Organisational Measures Sample Clauses

The 'Organisational Measures' clause defines the requirements for implementing internal policies, procedures, and controls to protect data or ensure compliance within an organization. This may include staff training, access controls, incident response plans, and regular audits to safeguard sensitive information or maintain regulatory standards. Its core function is to establish a framework that minimizes risks related to data breaches or non-compliance by ensuring that the organization takes proactive steps to manage and secure its operations.
Organisational Measures. Data Processor shall ensure that the following measures are taken with respect to the collection, holding and processing of personal data: ◼ A designated officer (“the Designated Officer”) within Data Processor shall be appointed with the specific responsibility of overseeing data protection and ensuring compliance with Data Protection Legislation. ◼ All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor are made fully aware of both their individual responsibilities and Data Processor’s responsibilities under Data Protection Legislation and shall be furnished with a copy of this Policy. ◼ All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately trained to do so. ◼ All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately supervised. ◼ Methods of collecting, holding and processing personal data shall be regularly evaluated and reviewed. ◼ The Performance of those employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data shall be regularly evaluated and reviewed. ◼ All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be bound to do so in accordance with the principles of Data Protection Legislation and this Policy by contract. Failure by any employee to comply with the principles or this Policy shall constitute a disciplinary offence. Failure by any contractor, agent, consultant, partner or other party to comply with the principles or this Policy shall constitute a breach of contract. In all cases, failure to comply with the principles or this Policy may also constitute a criminal offence under Data Protection Legislation. ◼ All contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data must ensure that any and all of their employees who are involved in the processing of personal data are held to the same conditions as those relevant employees of Data Processor arising out of this Policy and Data Protection Legislation. ◼ Where any contractor, agent, consultant, partner or other party working on behalf of Data Processor handling personal data fails in their obligations under this Policy that part...
Organisational Measures. Time lost due to sickness and workplace accidents - 5 days per employee p.a.
Organisational Measures. The Data Processor has in place the following policies: • Data Protection PolicyPersonal data breach Policy • IT Communications and Systems Policy • Data Security PolicyBusiness Continuity Policy
Organisational Measures a) Access Control a. SalesVista restricts access to Customer Data to employees with a business need-to-know or role requiring such access b. SalesVista maintains user access controls with timely provisioning and removal of access. c. SalesVista regularly audits user account access b) Business Continuity a. SalesVista maintains business continuity plans that incorporate disaster recovery (BC/DR) in order to minimize service downtime b. BC/DR plans, policies, and are reviewed and updated at regular intervals c) Change Control a. SalesVista maintains policies and procedures that require documented and formally approved changes prior to any changes to the Service
Organisational Measures. 2.1 The Data Importer shall adopt adequate internal policies with clear allocation of responsibilities for data transfers, reporting channels and standard operating procedures for cases of formal or informal requests from public authorities to access the data. 2.2 The Data Importer shall document and record the requests for access received from public authorities and the response provided, alongside the legal reasoning and the actors involved and make these records available to the data exporter. 2.3 If an essentially equivalent level of protection of the Agreement Personal Data to that afforded within the European Economic Area (EEA) cannot be guaranteed in a third country, the Data Importer shall not transfer any Agreement Personal Data to such country, will not cause or permit any onward transfer to such country, and/or will suspend ongoing transfers to such country.
Organisational Measures. Unifrog will require the Schools to implement the following organisational measures to complement the technical and contractual measures set out above, in order to ensure an essentially equivalent level of protection of the personal data to that guaranteed within the UK:  the adoption of internal policies with clear allocation of responsibilities for data transfers, and standard operating procedures for cases of official requests from public authorities to access the data.  specific training procedures for School personnel in charge of managing requests for access to personal data from public authorities.  the documentation and recordal of requests for access received from public authorities provided, alongside the reasoning and the actors involved (e.g. whether Unifrog has been notified and its reply, the School’s assessment of such requests, etc). To the extent permitted by law, these records shall be made available to Unifrog, who should in turn provide them to the data subjects concerned where required.  the adoption of data access and confidentiality policies and best practices, including emphasising the need to keep passwords confidential, and deterring teachers and other school staff from downloading personal data from the Unifrog Platform.  the regular review of internal policies to assess the suitability of the measures referred to above and implement additional or alternative solutions when necessary, to ensure that an equivalent level of protection to that guaranteed within the UK of the personal data transferred is maintained.
Organisational Measures. The parties to this agreement have set the following sick leave performance target: 4.2.1. Actual sick leave per staff member to average two days in each year.
Organisational Measures. We take the following measures with respect to the collection, holding, and processing of personal data: a. All employees, agents, contractors, or other parties working on our behalf have been made fully aware of both their individual responsibilities and our responsibilities under the GDPR; b. All our employees, agents, contractors, or other parties working on our behalf handling personal data have been appropriately trained to do so; c. Methods of collecting, holding, and processing personal data shall be regularly evaluated and reviewed; d. The performance of those employees, agents, contractors, or other parties working on our behalf handling personal data shall be regularly evaluated and reviewed;
Organisational Measures. 4.1 Processor has appointed a Data Protection Officer voluntarily who can be contacted at ▇▇▇@▇▇▇▇▇▇▇▇.▇▇▇ and has appointed a Chief Security Officer to assist the Data Protection Officer with their role and to continuously monitor Processor’s data security practices. 4.2 Processor has instigated an ongoing programme of GDPR awareness training within its organisation and receives Executive level support for data protection initiatives. 4.3 Processor has adopted the following non-exhaustive policies in relation to GDPR compliance to assist the Controller with its obligations: • Data Breach Notification Policy; • Data Protection Policy; • Data Retention Policy; • Data Subject Access Request Policy; and • Privacy Policy available at: ▇▇▇▇▇://▇▇▇▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/Privacy_and_Security#EU_Data_Protection_and_GDPR_Compliance The Standard Contractual Clauses for the transfer of personal data to processors outside the European Economic Area (New Processor Clause), last updated February 2010, are hereby incorporated into this Agreement by reference, amended as follows:
Organisational Measures a. The Data Importer is responsible for ensuring that organisational and management structures are present to protect personal data, including ensuring that clear roles, responsibilities, reporting lines and sufficient staff are provided in order to protect personal data. b. The Data Importer is responsible for ensuring that staff members are aware of their responsibilities in relation to the security of personal data, which includes (i) implementing an appropriate security awareness program and mandatory, guided training in information security; (ii) informing staff members that passwords must not be shared or compromised or disclosed; (iii) instructions to avoid disclosure of information without appropriate senior management authorisation; (iv) instructions not to use personal data unless explicitly authorised to do so; and (v) the handling of security breaches. WPO Policy references include, without limitation: