Common use of Customer Data Clause in Contracts

Customer Data. 17.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Supplier: 17.4.6.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 5.1. The Supplier Customer shall not delete or remove any proprietary notices contained within or relating own all right, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data. 17.4.2 5.2. The Supplier shall follow its archiving procedures for Customer Data (available at such website address as may be notified to the Customer from time to time), as such document may be amended by the Supplier in its sole discretion from time to time. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure described above. The Supplier shall not storebe responsible for any loss, copydestruction, disclosealteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back- up). 5.3. The Supplier shall, or use in providing the Services, comply with its privacy policy relating to the privacy and security of the Customer Data except available at [INSERT WEB ADDRESS] or such other website address as necessary for may be notified to the performance Customer from time to time, as such document may be amended from time to time by the Supplier of in its sole discretion. 5.4. If the Supplier Processes any Personal Data on the Customer's behalf when performing its obligations under this Contract agreement, the parties record their intention that the Customer shall be the Data Controller and the Supplier shall be a Data Processor and in any such case: 5.4.1. the Supplier shall not transfer any Personal Data outside of the United Kingdom without the prior written consent of the Customer; 5.4.2. the Customer shall ensure that the Customer is entitled to transfer the relevant Personal Data to the Supplier so that the Supplier may lawfully use, Process and transfer the Personal Data in accordance with this agreement on the Customer's behalf; 5.4.3. the Customer shall ensure that the relevant third parties have been informed of, and where appropriate have given their consent to, such use, Processing, and transfer as required by all applicable Data Protection Legislation; 5.4.4. the Supplier shall Process the Personal Data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; 5.4.5. each party shall take appropriate technical and organisational measures against unauthorised or as otherwise expressly unlawful Processing of the Personal Data or its accidental loss, destruction or damage; 5.4.6. the Supplier shall ensure that persons authorised to Process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; 5.4.7. the Supplier shall ensure at all times it has in writing place appropriate technical and organisational measures to guard against unauthorised or unlawful Processing of the Personal Data and/or accidental loss, destruction or damage to the Personal Data and to enable the Customer to comply with its obligations under Article 32 of the GDPR; 5.4.8. the Supplier shall not engage another sub Data Processor to undertake any Processing of any Personal Data without the prior written authorisation of the Customer. Where such authorisation is granted by the Customer., the Supplier shall ensure that it enters into a contract with that sub Data Processor on the same or equivalent terms as are set out in this clause 5.4; 17.4.3 To 5.4.9. the extent that Supplier shall assist the Customer Data by implementing appropriate technical and organisational measures, insofar as this is held and/or processed by possible, for the fulfilment of the Customer's obligation to respond to Subject Access Requests, as well as providing all assistance and cooperation as the Customer may require to investigate or deal with any such Subject Access Requests; 5.4.10. insofar as this is possible given the nature of Processing and the information available to the Supplier, the Supplier shall supply that Customer Data to assist the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies ensuring compliance with the Security Policy. 17.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result obligations pursuant to Articles 32 to 36 of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Supplier:GDPR; 17.4.6.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then 5.4.11. the Supplier shall notify the Customer immediately of any Personal Data Breach within 24 hours of its occurrence, along with all supporting facts and inform information sufficient to allow the Customer to make any required report(s) to any relevant Data Subjects, the Information Commissioner or other regulatory or governmental body or bodies to which it is subject; 5.4.12. at the choice of the remedial action Customer, the Supplier proposes shall delete or return all the Personal Data to takethe Customer after the end of the provision of Services, and delete existing copies, unless the Supplier has a statutory duty to retain that Personal Data; and 5.4.13. the Supplier shall make available to the Customer, following a request for such, all information necessary to demonstrate compliance with the obligations laid down in the Data Protection Legislation and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer. 5.5. The provisions of this clause 5 shall apply during the continuance of the agreement and indefinitely after its termination.

