Common use of Data Security and Privacy Clause in Contracts

Data Security and Privacy. 5.1 The Client will provide the Data to DataFix and DataFix will only use the Data as necessary to carry out its obligations under this Agreement, and for no other purpose without the prior written consent of the Client. 5.2 DataFix shall comply with all the confidentiality, security and privacy requirements set out in this Agreement, and any additional Security and Privacy Requirements with respect to the Data that have been provided to DataFix, by the Client, in writing. To the extent DataFix possesses any Data in any form, medium or device during the Term of this Agreement or after the expiration of the Term, the foregoing obligations shall survive and continue to be in legal effect. 5.3 DataFix shall ensure that its employees and contractors are aware of their obligations regarding data security and privacy under this Section 5.0.DataFix shall limit access to Personal Information to its authorized representatives who have a clear need to know in order to provide the Services. DataFix shall ensure that such representatives have agreed to protect the confidentiality and security of the Personal Information to at least the extent provided by this Agreement and DataFix shall properly advise such representatives of the requirements under this Agreement. 5.4 DataFix will protect the security and confidentiality of the Personal Information to at least the same standard as DataFix protects its own most sensitive Confidential Information and, in any event, to at least the standard required by applicable Laws. 5.5 If either Party becomes aware of or reasonably suspects that there has been any unauthorized or improper access to, use or disclosure of any of the Personal Information (a “Security Incident”), such Party will notify the other Party forthwith and, take all reasonable steps to mitigate the Security Incident. 5.6 Without limiting any other provision in this Agreement regarding the security of information, DataFix shall have in place reasonable policies, procedures, and safeguards to protect the confidentiality and security of the Personal Information. DataFix shall ensure the physical security of the Personal Information by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, disposal, loss, or modification.

Data Security and Privacy. 5.1 The data provided by Elections Newfoundland and Labrador is classified as high security and is also protected under the Privacy Act and the Elections Act, 1991. DataFix will treat this data as if they were also subject to the Privacy Act. It will be safeguarded while in our possession and kept securely both in electronic and transfer media (CD) form. 5.2 The Client will provide the Voter Data to DataFix and DataFix understands that it is imperative that the Permanent List of Electors data not be copied for uses other than the project described with the Client and only be used for electoral purposes. It will only use not be used for any purposes other than the Data as necessary to carry out its obligations under this Agreement, and for no other purpose without the prior written consent Municipal Election event. The contents of the Clientfile will not be disclosed to any other party or person for any reason. 5.2 5.3 DataFix shall comply with all of the confidentiality, security and privacy requirements set out in this AgreementAgreement (including, without limitation, the requirements of this Section 5.0, and any additional Additional Security and Privacy Requirements Requirements) with respect to the Data that have been provided to DataFix, by the Client, in writingVoter Data. To the extent DataFix possesses any Voter Data in any form, medium or device during the Term of this Agreement or after the expiration of the Termafter, the foregoing obligations shall survive and continue to be in legal effect. 5.3 5.4 Once the Voter Data is provided to DataFix, the Voter Data will be stored at DataFix’s primary site. DataFix’s primary site is locked and restricted to only DataFix shall employees. All data that flows in and out of the primary site and other equipment is encrypted and otherwise protected against access by, or disclosure to any other party. 5.5 DataFix will ensure that its Enhanced Reliability is in place for all contract employees and contractors are aware who will have access to the Permanent List of their obligations regarding data security and privacy under this Section 5.0.DataFix Electors data. 5.6 DataFix shall limit access to Personal Information to its authorized representatives who have a clear need to know in order to provide the Services. DataFix shall ensure that such representatives have agreed to protect the confidentiality and security of the Personal Information to at least the extent provided by this Agreement and DataFix shall properly advise such representatives of the requirements under this Agreement. 5.4 5.7 If DataFix will protect the security and confidentiality of the Personal Information to at least the same standard as DataFix protects its own most sensitive Confidential Information and, in any event, to at least the standard required by applicable Laws. 5.5 If either Party becomes aware of or reasonably suspects that there has been any unauthorized or improper access to, use or disclosure of any of the Personal Information Information (a “Security Incident”), such Party DataFix will notify the other Party Client forthwith and, take all reasonable steps to mitigate the Security Incident. 5.6 5.8 Without limiting any other provision in this Agreement regarding the security of information, DataFix shall have in place reasonable policies, procedures, procedures and safeguards to protect the confidentiality and security of the Personal Information. DataFix shall ensure the physical security of the Personal Information by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, disposal, loss, loss or modification. 5.9 DataFix shall ensure that its employees are aware of their obligations regarding data security and privacy under this section 5.

