Disposition of Customer Data Sample Clauses

The "Disposition of Customer Data" clause outlines the procedures and responsibilities for handling customer data at the end of a contract or business relationship. Typically, this clause specifies whether customer data should be returned, deleted, or otherwise managed, and may set timelines or security requirements for these actions. For example, a service provider might be required to permanently erase all customer data from its systems within 30 days of contract termination. The core function of this clause is to protect customer information and ensure compliance with privacy obligations by clearly defining how data is to be managed once services conclude.
Disposition of Customer Data. Upon Customer’s written request within 30 days following the expiration or any termination of this Agreement, RIB promptly shall deliver to Customer a copy of the Customer Data in a mutually-agreed electronic format. RIB shall bill Customer at its then-standard hourly rate (or, if none, a reasonable rate) for such work and Customer must pay such invoice promptly prior to receipt of the Customer Data. Customer’s failure to so request a copy of the Customer Data within such time shall be deemed a request by Customer for RIB to destroy the Customer Data. Promptly after RIB’s delivery of such copy of the Customer Data, or upon such a deemed request, RIB shall destroy the Customer Data; provided, however, that to the extent RIB is required by applicable law or legal process to retain any portion of the Customer Data, or to the extent that destruction of any Customer Data is infeasible, RIB shall retain such Customer Data as though it were Confidential Information for such time as is required by such law or process or until destruction is no longer infeasible, after which RIB promptly shall destroy the Customer Data.
View SourceView Similar (13)
Disposition of Customer Data. If Customer has purchased Hosting Services, upon Customer’s written request within 30 days following the expiration or any termination of this Agreement, RIB promptly shall deliver to Customer a copy of the Customer Data in a mutually-agreed electronic format. RIB shall bill Customer at its then-standard hourly rate (or, if none, a reasonable rate) for such work and Customer must pay such invoice promptly prior to receipt of the Customer Data. Customer’s failure to so request a copy of the Customer Data within such time shall be deemed a request by Customer for RIB to destroy the Customer Data pursuant to the applicable terms in the Quote. Promptly after RIB’s delivery of such copy of the Customer Data, or upon such a deemed request, RIB shall destroy the Customer Data; provided, however, that to the extent RIB is required by applicable law or legal process to retain any portion of the Customer Data, or to the extent that destruction of any Customer Data is infeasible, RIB shall retain such Customer Data as though it were Confidential Information for such time as is required by such law or process or until destruction is no longer infeasible, after which RIB promptly shall destroy the Customer Data.
View SourceView Similar (5)
Disposition of Customer Data. Upon Customer’s written request within 30 days following the expiration or any termination of this Agreement, Company shall destroy all Customer Data; provided, however, that to the extent Company is required by applicable law or legal process to retain any portion of the Customer Data, or to the extent that destruction of any Customer Data is infeasible or is inconsistent with Company’s operations or needs, Company shall retain such Customer Data as though it were Confidential Information for such time as is required by such law or process or until destruction is no longer infeasible, after which Company promptly shall destroy the Customer Data. If Customer does not provide such notice within 30 days following the expiration or termination of this Agreement, Company may destroy such Customer Data in its sole discretion.
View SourceView Similar (4)
Disposition of Customer Data. Upon Customer’s written request within 30 days following the expiration or any termination of this Agreement, Orbit shall destroy the Customer Data; provided, however, that to the extent Orbit is required by applicable law or legal process to retain any portion of the Customer Data, or to the extent that destruction of any Customer Data is infeasible, Orbit shall retain such Customer Data as though it were Confidential Information for such time as is required by such law or process or until destruction is no longer infeasible, after which Orbit promptly shall destroy the Customer Data. If Customer does not provide such notice within 30 days following the expiration or termination of this Agreement, Orbit may destroy such Customer Data in its sole discretion.
View SourceView Similar (2)
Disposition of Customer Data. At the end of the Term and on termination of this Agreement, DOTUS will, on the written request of Customer, transfer to Customer the Customer Data in such form and format in a machine readable format as may be reasonably determined agreed upon by Customer and DOTUS. The foregoing DOTUS obligation to transfer Customer Data shall terminate three (3) months following the end of the Term or the termination of this Agreement, as applicable. At the end of such three (3) month period, and except as may be required by law, DOTUS will delete, isolate or otherwise render unrecoverable all of the Customer Data that remains on any Platform, pursuant to DOTUS’ document and data retention policy. At the request of Customer at any time during the Term or thereafter, DOTUS will erase, destroy delete, isolate or otherwise make render unrecoverable (“Destruction”) all or, if specified by Customer, any part of the Customer Data in DOTUS’s possession and pursuant to DOTUS’ document and data retention policy. At the written request of Customer, DOTUS will provide Customer with a certificate of Destruction promptly following the Destruction of any Customer Data. Notwithstanding anything in this Agreement to the contrary, DOTUS will have no obligation to delete de-identified or aggregated Customer Data.
View Source

