a reasonable belief of potential ongoing harm. Any suspension made by Utility pursuant to this paragraph 11 will be temporary, lasting until the Data Security Incident has ended, the ESE security has been restored to the reasonable satisfaction of the Utility so that Utility IT systems and Confidential Utility Information are safe and the ESE is capable of maintaining adequate security once electronic communication resumes. No other suspension may occur exceptAll processesActions made pursuant to this paragraph, including a suspension will be made, or subject to dispute resolution and appeal as applicable, pursuant to the UBP or UBP DERS UBP processes as approved by the Commission.
Data Security Incidents. 4.1 Data Security Incidents. AuditBoard will notify Customer of any Data Security Incident as outlined in section 6 of the Agreement for Personal Data breaches.
Data Security Incidents. (a) Upon becoming aware of a Data Security Incident, the Processor shall inform the other Party without undue delay and shall provide such timely information and assistance in accordance with clause 3.7 as the other Party may require in order for the other Party to fulfil its data breach reporting obligations under Data Protection Law and to mitigate the effects of the Data Security Incident.
(b) Where China Unicom is acting as the Processor, the Customer understands and accepts that the performance by China Unicom of certain Services may carry a risk to the Customer of loss or corruption of data. China Unicom's obligations in respect of data backup or retention shall be set out in the applicable Services Agreement. The Customer understands and accepts that, save to the extent of any obligations detailed in this Data Processing Agreement or the relevant Services Agreement, the Customer shall bear full responsibility for the loss or corruption of data that may result from a Data Security Incident.
Data Security Incidents. SRCL Limited has a fully documented data security incident which includes:- Reporting procedures Incident reporting portal Defined escalation procedures Procedures audited in line with ISO 27001 requirements.
Data Security Incidents. If you suspect that your User Account, Personal Data or any of your password security details have been compromised, or become aware of any fraud, attempted fraud or any other security incident (including a cyber-attack) affecting you and/or WisdomTree, you must notify WisdomTree customer support as soon as possible at Customer Support Contacts, and continue to provide accurate and complete information throughout the duration of the security incident. You agree to take any steps or proactive measures reasonably required by WisdomTree to mitigate, manage or report any security incident. Failure to provide prompt notification of any security incident may be affect the appropriate resolution of the matter.
Data Security Incidents. 4.1. Annex 3 (Security Requirements) applies in the event of a Data / Security Incident.
Data Security Incidents. ThirdEach Party is responsible for any and all Data Security Incidents involving Confidential Utility Information that is Processed by, or on behalf of,Confidential Third Party. Information that is solely caused by each Party, or Third Party shallParty
Data Security Incidents. 4.1. Notice. KlearNow shall notify User within 48 hours of discovering that an Information Security Incident has occurred or is reasonably likely to occur to the extent such notice is required by the GDPR.