Data Security and Privacy. 5.1 The Client will provide the Voter Data to DataFix and DataFix will only use the Voter Data as necessary to carry out its obligations under this Agreement, and for no other purpose without the prior written consent of the Clientpurpose. 5.2 DataFix shall comply with all the confidentiality, security and privacy requirements set out in this Agreement, and any additional Security and Privacy Requirements with respect to the Data that have been provided to DataFix, by the Client, in writingVoter Data. To the extent DataFix possesses any Voter Data in any form, medium or device during the Term term of this Agreement agreement or after the expiration of the Termafter, the foregoing obligations shall survive and continue to be in legal effect. 5.3 DataFix shall ensure that its employees and contractors are aware of their obligations regarding data security and privacy under this Section 5.0.DataFix shall limit access to Personal Information to its authorized representatives who have a clear need to know in order to provide the Services. DataFix shall ensure that such representatives have agreed to protect the confidentiality and security of the Personal Information to at least the extent provided by this Agreement and DataFix shall properly advise such representatives of the requirements under this Agreement. 5.4 DataFix will protect the security and confidentiality of the Personal Information to at least the same standard as DataFix protects its own most sensitive Confidential Information confidential information and, in any event, to at least the standard required by applicable Laws. 5.5 If either Party DataFix becomes aware of or reasonably suspects that there has been any unauthorized or improper access to, use or disclosure of any of the Personal Information (a “Security Incident”), such Party will notify the other Party forthwith and, take all reasonable steps to mitigate the Security Incident. 5.6 Without limiting any other provision in this Agreement regarding with regard to the security of information, DataFix shall have in place reasonable policies, procedures, procedures and safeguards to protect the confidentiality and security of the Personal Information. DataFix shall ensure the physical security of the Personal Information by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, disposal, loss, loss or modification. 5.7 DataFix shall ensure that its employees are aware of their obligations regarding data security and privacy under this section 5.

Data Security and Privacy. 5.1 The Client will provide the Data to DataFix and DataFix will only use the Data as necessary to carry out its obligations under this Agreement, and for no other purpose without the prior written consent of the Client. 5.2 DataFix shall comply with all the confidentiality, security and privacy requirements set out in this Agreement, and any additional Security and Privacy Requirements with respect to the Data that have been provided to DataFix, by the Client, in writing. To the extent DataFix possesses any Data in any form, medium or device during the Term of this Agreement or after the expiration of the Term, the foregoing obligations shall survive and continue to be in legal effect. 5.3 DataFix shall ensure that its employees and contractors are aware of their obligations regarding data security and privacy under this Section 5.0.DataFix shall limit access to Personal Information to its authorized representatives who have a clear need to know in order to provide the Services. DataFix shall ensure that such representatives have agreed to protect the confidentiality and security of the Personal Information to at least the extent provided by this Agreement and DataFix shall properly advise such representatives of the requirements under this Agreement. 5.4 DataFix will protect the security and confidentiality of the Personal Information to at least the same standard as DataFix protects its own most sensitive Confidential Information and, in any event, to at least the standard required by applicable Laws. 5.5 If either Party becomes aware of or reasonably suspects that there has been any unauthorized or improper access to, use or disclosure of any of the Personal Information Information (a “Security Incident”), such Party will notify the other Party forthwith and, take all reasonable steps to mitigate the Security Incident. 5.6 Without limiting any other provision in this Agreement regarding the security of information, DataFix shall have in place reasonable policies, procedures, and safeguards to protect the confidentiality and security of the Personal Information. DataFix shall ensure the physical security of the Personal Information by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, disposal, loss, or modification.

Data Security and Privacy. 5.1 The Client will provide the Data to DataFix and DataFix will only use the Data as necessary to carry out its obligations under this Agreement, and for no other purpose without the prior written consent of the Clientpurpose. 5.2 DataFix shall comply with all the confidentiality, security and privacy requirements set out in this Agreement, and any additional Security and Privacy Requirements with respect to the Data that have been provided to DataFix, by the Client, in writingData. To the extent DataFix possesses any Data in any form, medium or device during the Term of this Agreement or after the expiration of the Term, the foregoing obligations shall survive and continue to be in legal effect. 5.3 DataFix shall ensure that its employees and contractors are aware of their obligations regarding data security and privacy under this Section 5.0.DataFix shall limit access to Personal Information to its authorized representatives who have a clear need to know in order to provide the Services. DataFix shall ensure that such representatives have agreed to protect the confidentiality and security of the Personal Information to at least the extent provided by this Agreement and DataFix shall properly advise such representatives of the requirements under this Agreement. 5.4 DataFix will protect the security and confidentiality of the Personal Information to at least the same standard as DataFix protects its own most sensitive Confidential Information and, in any event, to at least the standard required by applicable Laws. 5.5 If either Party DataFix becomes aware of or reasonably suspects that there has been any unauthorized or improper access to, use or disclosure of any of the Personal Information Information (a “Security Incident”), such Party DataFix will notify the other Party Client forthwith and, take all reasonable steps to mitigate the Security Incident. 5.6 Without limiting any other provision in this Agreement regarding the security of information, DataFix shall have in place reasonable policies, procedures, procedures and safeguards to protect the confidentiality and security of the Personal Information. DataFix shall ensure the physical security of the Personal Information by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, disposal, loss, loss or modification. 5.7 DataFix shall ensure that its employees are aware of their obligations regarding data security and privacy under this section 5.