User Access Transfer Agent shall have a process to promptly disable access to Fund Data by any Transfer Agent personnel who no longer requires such access. Transfer Agent will also promptly remove access of Fund personnel upon receipt of notification from Fund.
Interconnection Customer Obligations The Interconnection Customer shall maintain the Large Generating Facility and the Interconnection Customer’s Interconnection Facilities in a safe and reliable manner and in accordance with this LGIA.
SUPPLIER’S OBLIGATIONS 6.1 The Supplier undertakes that the Services will be performed substantially in accordance with the Documentation and with reasonable skill and care.
Additional Access Rights For the avoidance of doubt any grant of Access Rights not covered by the Grant Agreement or this Consortium Agreement shall be at the absolute discretion of the owning Party and subject to such terms and conditions as may be agreed between the owning and receiving Parties.
The Supplier's Obligations The Supplier will in writing, by the time and date specified by the Contracting Body in accordance with paragraph 3.1.3(b) provide the Contracting Body with either:
Processor’s Obligations Except where expressly permitted by Article 28 (3)(a) GDPR, Processor shall process data subjects’ Data only within the scope of the Agreement and the instructions issued by Controller. Where Processor believes that an instruction would be in breach of applicable law, Processor shall notify Controller of such belief without undue delay. Processor shall be entitled to suspend performance on such instruction until Controller confirms or modifies such instruction. Processor shall, within Processor’s scope of responsibility, organize Processor’s internal organization so it satisfies the specific requirements of data protection. Processor shall implement technical and organizational measures to ensure the adequate protection of Controller’s Data, which measures shall fulfil the requirements of the GDPR and specifically its Article 32. Processor shall implement technical and organizational measures and safeguards that ensure ongoing confidentiality, integrity, availability and resilience of processing systems and services and shall implement a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. Controller is familiar with these technical and organizational measures, and it shall be Controller’s responsibility that such measures ensure a level of security appropriate to the risk. The parties agree to refer to the existing certification of Processor by Kiwa International Cert GmbH in accordance with DIN ISO/IEC 27001:2015 which is considered sufficient evidence for these purposes by Controller and which is available on the website of Processor (xxx.xxxxxxx.xxx). Processor reserves the right to modify the measures and safeguards implemented, provided, however, that that the level of security shall not be less protective than initially agreed upon. Processor shall support Controller, insofar as is agreed upon by the parties, and where possible for Processor, in fulfilling data subjects’ requests and claims, as detailed in chapter III of the GDPR and in fulfilling the obligations enumerated in Articles 33 to 36 GDPR. Processor shall ensure that all employees involved in Contract Processing of Controller’s Data and other such persons as may be involved in Contract Processing within Processor’s scope of responsibility shall only do so within the scope of the instructions. Furthermore, Processor shall ensure that any person entitled to process Data on behalf of Controller has undertaken a commitment to confidentiality under terms similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Contract Processing. Processor shall notify Controller without undue delay if Processor becomes aware of any Data breaches within Processor’s scope of responsibility. Processor shall implement the measures necessary for securing Data and for mitigating potential negative consequences for the data subject; the Processor shall coordinate such efforts with Controller without undue delay. Processor shall notify to Controller the point of contact for any issues related to data protection arising out of or in connection with the Agreement. The Exhibit provides for a list of the initially designated persons. Processor shall correct or erase Data if so instructed by Controller and where covered by the scope of the instructions permissible. Where an erasure, consistent with data protection requirements, or a corresponding restriction of processing is impossible, Processor shall, based on Controller’s instructions, and unless agreed upon differently in the Agreement, destroy, in compliance with data protection requirements, all carrier media and other material or return the same to Controller. In specific cases designated by Controller, such Data shall be stored or handed over. The associated cost for doing so and protective measures to put in place shall be agreed upon separately, unless already agreed upon in the Agreement. Processor shall, upon termination of Contract Processing and upon Controller’s instruction, return all Data, carrier media and other materials to Controller or delete the same. Where a data subject asserts any claims against Controller in accordance with Article 82 of the GDPR, Processor shall support Controller in defending against such claims, where possible at Controller’s cost as set out in Section 6 para. 3. § 4Controller’s Obligations Controller shall notify Processor without undue delay, and comprehensively, of any defect or irregularity with regard to provisions on data protection detected by Controller in the results of Processor’s work.
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
Data Access Control Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage. Measures: • As part of the SAP Security Policy, Personal Data requires at least the same protection level as “confidential” information according to the SAP Information Classification standard. • Access to Personal Data is granted on a need-to-know basis. Personnel have access to the information that they require in order to fulfill their duty. SAP uses authorization concepts that document grant processes and assigned roles per account (user ID). All Customer Data is protected in accordance with the SAP Security Policy. • All production servers are operated in the Data Centers or in secure server rooms. Security measures that protect applications processing Personal Data are regularly checked. To this end, SAP conducts internal and external security checks and penetration tests on its IT systems. • SAP does not allow the installation of software that has not been approved by SAP. • An SAP security standard governs how data and data carriers are deleted or destroyed once they are no longer required.
Customer’s Obligations 8.1 The Customer shall:
Collateral Access Agreements Such Grantor shall use commercially reasonable efforts to obtain a Collateral Access Agreement, from the lessor of each leased property, mortgagee of owned property or bailee or consignee with respect to the operator of any warehouse, processor or converter facility or other location (each of which is identified on Exhibit B hereto), where Collateral in excess of $1,000,000 is stored or located at any given time (other than (i) company-owned facilities and (ii) retail stores), which agreement or letter shall provide access rights, contain a waiver or subordination of all Liens or claims that the landlord, mortgagee, bailee or consignee may assert against the Collateral at that location, and shall otherwise be reasonably satisfactory in form and substance to the Administrative Agent. With respect to such locations or warehouse space leased as of the Effective Date and thereafter where Collateral in excess of $1,000,000 is stored or located (other than (i) company-owned facilities and (ii) retail stores), if the Administrative Agent has not received a Collateral Access Agreement as of the Effective Date (or, if later as of the date such location is acquired or leased), the Borrower’s Eligible Inventory at that location shall be subject to such Reserves as may be established by the Administrative Agent. After the Effective Date, no real property or warehouse space shall be leased by such Grantor (other than retail stores) and no Inventory shall be shipped to a processor or converter under arrangements established after the Effective Date, unless and until a satisfactory Collateral Access Agreement shall first have been obtained with respect to such location or if it has not been obtained, the Borrower’s Eligible Inventory at that location shall be subject to the establishment of Reserves acceptable to the Administrative Agent. Such Grantor shall timely and fully pay and perform its obligations under all leases and other agreements with respect to each leased location or third party warehouse where any Collateral is or may be located.