Customer Data. 17.4.1 22.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 22.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 22.4.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 22.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 22.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 22.4.6 [The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited using [Security Policy Framework and IA Policy, taking into account guidance on Risk Management and Accreditation of Information Systems] [HMG IA Standard Number 2 (Risk Management and Accreditation of Information Systems)] and the Supplier shall review such accreditation status at least once in each calendar Year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation.] 22.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 22.4.7.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 22.4.7.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 22.4.8 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 19.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 19.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 19.4.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 19.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 19.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 19.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Supplier: 17.4.6.1 19.4.6.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 19.4.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 19.4.7 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 22.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 22.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 22.4.3 To the extent that the Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 22.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 22.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 22.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 22.4.6.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of the Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 22.4.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 22.4.7 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 19.3.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 19.3.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 19.3.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall shall: 19.3.3.1 supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall 19.3.3.2 take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 The Supplier 19.3.3.3 shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 If 19.3.3.4 if the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the SupplierCustomer: 17.4.6.1 (a) require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 (b) itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 19.3.4 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited using the Cabinet Office Security Policy Framework and IA Policy, taking into account guidance on Risk Management and Accreditation of Information Systems and the Supplier shall review such accreditation status at least once in each calendar Year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation. 17.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 17.4.7.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period any event within a reasonable timeframe as notified by the Customer; and/or 17.4.6.2 17.4.7.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 17.4.8 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 14.1 The Supplier Contractor shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 14.2 The Supplier Contractor shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier Contractor of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 14.3 To the extent that Customer Data is held and/or processed by the SupplierContractor, the Supplier Contractor shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writingSchedule 5. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier 14.4 The Contractor shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 14.5 The Supplier CONTRACTOR shall perform secure back-ups of all CUSTOMER Data and shall ensure that up-to-date back-ups are stored off-site in accordance with the BCDR Plan. The CONTRACTOR shall ensure that such back-ups are available to the CUSTOMER at all times upon request and are delivered to the CUSTOMER at no less than the period specified in Schedule XXX.The Contractor shall ensure that any system on which the Supplier Contractor holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 14.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the SupplierContractor's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 14.6.1 require the Supplier Contractor (at the SupplierContractor's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in the BCDR Plan and the Supplier Contractor shall do so as soon as practicable but not later than the period specified in accordance with the time period notified by the CustomerSchedule 5; and/or 17.4.6.2 14.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier Contractor any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 14.7 If at any time the Supplier Contractor suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier Contractor shall notify the Customer immediately and inform the Customer of the remedial action the Supplier Contractor proposes to take. 14.8 The Contractor shall retain Customer Data in accordance with applicable Law and shall delete or destroy such Customer Data on such date(s) as the Customer may specify from time to time upon written request from the Customer. The Contractor shall certify in writing to the Customer that it has complied with its obligations under this Clause 14.9 if the Customer so requests from time to time.

Customer Data. 17.4.1 42.1 For the avoidance of doubt, the Supplier shall not acquire any right in, or title to, any part of the Customer Data, whether existing prior to the Effective Date or created after such date. 42.2 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 42.3 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 42.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract schedule 2.1 (if anyServices Requirements) and and/or in any event as specified by the Customer from time to time in writingschedule 8.5 (Exit Management). 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the 42.5 The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 42.6 The Supplier shall perform secure back-ups of all Customer Data held and/or processed by the Supplier and shall ensure that up-to-date back-ups are stored in accordance with the ITSC Plan. The Supplier shall ensure that such back-ups are available to the Customer at all times upon request. 42.7 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 42.8 The Supplier shall ensure that, when disposing of any hardware during the course of performing the Services, it shall erase from any computers, storage devices and storage media any software containing Specially Written Software and/or all Customer Data. 42.9 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 42.9.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of such Customer Data to the extent and in accordance with the requirements specified in the ITSC Plan and schedule 2.1 (Services Requirements) and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customerpracticable; and/or 17.4.6.2 42.9.2 itself restore or procure the restoration of such Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the ITSC Plan and schedule 2.1 (Services Requirements). 17.4.7 42.10 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 22.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 22.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 22.4.3 To the extent that the Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 22.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 22.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 22.4.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited using HMG Security Policy Framework and IA Policy, taking into account HMG Information Assurance Standard Numbers 1 and 2 (Information Risk Management) and the Supplier shall review such accreditation status at least once in each calendar Year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation. 22.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 i. require the Supplier (at the Supplier's expense) to restore or procure the restoration of the Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 ii. itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 22.4.8 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer of this immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 16.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 16.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this the Additional Services Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 16.4.3 To the extent that the Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this the Additional Services Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 16.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 16.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 16.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 (a) require the Supplier (at the Supplier's expense) to restore or procure the restoration of the Customer Data to the extent possible and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 (b) itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 16.4.7 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall shall: (a) notify the Customer immediately and immediately; (b) inform the Customer of the remedial action the Supplier proposes to taketake and seek the Customer's Approval in relation thereto; and (c) follow the Customer's directions in undertaking any such remedial action.

Customer Data. 17.4.1 24.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 24.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 24.4.3 To the extent that Customer Data is held and/or processed Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 24.4.4 To the extent that Customer Data is held and/or processed Processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 24.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 24.4.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited using HMG IA Standard Number 2 (Risk Management and Accreditation of Information Systems) (a copy of which is available at on request and the Supplier shall review such accreditation status at least once in each calendar year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation. 24.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 24.4.7.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 24.4.7.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 24.4.8 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 16.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 16.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this the Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 16.4.3 To the extent that the Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this the Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 16.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 16.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 16.4.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 (a) require the Supplier (at the Supplier's expense) to restore or procure the restoration of the Customer Data to the extent possible and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 (b) itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 16.4.7 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall shall: (a) notify the Customer immediately and immediately; (b) inform the Customer of the remedial action the Supplier proposes to taketake and seek the Customer’s Approval in relation thereto; and (c) follow the Customer’s directions in undertaking any such remedial action.

