Physical Access Control Clause Samples

Physical Access Control. SAP protects its assets and facilities using the appropriate means based on the SAP Security Policy • In general, buildings are secured through access control systems (e.g., smart card access system). • As a minimum requirement, the outermost entrance points of the building must be fitted with a certified key system including modern, active key management. • Depending on the security classification, buildings, individual areas and surrounding premises may be further protected by additional measures. These include specific access profiles, video surveillance, intruder alarm systems and biometric access control systems. • Access rights are granted to authorized persons on an individual basis according to the System and Data Access Control measures (see Section 1.2 and 1.3 below). This also applies to visitor access. Guests and visitors to SAP buildings must register their names at reception and must be accompanied by authorized SAP personnel. • SAP employees and external personnel must wear their ID cards at all SAP locations. • All Data Centers adhere to strict security procedures enforced by guards, surveillance cameras, motion detectors, access control mechanisms and other measures to prevent equipment and Data Center facilities from being compromised. Only authorized representatives have access to systems and infrastructure within the Data Center facilities. To protect proper functionality, physical security equipment (e.g., motion sensors, cameras, etc.) undergo maintenance on a regular basis. • SAP and all third-party Data Center providers log the names and times of authorized personnel entering SAP’s private areas within the Data Centers.

Physical Access Control. UKG shall ensure that its data center sub-processor uses industry standard technology to ensure that only the appropriately authorized staff have access to those systems of UKG that are used to provide the Services. This shall include at least the following measures: visitor sign-ins, role-based access controls, limited access to the server rooms and to the alarm systems which report any unauthorized access.

Physical Access Control. The following measures as implemented are designed to protect against unauthorized physical access to premises, buildings or rooms where data processing systems are located which process and/or use Personal Data: a) Physical components of the data center facilities, servers, networking equipment, and host software are housed in nondescript facilities. b) Physical barrier controls are used to prevent unauthorized entrance to these facilities both at the perimeter (e.g., fencing, walls) and at building access points. c) Physical access points to server locations are managed by electronic access control devices and are secured with intrusion detection devices that sound alarms if the door is forced open or held open. d) Establishing access authorizations for employees and third parties, including the respective documentation. e) All visitors are required to present identification and are signed in. f) Use of video cameras (CCTV) to monitor individual physical access to data center facilities. g) Data centers utilize security guards 24x7, who are stationed in and around the building.

Physical Access Control. Measures suitable for preventing unauthorized persons from gaining access to data processing systems with which personal data are processed or used.

Physical Access Control. Netigate has card-based personalised access control systems in place with access authorization for authorised employees only (in Frankfurt, Osloand Stockholm). • Visitor regulations. Visitors are registered in a visitor’s book and are always accompanied by an employee.

Physical Access Control. Unauthorized persons are prevented from gaining physical access to premises, buildings or rooms where data processing systems that process and/or use Personal Data are located. 물리적 액세스 제어. 승인되지 않은 사람이 개인 정보를 처리하거나 사용하는 정보 처리 시스템이 위치해 있는 사업장, 건물, 실내에 대한 물리적 액세스를 확보하는 것을 방지합니다.

Physical Access Control. The security document shall require and the data importer shall ensure that only the personnel authorized have access to the places housing the physical equipment that supports the information systems.

Physical Access Control. The software is hosted in data centers operated by Hetzner Online GmbH in Germany. The technical and organizational measures taken in the data centers of the subcontracted processor Hetzner Online GmbH are described in detail here: ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇.▇▇▇/AV/▇▇▇.pdf

Physical Access Control. (i) Physical Protection of the Data Centers. Physical access to data centers is strictly controlled by the data center provider (“DC Provider”) both at the perimeter and at building ingress points by security staff. The DC Provider only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee or contractor no longer has a business need for these privileges, his or her access is immediately revoked, even if he or she continues to be an employee or contractor of the DC Provider. All physical access to data centers is logged and audited routinely.