Related to Disposition of Customer Data

  • Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Contract Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any business continuity plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any) If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Customer may: require the Supplier (at the Suppliers expense) to restore or procure the restoration of Customer Data as required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so as required by the Customer.

  • Return of Customer Data Okta shall return Customer Data to Customer and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and time periods specified in the Trust & Compliance Documentation, unless the retention of the data is requested from Okta according to mandatory statutory laws.

  • Disposition of Data Upon written request from the LEA, Provider shall dispose of or provide a mechanism for the LEA to transfer Student Data obtained under the Service Agreement, within sixty (60) days of the date of said request and according to a schedule and procedure as the Parties may reasonably agree. Upon termination of this DPA, if no written request from the LEA is received, Provider shall dispose of all Student Data after providing the LEA with reasonable prior notice. The duty to dispose of Student Data shall not extend to Student Data that had been De-Identified or placed in a separate student account pursuant to section II 3. The LEA may employ a “Directive for Disposition of Data” form, a copy of which is attached hereto as Exhibit “D”. If the LEA and Provider employ Exhibit “D,” no further written request or notice is required on the part of either party prior to the disposition of Student Data described in Exhibit “D.

  • Customer Data 6.1 The Customer shall own all right, title and interest in and to all the Customer Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such Customer Data. 6.2 The Supplier shall follow its archiving procedures for Customer Data as set out in its Back-Up Policy. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy against the Supplier shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure described in its Back-Up Policy. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up for which it shall remain fully liable under clause 6.9). 6.3 The Supplier shall, in providing the Services, comply with its Privacy and Security Policy relating to the privacy and security of the Customer Data available at ▇▇▇.▇▇▇▇▇▇▇▇▇▇▇.▇▇.▇▇ or such other website address as may be notified to the Customer from time to time, as such document may be amended from time to time by the Supplier in its sole discretion. 6.4 Both parties will follow all applicable requirements of the Data Protection Legislation. This clause 6 is in addition to, and does not relieve, remove or replace, a party's obligations under the Data Protection Legislation. 6.5 The parties acknowledge that: (a) if the Supplier processes any personal data on the Customer's behalf when performing its obligations under this agreement, the Customer is the data controller and the Supplier is the data processor for the purposes of the Data Protection Legislation (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation). (b) the Customer acknowledges and agrees that the personal data may be transferred or stored outside the EEA or the country where the Customer and the Authorised Users are located to carry out the Services and the Supplier's other obligations under this agreement. If personal data is transferred or stored outside the UK, appropriate safeguards in accordance with UK GDPR, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), will be implemented to ensure compliance with UK data protection laws. 6.6 Without prejudice to the generality of clause 6.1, the Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Supplier for the duration and purposes of this agreement so that the Supplier may lawfully use, process and transfer the Personal Data in accordance with this agreement on the Customer's behalf. 6.7 Without prejudice to the generality of clause 6.1, the Supplier shall, in relation to any Personal Data processed in connection with the performance by the Supplier of its obligations under this agreement: (a) Process that Personal Data only on the written instructions of the Customer, unless the Supplier is required by the laws of the United Kingdom, the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, or any applicable international laws to process Personal Data (Applicable Laws). In instances where the Supplier's data processing activities are subject to the laws of a member of the European Union due to cross-border operations or data transfers, and where such laws necessitate processing actions divergent from the Customer's instructions, the Supplier shall promptly notify the Customer of this requirement before commencing the processing required by the Applicable Laws, unless prohibited by those laws from providing such notification; (b) Not transfer any Personal Data outside of the United Kingdom or to any country not deemed to have adequate data protection laws by the UK Information Commissioner's Office (ICO), unless the following conditions are fulfilled: (i) the Customer or the Supplier has provided appropriate safeguards in relation to the transfer such as Standard Contractual Clauses (SCCs) specifically adapted for the data transfer requirements under the UK GDPR, or any future UK adequacy decisions. When transferring