DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 20.1 The Parties acknowledge that for the purposes of the Data Protection Legislation, the Department on behalf of the Secretary of State for Education is the Data Controller and the Provider is the Data Processor only for the processing set out in Schedule 6 (i.e. submission of Learner data to the Department). Any other processing of Personal Data undertaken by the Provider (i.e. Learner enrolment or delivering education & training, e.g. e-portfolios) will be as a Data Controller and not on behalf of the Department. Clauses 20.2 to 20.14 below apply only in relation to the processing of Personal Data on behalf of the Department as set out in Schedule 6, and the only processing that the Data Processor is authorised to do on behalf of the Department is listed in Schedule 6 by the Department and may not be determined by the Data Processor.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 20.1 This Clause 20 applies to the Services except to the extent that it relates to the payment of the Sixth Form Grant to a sixth form by the Provider.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 16.1. The Parties acknowledge that for the purposes of the Data Protection Legislation, the ESFA on behalf of the Secretary of State for Education is the Controller and the Contractor is the Processor only for the processing set out in Schedule 2 (i.e. submission of Learner data to the ESFA). Any other processing of Personal Data (i.e. Learner enrolment or delivering education & training, e.g. e-portfolios) undertaken by the Contractor will be as a data controller and not on behalf of the ESFA. Clauses 16.2 to 16.14 below apply only in relation to the processing of Personal Data on behalf of the ESFA as set out in Schedule 2, and the only processing that the Processor is authorised to do on behalf of the ESFA is listed in Schedule 2 by the ESFA and may not be determined by the Processor.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 20.1 The Parties acknowledge that for the purposes of the Data Protection Laws, the Department on behalf of the Secretary of State for Education is the Controller and the Provider is the Processor only for the processing set out in Schedule 6 (i.e. submission of Learner data to the Department). Any other processing of Personal Data undertaken by the Provider (i.e. Learner enrolment or delivering education & training, e.g. e-portfolios) will be as a Data Controller and not on behalf of the Department. Clauses
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 23.1 The Parties acknowledge that for the purposes of the Data Protection Legislation, the Department on behalf of the Secretary of State for Education is the Data Controller and the College is the Data Processor only for the processing set out in Schedule 4 (UK GDPR/Data Protection) (i.e. submission of Learner data to the Department). Any other processing of Personal Data undertaken by the College (i.e. Learner enrolment or delivering education & training, e.g. e-portfolios) will be as a Data Controller and not on behalf of the Department. Clauses 23.2 to 23.14 below apply only in relation to the processing of Personal Data on behalf of the Department as set out in Schedule 4 (UK GDPR/Data Protection), and the only processing that the Data Processor is authorised to do on behalf of the Department is listed in Schedule 4 (UK GDPR/Data Protection) by the Department and may not be determined by the Data Processor.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 16.1 In this clause 16, the following words and expressions shall be defined as follows: Law: means any law, subordinate legislation within the meaning of Section 21(1) of the Interpretation Act 1978, bye-law, enforceable right within the meaning of Section 2 of the European Communities Act 1972, regulation, order, regulatory policy, mandatory guidance or code of practice, judgment of a relevant court of law, or directives or requirements with which the Processor is bound to comply. Processor Personnel: means all directors, officers, employees, agents, consultants and contractors of the Processor and/or of any Sub-Processor engaged in the performance of its obligations under this Contract. Data Protection Legislation (i) the GDPR, the LED and any applicable national implementing Laws as amended from time to time (ii) the DPA 2018 to the extent that it relates to processing of personal data and privacy; (iii) all applicable Law about the processing of personal data and privacy. Data Protection Impact Assessment: an assessment by the Controller of the impact of the envisaged processing on the protection of Personal Data. Controller, Processor, Data Subject, Personal Data, Personal Data Breach, Data Protection Officer take the meaning given in the GDPR. Data Loss Event: any event that results, or may result, in unauthorised access to Personal Data held by the Processor under this Contract, and/or actual or potential loss and/or destruction of Personal Data in breach of this Contract, including any Personal Data Breach. Data Subject Request: a request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to the Data Protection Legislation to access their Personal Data. DPA 2018: Data Protection Act 2018. GDPR: the General Data Protection Regulation (Regulation (EU) 2016/679). LED: Law Enforcement Directive (Directive (EU) 2016/680).
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 10.1. The following details apply to the processing being carried out under this agreement:
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 16.1 The Parties shall ensure that information acquired by the Parties and sub- contractors in the delivery of this Contract will at all times comply with the provisions and obligations imposed by the Data Protection Act 1998 and the Data Protection Principles together with any subsequent re-enactment or amendment thereof in storing and processing personal data, and all personal data acquired by either party from the other shall be returned to the disclosing party on request. Both Parties hereby acknowledge that performance of a duty imposed by the Act shall not constitute a breach of any obligation in respect of confidentiality which may be owed to the other party. The clause shall not affect THE SFA’s ability to make a search with a credit reference agency.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 16.1 The Parties shall ensure that information acquired by the Parties and sub- contractors in the delivery of this Contract will at all times comply with the provisions and obligations imposed by the Data Protection Xxx 0000 and the Data Protection Principles together with any subsequent re-enactment or amendment thereof in storing and processing personal data, and all personal data acquired by either party from the other shall be returned to the disclosing party on request. Both Parties hereby acknowledge that performance of a duty imposed by the Act shall not constitute a breach of any obligation in respect of confidentiality which may be owed to the other party. The clause shall not affect THE ESFA’s ability to make a search with a credit reference agency.
DATA PROTECTION AND PROTECTION OF PERSONAL DATA. 16.1. The Parties shall ensure that information acquired by the Parties and Sub- Contractors in the delivery of this Contract will at all times comply with the Data Protection Laws, and all personal data acquired by either party from the other shall be returned to the disclosing party on request. Both Parties hereby acknowledge that performance of a duty imposed by the Data Protection Laws shall not constitute a breach of any obligation in respect of confidentiality which may be owed to the other party. The clause shall not affect the ESFA’s ability to make a search with a credit reference agency.
