Notification Format and Content Clause Samples
The Notification Format and Content clause defines the required structure and information that must be included when one party provides formal notice to the other under the agreement. Typically, this clause specifies details such as the method of delivery (e.g., email, registered mail), the necessary information to identify the subject of the notice, and any required supporting documentation. By standardizing how notifications are made and what they must contain, this clause ensures that communications are clear, complete, and legally effective, thereby reducing the risk of misunderstandings or disputes over whether proper notice was given.
Notification Format and Content. Notification of a Data Security Breach will be in writing to the information/administrative contact identified by the Parties, though communication may take place first via telephone. The notifying Party must be provided the following information, to the greatest extent possible, with further updates as additional information comes to light:
i. A description of the nature of the incident and likely consequences of the incident;
ii. Expected resolution time (if known);
iii. A description of the measures taken or proposed to address the incident including, measures to mitigate its possible adverse effects the Parties and/or Shared Personal Data;
iv. The categories and approximate volume of Shared Personal Data and individuals potentially affected by the incident, and the likely consequences of the incident on that Shared Personal Data and associated individuals; and
v. The name and phone number of a representative the Party may contact to obtain incident updates.
Notification Format and Content. Notification of a Data Security Breach must be in writing via email or other secure method of electronic communication authorized by ICANN to an information or administrative contact identified by the parties (which shall be identified by the parties promptly following the date of this Data Processing Specification and updated as necessary to replace such contact), though communication may take place first via telephone. Any other provisions specifying the manner in which notice is to be provided under the Agreement or the content of such notice do not apply to the notification of a Data Security Breach pursuant to this Section 6 of the Data Processing Specification. Concurrent with the notification provided pursuant to Section 6.1, the notifying party must, to the greatest extent possible, provide the information described in Sections 6.2.1 through Section 6.2.5 below, and shall thereafter regularly update, as additional information becomes available, the information provided to the other party pursuant to this Section 6.2.
6.2.1. A reasonably detailed description of the nature of the incident;
6.2.2. Expected resolution time (if known);
6.2.3. A description of the measures taken or proposed to address the incident, including measures to mitigate the incident’s possible adverse effects on Data Subjects and the parties;
6.2.4. The categories and approximate volume of Personal Registration Data and Data Subjects potentially affected by the incident, and an assessment of the likely risks to and consequences of the incident on that Personal Registration Data and associated Data Subjects; and
6.2.5. The name, email address, and telephone number of a representative of the notifying party with up-to-date knowledge of the incident who may be contacted to obtain incident updates.
Notification Format and Content. Notification of a Data Security Breach will be in writing to the information/administrative contact identified by the Parties, though communication may take place first via telephone. The notifying Party must be provided the following information, to the greatest extent possible, with further updates as additional information comes to light: A description of the nature of the incident and likely consequences of the incident; Expected resolution time (if known); A description of the measures taken or proposed to address the incident including, measures to mitigate its possible adverse effects the Parties and/or Shared Personal Data; The categories and approximate volume of Shared Personal Data and individuals potentially affected by the incident, and the likely consequences of the incident on that Shared Personal Data and associated individuals; and The name and phone number of a representative the Party may contact to obtain incident updates.