Personal Data Security. 5.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Processor shall implement appropriate technical and organizational measures (Annex 2) to ensure a level of Controller Personal Data security appropriate to the risk, including but not limited to:
Personal Data Security. Each of the Parties undertakes to implement the appropriate technical means to ensure the security of the personal data. TEHTRIS undertakes to implement technical and organizational measures to prevent any access to or fraudulent use of the personal data and to prevent any loss, alteration or destruction of the personal data, in particular all of the undertakings set out in the TEHTRIS Quality Charter, attached to this Agreement.
Personal Data Security. 13.1. In the course of providing the services and delivering the Products, the Company collects personal data from the Clients and in particular the following data : - names ; - first names ; - e-mail address ; - address ; - phone number ; - details of your correspondence with us, including assistance ;
Personal Data Security. The Parties acknowledge that they shall protect the Personal Data against any unauthorised or unlawful processing and against the accidental loss, destruction or damage. Each party is responsible on its own for the implementation of appropriate technical and organisational measures in order to guarantee the integrity and confidentiality of Personal Data, in accordance with article 32 of the GDPR.
Personal Data Security. Without limiting Service Provider’s obligations under this Agreement or respective Service Agreements with respect to data security, Service Provider shall:
Personal Data Security. 1. In order to assure the personal data security, Processor certain defensive mechanisms which penetrate one another were introduced. Such mechanisms include physical securities, equipment related measures, organizational procedures and IT solutions.
Personal Data Security. The Company and any third parties having authorized access to Personal Data or User Data) have in place, maintain, and comply with a comprehensive written information security program (“Security Program”) that (A) complies with all applicable Privacy and Security Requirements and industry standards to safeguard the security of Company Information and (B) includes and incorporates all administrative, technical, organizational, and physical security procedures and measures that are reasonable and appropriate to preserve the security, integrity and confidentiality of all Personal Data and User Data in the Company’s possession or control.
Personal Data Security. 3.1. HotelREZ shall ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and HotelREZ Services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it).
Personal Data Security. The Data Processor shall ensure, through appropriate planned, systematic, organizational and technical measures, adequate information security in terms of confidentiality, integrity and availability in connection with the processing of personal data in accordance with GDPR Article 32. The Data Processor should be able to document security measures. The documentation must be made available at the Data Controller's request. The Data Processor shall ensure satisfactory personal data security regarding: • confidentiality, i.e., the data is not available to persons who do not have legal access to the data, • integrity, i.e. the data is not changed in an unauthorized or unintended manner and • availability, i.e. the data is available and operative for legitimate and authorized use. The Data Processor shall have routines and systematic processes to follow up on violations of personal data security ("Deviation"). If the Deviation is caused by the Data Controller, or circumstances within the control of the Data Controller, the Data Processor may invoice the Data Controller for work related to follow-up of the Deviation in accordance with the rates stated in the Terms-of-Use Agreement and/or the Service Level Agreement. The Data Processor shall, without undue delay, notify the Data Controller of the Deviation. The Data Processor shall provide the Data Controller with the necessary information to enable the Data Controller to comply with applicable laws regarding the processing of Personal Data and to enable the Data Controller to respond to requests from data supervisory authorities in the event of Deviations. It is the responsibility of the Data Controller to report nonconformities to the Norwegian Data Protection Authority in accordance with applicable legislation. The Data Processor will not disclose passwords to the Data Controller's users without the Data Controller requesting this in writing. All passwords to Data Controller's users are stored with irreversible encryption, and it is physically impossible for the Data Processor to disclose passwords in plain text. The Data Processor provides system backups and data according to current Service Level Agreement (SLA). If personal data is to be transmitted electronically internally at the Data Controller or from the Data Controller to the Data Processor, the Data Processor recommends that transmission is done in encrypted form or otherwise secured by further agreement with the Data Processor.
Personal Data Security. The Recipient shall maintain and shall continue to maintain appropriate technical and organisational security measures to protect such Personal Data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access, in particular where the Processing involves the transmission of data over a network, and against all other unlawful forms of Processing, and in addition shall comply with the Vodafone Group Minimum Security Requirements.