personal data outside the UK, the Supplier will ensure the use of Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), or ensure that the destination country has been deemed to provide an adequate level of protection for personal data by the UK government; (ii) the data subject has enforceable rights and effective legal remedies in accordance with the UK GDPR and the Data Protection Act 2018; (iii) the Supplier ensures compliance with the UK Data Protection Legislation by providing an adequate level of protection to any Personal Data transferred, including adhering to any additional requirements set forth by the UK Information Commissioner's Office (ICO); and (iv) the Supplier complies with reasonable instructions notified to it in advance by the Customer with respect to the processing of the Personal Data; (c) assist the Customer, at the Customer's cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators; (d) notify the ICO within 72 hours of becoming aware of a data breach. Where the breach is likely to result in a high risk to the rights and freedoms of natural persons, notify the affected data subjects without undue delay.; (e) at the written direction of the Customer, delete or return Personal Data and copies thereof to the Customer on termination of the agreement unless required by Applicable Law to store the Personal Data; and (f) maintain complete and accurate records and information to demonstrate its compliance with this clause 6. 6.8 Each party shall ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymisation and encr ypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it). 6.9 The Supplier will ensure that any sub-contractors appointed to process personal data on behalf of the Customer are subject to written agreements that require them to process such data only on documented instructions from the Customer and in full compliance with the requirements of the UK GDPR, particularly Article 28. The Supplier confirms that it has entered or (as the case may be) will enter with the third- party processor into a written agreement substantially on that third party's standard terms of business. As between the Customer and the Supplier, the Supplier shall remain fully liable for all acts or omissions of any third-party processor appointed by it pursuant to this clause 6. Full details of all third parties providing such services to the Supplier and who are processing Personal data under this agreement are available upon request. 6.10 The Supplier will update its Privacy Policy to reflect any changes in sub-processors or the addition of new sub-processors. It is the responsibility of the Customer to regularly review the Privacy Policy to stay informed of such changes. 6.11 The Customer acknowledges and agrees that the Supplier relies on third-party services for the hosting and processing of Customer Data pursuant to this agreement. Specifically, Amazon Web Services (AWS) is utilised as the primary infrastructure provider due to its robust data security measures and adherence to data protection legislation relevant to our operations. For comprehensive details regarding the use of AWS, including the location of data centres and the specific security and compliance measures in place, refer to Schedule 2 of this agreement. This schedule outlines how data storage and processing activities through AWS are conducted in strict conformity with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, ensuring the highest standards of data protection and security are maintained. 6.12 The Supplier will ensure that any use of Customer Data in aggregated and anonymised form is done in a manner that fully ensures such data cannot be re-identified, adhering to the standards of anonymisation defined under the UK GDPR. 6.13 The supplier will assist the customer in ensuring compliance with the data subject rights under the Data Protection Legislation, including but not limited to rights of access, correction, deletion, and data portability. 6.14 The customer shall have the right to conduct an audit of the supplier's data processing activities related to this agreement once per year to ensure compliance with Data Protection Legislation and the terms of this agreement. Such audit shall be conducted at the customers expense, with reasonable prior notice, and shall not unreasonably interfere with the supplier's business operations 6.15 Any revisions to this clause related to data protection will be made in compliance with the latest data protection legislation and best practices, ensuring the protection of data subjects' rights. The Customer will be notified at least 30 days in advance of any such changes, which will only be implemented with the Customer's consent if they materially alter the data protection obligations of the parties.

  • DISPOSITION OF EQUIPMENT The Grantee shall provide to the State, not less than 30 calendar days prior to submission of the final invoice, an itemized inventory of equipment purchased with funds provided by the State. The inventory shall include all items with a current estimated fair market value of more than $5,000.00 per item. Within 60 calendar days of receipt of such inventory the State shall provide the Grantee with a list of the items on the inventory that the State will take title to. All other items shall become the property of the Grantee. The State shall arrange for delivery from the Grantee of items that it takes title to. Cost of transportation, if any, shall be borne by the State.