Customer Data. 17.4.1 16.7.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 16.7.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this the Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 16.7.3 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 16.7.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 16.7.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policysecurity policy reasonably requested by the Customer. 17.4.6 16.7.6 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 16.7.6.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with any BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 16.7.6.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in any BCDR Plan. 17.4.7 16.7.7 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 24.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 24.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 24.4.3 To the extent that Customer Data is held and/or processed Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 24.4.4 To the extent that Customer Data is held and/or processed Processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 24.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 24.4.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited using HMG IA Standard Number 2 (Risk Management and Accreditation of Information Systems) (a copy of which is available at [ ]) and the Supplier shall review such accreditation status at least once in each calendar year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation. 24.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 24.4.7.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 24.4.7.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 24.4.8 If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 20.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 20.4.2 The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing Approved by the Customer. 17.4.3 20.4.3 To the extent that the Customer Data is held and/or processed Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 20.4.4 To the extent that Customer Data is held and/or processed Processed by the Supplier, the Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 20.4.5 The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy. 17.4.6 20.4.6 The Supplier shall ensure that any system on which the Supplier holds any Customer Data which is protectively marked shall be accredited and the Supplier shall review such accreditation status at least once in each Contract Year to assess whether material changes have occurred which could alter the original accreditation decision. If any such changes have occurred then the Supplier shall resubmit such system for accreditation. 20.4.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 20.4.7.1 require the Supplier (at the Supplier's expense) to restore or procure the restoration of the Customer Data to the extent and in accordance with the BCDR Plan and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 20.4.7.2 itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier shall repay to the Customer any reasonable expenses incurred by the Customer in doing soso to the extent and in accordance with the requirements specified in the BCDR Plan. 17.4.7 20.4.8 If at any time the Supplier suspects or has reason to believe that the Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 . The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 . To the extent that Customer Data is held and/or processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as specified by the Customer from time to time in writing. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the . The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 . The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up back‑up data, is a secure system that complies with the Security Policy. 17.4.6 . If the Customer Data is corrupted, lost or sufficiently degraded as a result of the Supplier's Default so as to be unusable, the Customer may unless otherwise agreed with the Supplier: 17.4.6.1 Customer: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data and the Supplier shall do so as soon as practicable but in accordance with the time period notified by the Customer; and/or 17.4.6.2 and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so. 17.4.7 . If at any time the Supplier suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take.

Customer Data. 17.4.1 5.1.1 The Supplier Contractor shall not delete or remove any proprietary notices contained within or relating to the Customer Data. 17.4.2 5.1.2 The Supplier Contractor shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier Contractor of its obligations under this Contract or as otherwise expressly authorised in writing by the Customer. 17.4.3 5.1.3 To the extent that Customer Data is held and/or processed by the SupplierContractor, the Supplier Contractor shall supply that Customer Data to the Customer as requested by the Customer and in the format specified in this Contract (if any) and in any event as reasonably specified by the Customer from time to time in writingCustomer. 17.4.4 To the extent that Customer Data is held and/or processed by the Supplier, the Supplier 5.1.4 The Contractor shall take responsibility for preserving reasonable commercial steps to preserve the integrity of Customer Data and preventing the corruption or loss of Customer Data. 17.4.5 5.1.5 The Supplier Contractor shall perform secure back-ups of all Customer Data and shall ensure that copies of up-to-date back-ups are securely stored off-site. The Contractor shall ensure that the Customer Data so backed-up are available to the Customer upon reasonable request. 5.1.6 The Contractor shall ensure that any system on which the Supplier Contractor holds any Customer Data, including back-up data, is a secure system that complies with the Security Policysystem. 17.4.6 5.1.7 If the Customer Data is corrupted, lost or sufficiently degraded as a result of the SupplierContractor's Default so as to be unusable, the Customer may unless otherwise agreed with the Suppliermay: 17.4.6.1 (a) require the Supplier Contractor (at the SupplierContractor's expense) to restore or procure the restoration of Customer Data and the Supplier Contractor shall do so as soon as practicable but in accordance with the time period notified by the Customernot later than one month; and/or 17.4.6.2 (b) itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier Contractor any reasonable expenses incurred in doing so. 17.4.7 5.1.8 If at any time the Supplier Contractor suspects or has reason to believe that Customer Data has or may become corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier Contractor shall notify the Customer immediately and inform the Customer of the remedial action the Supplier Contractor proposes to take.