Data Privacy & Security Clause Samples
The Data Privacy & Security clause establishes the obligations of parties to protect personal and sensitive information collected, processed, or stored during the course of their relationship. It typically outlines requirements for implementing appropriate technical and organizational measures, complying with relevant data protection laws, and notifying affected parties in the event of a data breach. This clause serves to safeguard confidential data, ensure legal compliance, and mitigate the risks associated with unauthorized access or disclosure of information.
Data Privacy & Security. AvePoint shall use commercially reasonable technical and organisational measures de- signed to prevent unauthorised access, use, alteration, or disclosure of the Solutions or Customer Data, as fur- ther described in AvePoint’s then-current DPIS Policy. Customer Data. All Personal Data received or collected by AvePoint in connection with the perfor- ▇▇▇▇▇ of this Agreement (including its amendments) will be processed in accordance with AvePoint’s Pri- vacy Policy, which can be accessed at ▇▇▇▇://▇▇▇.▇▇▇- ▇▇▇▇▇.▇▇▇/▇▇▇▇▇▇▇/▇▇▇▇▇▇▇-▇▇▇▇▇▇, as amended from time to time. Any Personal Data received or collected by AvePoint or its Affiliates will further be processed in accordance with applicable data protection laws. Where the Personal Data is that of a third party, Cus- tomer certifies that it has obtained that data pursuant to applicable data protection laws and has obtained all necessary authorisations and consents with respect to such information. AvePoint shall maintain administra- tive, physical, and technical safeguards for protection of the security, confidentiality and integrity of Cus- tomer Data and Business Contact Information, includ- ing, but not limited to measures for preventing access, use, modification or disclosure of Customer Data or Business Contact Information except (a) to provide the SaaS Solutions and prevent or address service or tech- nical problems; (b) as compelled by law; or (c) as ex- pressly permitted by Customer in writing. Such specific safeguards shall be as set forth in the Documentation. When providing Customer Data or Business Contact Information, Customer shall not under any circum- stances provide Personal Data to AvePoint for the pro- cessing of such data on behalf of Customer, as defined in Article 28.1 GDPR, unless agreed otherwise by way of a separate written agreement between the Parties. All Customer Data passing through SaaS Solutions is stored by AvePoint in a Customer-selected data centre. If there is a geographic region indicated on the appli- cable Order or the website where Customer registers 2.
Data Privacy & Security. The Company does not sell or rent any Personal Information collected, used or disclosed to it. The Company has at all times complied with all applicable Laws regarding the collection, retention, transfer, use and protection of Personal Information, except where failure to comply would not reasonably be expected to have a Material Adverse Effect. The Company has not experienced any loss, damage or unauthorized access, disclosure, use or breach of security of any Personal Information in its possession. The Company uses commercially reasonable efforts to safeguard any personally identifiable information that it obtains. To the Knowledge of the Company, the Company is and has been in compliance in with all applicable Laws relating to loss, theft and breach of security notification obligations, in each case as they relate to Personal Information.
Data Privacy & Security. No Protected Health Information (as such term is defined in the Health Insurance Portability and Accountability Act of 1996), other than the Protected Health Information necessary for a Party to carry out the Collaboration, will be provided by a Party to the other Party under this Agreement. If Adaptive intends to makes any Protected Health Information available to Microsoft for use in the Collaboration, Adaptive will first notify Microsoft of such intent and provide documentation of: (i) the source of the data, (ii) any required consents, approvals and authorizations necessary for Microsoft to have access to or use such Protected Health Information in the Collaboration, and (iii) any security, privacy, use restrictions or other requirements that would apply to Microsoft’s access to or use of such Protected Health Information. Microsoft may elect to accept or not to accept receiving access to the proposed Protected Health Information following its review of such documentation. For clarity, Adaptive is not required to follow the advance notice process described in this paragraph in order to provide to Microsoft, for use in the Collaboration, anonymous sequencing data (which data must not include any data that could enable the sequencing data to be linked to Protected Health Information of a donor). Microsoft covenants and agrees that it will not store, process or otherwise take any action with respect to data under the Collaboration that causes Adaptive to be subject to the data privacy or data security laws of any jurisdiction other than the United States of America, without Adaptive’s prior written consent.
