NOTIFICATION OF A PERSONAL DATA BREACH Sample Clauses

NOTIFICATION OF A PERSONAL DATA BREACH. 1. The data processor notifies the data controller without undue delay upon becoming aware of the personal data breach. 2. The data processor’s notification to the data controller must, if possible, be given no later than 24 hours after the data processor has become aware of the breach, so the data controller can comply with his/her obligation to report the personal data breach to the competent supervisory authority, cf. Article 33 of the General Data Protection Regulation. 3. In accordance with Provision 9.2.a., the data processor must assist the data controller in reporting the breach to the competent supervisory authority. This means that the data processor must assist in providing below information, which according to Article 33(3) must be present in the data controller’s report of the breach to the competent supervisory authority: a. the nature of the personal data breach, including, if possible, the categories and the approximate number of affected data subjects as well as the catego- ▇▇▇▇ and the approximate number of personal data records affected b. the likely consequences of the personal data breach c. the measures that the data controller has taken or suggests taken to address the personal data breach, including, if relevant, measures to mitigate its pos- sible adverse effects. 4. The parties must indicate in Appendix C the information that the data processor must provide in connection with his/her assistance to the data controller in his/her obligation to report the personal data breach to the competent supervisory authority.
View SourceView Similar (3)
NOTIFICATION OF A PERSONAL DATA BREACH. 6.1 In the event of a Personal Data Breach ▇.▇▇▇▇▇▇▇▇▇ will notify the Client without undue delay after becoming aware of a personal data breach. ▇.▇▇▇▇▇▇▇▇▇ will cooperate with the Client in order to enable the Client to properly respond to a Personal Data Breach. 6.2 ▇.▇▇▇▇▇▇▇▇▇ will not inform the affected data subjects nor a Regulator of a Personal Data Breach, unless this is required by Union or Member State law. In that case, ▇.▇▇▇▇▇▇▇▇▇ will inform the Client thereof as soon as possible.
View SourceView Similar (2)
NOTIFICATION OF A PERSONAL DATA BREACH. The Sub-Processor shall notify the Data Processor of a Personal data breach without unnecessary delay, but at the latest within 48 hours of being made aware of the breach.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH. 5.1. Blastness shall notify the Controller of any breach of the security measures adopted for the protection of data and information that results in the destruction, loss, modification, unauthorised disclosure of or access to the Personal Data and the information transmitted, stored or otherwise processed, without undue delay and in any event not later than 48 hours after the event or the discovery of the event.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH. 7.1 Processor shall notify the Controller immediately and in any case within twenty four (24) hours upon becoming aware of or reasonably suspicion of a data breach, providing the Controller with sufficient information, which allows the Controller to meet any obligations to report a data breach under the Data Protection Legislation. 7.2 Processor shall fully co-operate with the Controller and take such reasonable steps as are directed by the Controller to assist in the investigation, mitigation and remediation of each data breach, in order to enable the Controller to meet the requirements under the Data Protections Legislation. Processor shall also provide Controller with information necessary to prevent similar incidents.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH. 6.1 Flowscape shall notify the Customer immediately and in any case within twenty four (24) hours upon becoming aware of or reasonably suspicion of a data breach, providing the Customer with sufficient information, which allows the Customer to meet any obligations to report a data breach under the Data Protection Legislation. 6.2 Flowscape shall fully co-operate with the Customer and take such reasonable steps as are directed by the Customer to assist in the investigation, mitigation and remediation of each data breach, in order to enable the Customer to meet the requirements under the Data Protections Legislation. Flowscape shall also provide Customer with information necessary to prevent similar incidents.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH to the authorities concerned (1) The Contracting Parties shall ensure, in the event of a personal data breach affecting personal data transferred under this Agreement, that the respective competent authorities notify each other as well as their respective supervisory authority of that personal data breach without delay, and to take measures to mitigate its possible adverse effects. (2) The notification shall at least: (a) describe the nature of the personal data breach including, where possible, the categories and number of data subjects concerned and the categories and number of personal data records concerned; (b) describe the likely consequences of the personal data breach; (c) describe the measures taken or proposed to be taken by the competent authority to address the personal data breach, including the measures taken to mitigate its possible adverse effects. (3) To the extent that it is not possible to provide all the required information at the same time, it may be provided in phases. Outstanding information shall be provided without undue further delay. (4) The Contracting Parties shall ensure that their respective competent authorities document any personal data breaches affecting personal data transferred under this Agreement, including the facts relating to the personal data breach, its effects and the remedial action taken, thereby enabling their respective supervisory authority to verify compliance with applicable legal requirements.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH. 9.1 Flowscape shall notify the End User immediately and in any case within twenty four (24) hours upon becoming aware of or reasonably suspicion of a data breach, providing the End User with sufficient information, which allows the End User to meet any obligations to report a data breach under the Data Protection Legislation. 9.2 Flowscape shall fully co-operate with the End User and take such reasonable steps as are directed by the End User to assist in the investigation, mitigation and remediation of each data breach, in order to enable the End User to meet the requirements under the Data Protections Legislation. Flowscape shall also provide End User with information necessary to prevent similar incidents.
View Source
NOTIFICATION OF A PERSONAL DATA BREACH. 8.1 In the event of a personal data breach, the Processor shall cooperate with and assist the Controller so the Controller can comply with its obligations under Articles 33 and 34 of the GDPR, if applicable, taking into account the nature of the processing and the information available to the Processor. In the event of a breach in relation to personal data processed by the processor, the processor, after becoming aware of the breach, shall notify the controller without delay.
View Source

Related to NOTIFICATION OF A PERSONAL DATA BREACH

  • Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach. 2. The data processor’s notification to the data controller shall, if possible, take place within 24 hours after the data processor has become aware of the personal data breach to enable the data controller to comply with the data controller’s obligation to notify the personal data breach to the competent supervisory authority, cf. Article 33

  • Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. 7.2 Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

  • Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.

  • Personal Data Breaches 5.7.1 The Data Processor shall give immediate notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”). 5.7.2 The Data Processor shall make reasonable efforts to identify the cause of such a breach and take those steps as they deem necessary to establish the cause, and to prevent such a breach from reoccurring.

  • Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.