Common use of Privacy; Data Security Clause in Contracts

Privacy; Data Security. Each party shall ensure that any collection, use and disclosure of Customer Information obtained by such party pursuant to this Agreement complies with Data Protection Laws. Neither party shall send any unsolicited commercial email or other online communication (e.g., "spam") to Customers. You shall take all appropriate measures to secure the confidentiality of Customer Information in your possession and to protect such Customer Information from unauthorized use or disclosure. If either party shares any personal data (whether Customer Information or otherwise) with the other party pursuant to this Agreement, the following terms shall apply: 9.1 Each party shall only process the personal data in accordance with the Data Protection Laws, including: (a) process the personal data lawfully, fairly and in a transparent manner in relation to the data subjects; (b) treat the personal data as confidential and ensure that its employees will treat the personal data as confidential; (c) only process the personal data for limited and specified purposes; (d) not retain the personal data for longer than is necessary to carry out the purposes for which it has obtained the personal data; and (e) implement appropriate security measures to protect the personal data, including appropriate technical and organisational measures, to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage, including inter alia: (a) the pseudonymisation and encryption of the personal data; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (c) the ability to restore the availability and access to the personal data in a timely manner in the event of a physical or technical incident; and (d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. 9.2 Where either party becomes aware of inaccuracies of the personal data received from the other party, it will notify the other party thereof. 9.3 Each party may transfer the personal data outside the European Economic Area if it complies with the provisions of the Data Protection Laws on the transfer of personal data to third countries. 9.4 Each party will hold the other party harmless of any claims, damages, penalties and any costs or fees, of whatever nature incurred by the party or for which the party may become liable due to any failure by the other party or its employees or agents to comply with any of its obligations under this Section 9, or any Data Protection Laws.

Privacy; Data Security. Each party shall ensure that any collection, use and disclosure of Customer Information obtained by such party pursuant to this Agreement complies with Data Protection Laws. Neither party shall send any unsolicited commercial email or other online communication (e.g., "spam") to Customers. You shall take all appropriate measures to secure the confidentiality of Customer Information in your possession and to protect such Customer Information from unauthorized use or disclosure. If either party shares any personal data (whether Customer Information or otherwise) with the other party pursuant to this Agreement, the following terms shall apply: 9.1 Each party shall only process the personal data in accordance with the Data Protection Laws, including: (a) process the personal data lawfully, fairly and in a transparent manner in relation to the data subjects; (b) treat the personal data as confidential and ensure that its employees will treat the personal data as confidential; (c) only process the personal data for limited and specified purposes; (d) not retain the personal data for longer than is necessary to carry out the purposes for which it has obtained the personal data; and (e) implement appropriate security measures to protect the personal data, including appropriate technical and organisational measures, to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage, including inter alia: (ai) the pseudonymisation and encryption of the personal data; (bii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (ciii) the ability to restore the availability and access to the personal data in a timely manner in the event of a physical or technical incident; and (div) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. 9.2 Where either party becomes aware of inaccuracies of the personal data received from the other party, it will notify the other party thereof. 9.3 Each party may transfer the personal data outside the European Economic Area if it complies with the provisions of the Data Protection Laws on the transfer of personal data to third countries. 9.4 Each party will hold the other party harmless of any claims, damages, penalties and any costs or fees, of whatever nature incurred by the party or for which the party may become liable due to any failure by the other party or its employees or agents to comply with any of its obligations under this Section 9, or any Data Protection Laws.