Data Privacy & Security. (a) The Group Companies are, and during the past three (3) years have been, in material compliance with the Data Protection Requirements. To the extent applicable, each Group Company has all necessary authority, rights, consents and authorizations to Process any Personal Information maintained by or for each Group Company to the extent required in connection with the operation of each Group Company’s business as currently conducted. During the past 3 years, each Group Company has at all times provided accurate notice of its privacy practices on its websites, such privacy policies are comprehensive, accurate and fully implemented, and they have not contained any material omissions of any Group Company’s privacy practices nor, to the knowledge of the Company, have they been misleading, deceptive or in violation of Data Protection Laws in any material respect.
(b) There has been no material occurrence of (x) unlawful or unauthorized destruction, loss, use, modification or disclosure of or access to Personal Information owned, stored, used, maintained or controlled by or on behalf of any Group Company such that Data Protection Requirements require or required the Group Company to notify Governmental Entities, affected individuals or other parties of such occurrence or (y) unauthorized access to or disclosure of the Group Companies’ confidential information or trade secrets. Except as set forth on Schedule 3.22(b), (i) no Group Company has received any written complaint or notice of investigation, including but not limited to inquiries or other communications from any Person, entity or Governmental Entity regarding any Group Company or any of any Group Company’s agents’, employees’ or independent contractors’ uses or disclosures of, or security practices or security incidents regarding, Personal Information, nor any written complaint from any third party regarding the improper disclosure of Personal Information by any Group Company or any Group Company agent, employee or independent contractor; and (ii) no Group Company has incurred any material liabilities under any applicable Data Protection Requirements relating to the privacy or security of Personal Information. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Data Protection Requirements.
(c) The information technology assets and equipment, computers, systems, networks, hardware, software, websites, application...
Data Privacy & Security. Except for information collected and maintained by the Sellers with respect to their respective employees, neither of the Sellers collects any personal information in connection with the conduct of the Business and does not sell or rent any of the information it has collected with respect to its employees. Each of the Sellers has established and implemented policies, programs and procedures that are commercially reasonable to protect the confidentiality, integrity and security of any personal information concerning the applicable Seller’s employees against unauthorized access, use, modification, disclosure or other misuse. Neither of the Sellers has experienced any loss or unauthorized access, disclosure, use or breach of security of any personal information in its possession.
Data Privacy & Security a. To the extent that AIPP processes personal data (as that term is defined under applicable law) pursuant to this Agreement it shall do so in accordance with its Privacy Policy available at ▇▇▇▇▇://▇▇▇▇▇▇▇▇▇▇.▇▇▇.▇▇▇/privacy/. For the avoidance of doubt, AIPP is and shall remain the controller (or similar term under applicable law) of personal data processed under this Agreement.
b. AIPP will use reasonable and appropriate technical, organizational, and administrative security measures designed to prevent loss, misuse, corruption, or disclosure of and/or unauthorized access, alteration or destruction to personal data held in its custody under this Agreement.
Data Privacy & Security. To the extent the Services require Contractor receive personal data or personal information from Town, Contractor may process any personal data or personal information, as those terms are defined in applicable privacy laws, in accordance with the requirements of the applicable privacy law relevant to the processing in providing Services hereunder. Applicable privacy laws may include any local, state, federal or international laws, standards, guidelines, policies or regulations governing the collection, use, disclosure, sharing or other processing of personal data or personal information with which Contractor or its clients must comply. Such privacy laws may include (i) the EU General Data Protection Regulation 2016/679 (GDPR); (ii) the California Consumer Privacy Act of 2018 (CCPA); and/or (iii) other laws regulating marketing communications, requiring security breach notification, imposing minimum security requirements, requiring the secure disposal of records, and other similar requirements applicable to the processing of personal data or personal information. Contractor is acting as a Service Provider/Data Processor in relation to Town personal data and personal information, as those terms are defined respectively under the CCPA/GDPR. Town is responsible for notifying Contractor of any data privacy laws the data provided to Contractor is subject to and Town represents and warrants it has all necessary authority (including any legally required consent from data subjects) to transfer such information and authorize Contractor to process such information in connection with the Services described herein. Contractor has established information security related operational requirements that support the achievement of Contractor’s information security commitments, relevant information security related laws and regulations, and other information security related system requirements. Such requirements are communicated in Contractor’s policies and procedures, system design documentation, and contracts with customers. Information security policies have been implemented that define Contractor’s approach to how systems and data are protected. Town is responsible for providing timely written notification to Contractor of any additions, changes or removals of access for Town personnel to Contractor provided systems or applications. If Town becomes aware of any known or suspected information security or privacy related incidents or breaches related to this agreement, To...
