Data Security Policy Clause Samples

A Data Security Policy clause establishes the requirements and standards for protecting sensitive information handled by the parties to an agreement. It typically outlines the technical and organizational measures that must be implemented, such as encryption, access controls, and regular security audits, and may specify compliance with relevant laws or industry standards. By clearly defining these obligations, the clause helps prevent data breaches and ensures that both parties understand their responsibilities for safeguarding confidential or personal data.
Data Security Policy. Where it believes unauthorised and/or inappropriate use of the service’s information system or unacceptable or inappropriate behaviour may be taking place, the School will invoke its disciplinary procedure. If the School suspects that the system may be being used for criminal purposes or for storing unlawful text, imagery or sound, the matter will be brought to the attention of the relevant law enforcement organisation.
View SourceView Similar (3)
Data Security Policy. By using the website, apps, and services of Micro Benefits Limited (“Provider”), you, the Customer (“Customer”), acknowledge and agree that the Customer is and will remain the exclusive owner of all data provided to Provider (“Customer Data”) under this Data Security Policy (“Data Security Policy”). Provider will access, use, or otherwise handle Customer Data to perform the Services (“Hosted Services”) under the applicable SaaS Subscription Order Form (“SaaS Order Form”) or to perform other obligations expressly authorized under the Software as a Service Agreement (“SaaS Agreement”) and, in the case of users of the Provider’s apps, the End User License Agreement (“▇▇▇▇”). Except as expressly authorized under the SaaS Agreement and/or ▇▇▇▇, Provider will not collect, use, store or transmit any Customer Data unless Customer Data is encrypted, aggregated, anonymized, pseudonymized, or sanitized so that third parties viewing said data sets cannot ascribe the Customer Data to the Customer or individuals. Provider will keep and maintain Customer Data using such degree of care as is appropriate to avoid unauthorized use or disclosure of Customer Data. Provider will implement and maintain reasonable administrative, technical and physical safeguards to protect Customer Data, as appropriate to the nature and scope of Provider’s activities and Services. Provider will, on an ongoing basis, ensure that its information security program and safeguards are designed, maintained, updated and adjusted, as necessary, to protect against reasonably foreseeable internal and external risks to the security, confidentiality and integrity of Customer Data. Provider will only allow authorized persons with a need to handle Customer Data to perform Services or other obligations under this Agreement to access or handle Customer Data, and Provider will remain responsible for any handling of Customer Data within its custody or control by its Representatives. If Provider becomes aware, or reasonably believes, that Customer Data may have been accessed or acquired by an unauthorized party, Provider will promptly notify the Customer via the Customer’s primary business email contact(s). 1. Introduction 2. Change details [Insert full details of proposed Change]
View Source
Data Security Policy. Rev360 and Developer shall employ industry best practices, both technically and procedurally (including appropriate firewall technology), to protect Identified Data from unauthorized physical and electronic access. Developer shall limit access to Identified Data to those staff members with a well-defined business need. Developer shall provide and maintain user access controls to ensure that only authorized Developer employees have the ability to access Identified Data in accordance with this Agreement. Rev360 and Developer shall maintain adequate technical and procedural access controls and system security requirements and devices, in
View Source
Data Security Policy implement policy to review all active users to ensure all terminated users access are removed upon termination date.
View Source
Data Security Policy. The CITF Data Security Policy is included in Appendix C, below. The Data Security policy is intended to apply to CITF Researchers and to external Researchers that access CITF data. 5. Data access 5.1. Overview of CITF Data Access Tiers TIER 1:
View Source

Related to Data Security Policy

  • Security Policy As part of PCI DSS, the Card Organizations require that you have a security policy that covers the security of credit card information.

  • Security Policies To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor will have an information security policy that protects its systems and processes and media that may contain State Data from internal and external security threats and State Data from unauthorized disclosure, and will have provided a copy of such policy to the State. The Contractor shall provide the State with not less than thirty (30) days advance written notice of any material amendment or modification of such policies.

  • Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who ▇▇▇ may contact if there are any data security concerns or questions.

  • Safety Policy Each employer is required by law to have a safety policy and program. TIR will ask for and may require a copy of that policy and program.

  • Data Security and Privacy Except as would not, individually or in the aggregate, reasonably be expected to be material to the business of the Company Group, taken as a whole, the Company and each of its Subsidiaries (i) is in compliance with all Data Security Requirements and (ii) has taken commercially reasonable steps consistent with standard industry practice by companies of similar size and maturity, and in compliance in all material respects with all Data Security Requirements to protect (A) the confidentiality, integrity, availability and security of its Business Systems that are involved in the Processing of Personally Identifiable Information, in the conduct of the business of the Company and its Subsidiaries as currently conducted; and (B) Personally Identifiable Information Processed by or on behalf of the Company or such Subsidiary or on their behalf from unauthorized use, access, disclosure, theft and modification. Except as would not, individually or in the aggregate, reasonably be expected to be material to the business of the Company Group, taken as a whole, (i) there are, and since January 1, 2022, have been, no pending complaints, investigations, inquiries, notices, enforcement proceedings, or Actions by or before any Governmental Authority and (ii) since January 1, 2022, no fines or other penalties have been imposed on or written claims, notice, complaints or other communications have been received by the Company or any Subsidiary, relating to any Specified Data Breach or alleging non-compliance with any Data Security Requirement. The Company and each of its Subsidiaries have not, since January 1, 2022, (1) experienced any Specified Data Breaches, or (2) been involved in any Legal Proceedings related to or alleging any violation of any Data Security Requirements by the Company Group or any Specified Data Breaches, each except as would not be material to the business of the Company Group, taken as a whole. The consummation of the transactions contemplated by this Agreement will not cause the Company Group to breach any Data Security Requirement, except as would not reasonably be expected to be material to the business of the Company Group, taken as a whole.