Encryption Uses Clause Samples
The 'Encryption Uses' clause defines the requirements and standards for encrypting data within the scope of an agreement. It typically specifies which types of data must be encrypted, such as personal information or confidential business records, and may outline acceptable encryption methods or technologies. By establishing clear expectations for data protection, this clause helps ensure the security of sensitive information and reduces the risk of unauthorized access or data breaches.
Encryption Uses. Customer Personal Data must be protected, and should be encrypted, while in transit and at rest. Customer Content must be protected, and should be encrypted when stored and while in transit over any network; authentication credentials must be encrypted at all times, in transit or in storage.
Encryption Uses. Company Data transmission over the public internet always utilizes encrypted channel. Encryption details are documented if transmission is automated. Approved and dedicated staff is responsible for encrypting/decrypting the data, if manual. Company Data must also be encrypted while in transit over any network. VPN transmissions are performed over an encrypted channel. Controller provides support case data in an encrypted manner to processor. Case resolution is done in a secured environment. 60 days after case is closed, support case data is deleted. All access to the data centers where Company data is stored, is restricted to ASCI’s IT Operations Team according to ASCI Information Access Control Policies (ASCI follows the principle of least privilege and only grants access based on role and business use case). Access rights are reviewed regularly or upon change of role/termination of an employee. Access to the environment where Company data is stored is strictly controlled and monitored. Company is responsible for managing access to their subscription data and are responsible for the lifecycle of those accounts. Company Subscription Administrators are responsible for user administration and related password policies within the application. The Company is responsible for the lifecycle of this account. Work is done in secure environment; data transfer is secured. Deletion of data after closing of sup- port case.