Data Privacy & Security. 6.1 The Merchant shall not store sensitive customer payment data such as card details, OTPs, or CVV unless permitted under applicable data protection laws.
6.2 Toucan implements industry-standard security protocols, including PCI DSS compliance, and the Merchant must ensure similar levels of security on their platform.
Data Privacy & Security. Client recognizes that it may have responsibilities under various data protection and privacy laws, including, but not limited to the US Health Insurance Portability and Accountability Act (“HIPAA”) and the EU General Data Protection Regulation (GDPR), and will comply with such applicable obligations with regard to any and all personally identifiable information, personal health information, personal data and/or any and all sensitive, confidential or protected information ("PI") regarding any Member, and/or any individual for whom Company holds such information or for whom Company will provide Services ("Company PI") by executing all other documents required by any applicable data protection or privacy law, including, without limitation, a business associate agreement, data processing agreement, joint controller agreement or any similar required document, and also by doing the following:
a. only use Company PI as specifically instructed by Client;
b. place commercially reasonable safeguards in place to ensure that Company PI is safe from disclosure, misuse or theft;
c. assist Company if Company is asked to respond to any request relating to the privacy of Company PI as a result of this Agreement;
d. require that any of Client’s agents or sub-contractors that have access to, process, or hold any Company PI comply with the provisions of this paragraph;
e. upon notice from Company or any authorized governmental or regulatory entity, stop and remediate any unauthorized processing of Company PI; and
f. provide immediate notice to Company if Client can no longer comply with the provisions of this paragraph.
Data Privacy & Security. 8.1 Customer understands that the use of the Licensed Software may require Customer to register individual user accounts with Pulsar. Customer is responsible for maintaining the confidentiality of any account, user name, or password information used in conjunction with the Licensed Software and for restricting access to Customer’s computer and account. Customer is responsible for all activities that occur under Customer’s account or password.
8.2 Pulsar has established an online privacy policy, which is available at ▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇ (“Privacy Policy”). By using the Licensed Software, Customer consents to Pulsar’s collecting, storing, and processing Customer’s Primary Data in accordance with this Policy.
8.3 The Licensed Software is designed to be accessed through the Internet and thus makes use of third-party hardware, networking equipment, telecommunications services, and other information technology infrastructure. Pulsar makes commercially reasonable efforts to protect the privacy and security of data and Customer’s use of the Licensed Software. Pulsar has taken precautions in the design of the Licensed Software to assure that ordinary use of the Licensed Software will not result in the breach of any privacy-related regulations. Notwithstanding the foregoing, it may be possible for some individuals to utilize illegal methods to input, track, store, or otherwise access data not in accordance with the Licensed Software’s intended use. CUSTOMER HEREBY ACKNOWLEDGES THAT THE LICENSED SOFTWARE IS NOT INTENDED FOR SUCH USE AND THAT SHOULD CUSTOMER CHOOSE TO USE THE SOFTWARE IN SUCH A MANNER, CUSTOMER ALONE ASSUMES ALL RESPONSIBILITY FOR COMPLIANCE WITH APPLICABLE DATA PRIVACY LAWS. CUSTOMER FURTHER AGREES TO INDEMNIFY PULSAR FOR ANY AND ALL DAMAGES AND OTHER ACCRUED LIABILITIES CAUSED BY CUSTOMER’S USE OF THE LICENSED SOFTWARE IN VIOLATION OF THIS PROVISION.