INTERNATIONAL BOYCOTT PROHIBITION In accordance with Section 220-f of the Labor Law and Section 139-h of the State Finance Law, if this contract exceeds $5,000, the Contractor agrees, as a material condition of the contract, that neither the Contractor nor any substantially owned or affiliated person, firm, partnership or corporation has participated, is participating, or shall participate in an international boycott in violation of the federal Export Administration Act of 1979 (50 USC App. Sections 2401 et seq.) or regulations thereunder. If such Contractor, or any of the aforesaid affiliates of Contractor, is convicted or is otherwise found to have violated said laws or regulations upon the final determination of the United States Commerce Department or any other appropriate agency of the United States subsequent to the contract's execution, such contract, amendment or modification thereto shall be rendered forfeit and void. The Contractor shall so notify the State Comptroller within five (5) business days of such conviction, determination or disposition of appeal (2NYCRR 105.4).
Other Methods of Procurement of Consultants’ Services The following table specifies methods of procurement, other than Quality and Cost-based Selection, which may be used for consultants’ services. The Procurement Plan shall specify the circumstances under which such methods may be used. Procurement Method
Prevention of Corruption The Contractor shall not offer, give, or agree to give anything, to any person an inducement or reward for doing, refraining from doing, or for having done or refrained from doing, any act in relation to the obtaining or execution of the Contract or for showing or refraining from showing favour or disfavour to any person in relation to the Contract.
COMPETENT SUPERVISORY AUTHORITY Identify the competent supervisory authority/ies in accordance with Clause 13 … ANNEX II - TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA EXPLANATORY NOTE: The technical and organisational measures must be described in specific (and not generic) terms. See also the general comment on the first page of the Appendix, in particular on the need to clearly indicate which measures apply to each transfer/set of transfers. Description of the technical and organisational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons. [Examples of possible measures: • Measures of pseudonymisation and encryption of personal data • Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services • Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident • Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures in order to ensure the security of the processing • Measures for user identification and authorisation • Measures for the protection of data during transmission • Measures for the protection of data during storage • Measures for ensuring physical security of locations at which personal data are processed • Measures for ensuring events logging • Measures for ensuring system configuration, including default configuration • Measures for internal IT and IT security governance and management • Measures for certification/assurance of processes and products • Measures for ensuring data minimisation • Measures for ensuring data quality • Measures for ensuring limited data retention • Measures for ensuring accountability • Measures for allowing data portability and ensuring erasure]
Cooperation with supervisory authorities 1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
