Notification of Security Incident. 5.1 In the case of a Personal Data Breach, Compute Software shall promptly, without undue delay, notify Customer of the Personal Data Breach. To the extent that Compute Software has access to such information at the time of the notification, such notification shall (i) describe the nature of the Personal Data Breach, without limitation, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned, (ii) describe the likely consequences of the Personal Data Breach, and (iii) describe the measures proposed to be taken by Compute Software to address the Personal Data Breach (provided Compute Software will only implement measures such as contacting Data Subjects or notifying the relevant regulator on the instruction of Customer), including, where appropriate, measures to mitigate its possible adverse effects. Where, but only to the extent that it is not possible to provide such information at the same time as the notification of the Personal Data Breach, the information may be provided at a later time but in event as soon as reasonably practicable, and in any event, in sufficient time to enable Customer to meet the applicable deadlines under Applicable Data Protection Laws.
Appears in 2 contracts