Instructions and Security Clause Samples

Instructions and Security. Introduction to Clause 3
View Source
Instructions and Security. 2.1 The Data Processor shall only process personal data based on documented instructions from the Data Controller, unless the Data Processor is required to process the personal da- ta to comply with European Union or Member State law to which the Data Processor is subject. In that case, the Data Processor shall inform the Data Controller hereof before the Data Processor processes the data. 2.2 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Data Processor shall take all measures re- quired pursuant to the Data Protection Legislation, including implementing appropriate technical and organizational security measures to protect the personal data against acci- dental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse or other processing in violation of the provisions laid down in the Data Protection Legislation. 2.3 At the Data Controller’s reasonable request, the Data Processor shall provide the infor- mation and documentation needed for the Data Controller to demonstrate compliance with the security provisions in the Data Protection Legislation. 2.4 Upon the Data Controller’s written request, the Data Processor shall permit the Data Con- troller or any third party appointed by the Data Controller (subject to reasonable and ap- propriate confidentiality undertakings), to audit the Data Processor’s data processing ac- tivities and compliance with all reasonable requests or directions by the Data Controller to enable the Data Controller to verify and/or procure that the Data Processor and/or sub- processors are in full compliance with their obligations under this Agreement and the Data Page 3 Protection Legislation. Unless required by the Data Protection Legislation or a data breach has occurred, no audits will be conducted more than once in any twelve (12) month period. The Data Processor shall be entitled to charge the Data Controller a reasonable fee for its assistance in relation to the conduct of any audits. 2.5 The Data Processor must upon the request of any public authority, grant the authority ac- cess to perform an audit or other investigation of the processing of personal data conduct- ed by the Data Processor. The Data Processor shall without undue delay inform the Data Controller in writing upon receiving such request, unless this...
View Source

Related to Instructions and Security

  • Password and Security If you are issued or create any password or other credentials to access the Service or the portion of the Site through which the Service is offered, you agree not to give or make available your password or credentials to any unauthorized individuals, and you agree to be responsible for all actions taken by anyone to whom you have provided such credentials. If you believe that your credentials have been lost or stolen or that someone may attempt to use them to access the Site or Service without your consent, you must inform us at once at the telephone number provided in Section 6 of the General Terms above. See also Section 16 of the General Terms above regarding how the timeliness of your notice impacts your liability for unauthorized transfers.

  • Access and Security Customer shall employ all physical, administrative and technical controls, screening and security procedures and other safeguards necessary to: (a) securely administer the distribution and use of all Access Credentials and protect against any unauthorized access to or use of the Hosted Services; and (b) control the content and use of Customer Data, including the uploading or other provision of Customer Data for Processing by the Hosted Services.

  • Borrowing and Security To borrow funds and to mortgage and pledge the assets of the Trust or any part thereof to secure obligations arising in connection with such borrowing;

  • Collateral and Security Section 10.01.

  • Privacy and Security (a) Each of the Company and its Subsidiaries complies (and requires and monitors the compliance of applicable third parties) in all material respects with all applicable Laws relating to privacy or data security, and reputable industry practice, standards, self-governing rules and policies and their own published, posted and internal agreements and policies (which are in conformance with reputable industry practice) (all of the foregoing collectively, “Privacy Laws”) with respect to: (i) personally identifiable information (including name, address, telephone number, electronic mail address, social security number, bank account number or credit card number), sensitive personal information and any special categories of personal information regulated thereunder or covered thereby (“Personal Information”), whether any of same is accessed or used by the Company or any of its Subsidiaries or any of their respective business partners; and (ii) non-personally identifiable information, whether any of same is accessed or used by the Company or any of its Subsidiaries or any of their respective business partners. (b) Neither the Company nor any of its Subsidiaries uses, collects, or receives any Personal Information or sensitive non-personally identifiable information and does not become aware of the identity or location of, or identify or locate, any particular Person as a result of any receipt of such Personal Information, in a manner which would materially breach or violate any Privacy Laws and materially and adversely impact the business of the Company and its Subsidiaries, taken as a whole. (c) To the Company’s knowledge, Persons with which the Company or any of its Subsidiaries have contractual relationships have not breached any agreements or any Privacy Laws pertaining to Personal Information and to non-personally identifiable information. (d) To the Company’s knowledge, the Company and its Subsidiaries take all commercially reasonable steps to protect the operation, confidentiality, integrity and security of their respective business systems and websites and all information and transactions stored or contained therein or transmitted thereby against any unauthorized or improper use, access, transmittal, interruption, modification or corruption, and there have been no material breaches of same. Without limiting the generality of the foregoing, each of the Company and its Subsidiaries (i) uses industry standard encryption technology and (ii) has implemented a comprehensive security plan that (1) identifies internal and external risks to the security of the Company’s or its Subsidiaries’ confidential information and Personal Information and (2) implements, monitors and improves adequate and effective safeguards to control those risks.