Common use of Protection of Personal Data and Security of Data Clause in Contracts

Protection of Personal Data and Security of Data. 8.1 The Authority shall comply with any notification requirements under the DPA and both Parties shall duly observe all their obligations under the DPA which arise in connection with this Agreement. 8.2 Notwithstanding the general obligation in clause 8.1, where the Authority is processing ‘personal data’ on behalf of the Business as a ‘data processor’ (the aforementioned and foregoing wording in quotes being as defined by the DPA), the Authority shall take reasonable steps to: ensure that it has in place appropriate technical and organisational measures to ensure the security of the ‘personal data’ (and to guard against unauthorised or unlawful processing of ‘personal data’ and against accidental loss or destruction of, or damage to, the ‘personal data’), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA, having regard at all times to the state of technological development and the cost of implementing any measures; provide the Business with such information as the Business may reasonably request to satisfy itself that the Authority is complying with its obligations under the DPA; promptly notify the Business of any breach of the security requirements of the Business as referred to in clause 8.2(a); and ensure that it does not knowingly or negligently do or omit to do anything which places the Business in breach of the Business’ obligations under the DPA.

Protection of Personal Data and Security of Data. 8.1 The Authority shall comply with any notification requirements under the DPA and both Parties shall duly observe all their obligations under the DPA which arise in connection with this Agreement. 8.2 Notwithstanding the general obligation in clause 8.1, where the Authority is processing ‘personal data’ on behalf of the Business as a ‘data processor’ (the aforementioned and foregoing wording in quotes being as defined by the DPA), the Authority shall take reasonable steps to: : a) ensure that it has in place appropriate technical and organisational measures to ensure the security of the ‘personal data’ (and to guard against unauthorised or unlawful processing of ‘personal data’ and against accidental loss or destruction of, or damage to, the ‘personal data’), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA, having regard at all times to the state of technological development and the cost of implementing any measures; ; b) provide the Business with such information as the Business may reasonably request to satisfy itself that the Authority is complying with its obligations under the DPA; ; c) promptly notify the Business of any breach of the security requirements of the Business as referred to in clause 8.2(a); and and d) ensure that it does not knowingly or negligently do or omit to do anything which places the Business in breach of the Business’ obligations under the DPA.

Protection of Personal Data and Security of Data. 8.1 The Authority shall comply with any notification requirements under the DPA and both Parties shall duly observe all their obligations under the DPA which arise in connection with this Agreement. 8.2 Notwithstanding the general obligation in clause 8.1, where the Authority is processing ‘personal data’ on behalf of the Business as a ‘data processor’ (the aforementioned and foregoing wording in quotes being as defined by the DPA), the Authority shall take reasonable steps to: : a) ensure that it has in place appropriate technical and organisational measures to ensure the security of the ‘personal data’ (and to guard against unauthorised or unlawful processing of ‘personal data’ and against accidental loss or destruction of, or damage to, the ‘personal data’), as required under the Seventh Data Protection Principle in Schedule 1 to the DPA, having regard at all times to the state of technological development and the cost of implementing any measures; ; b) provide the Business with such information as the Business may reasonably request to satisfy itself that the Authority is complying with its obligations under the DPA; ; c) promptly notify the Business of any breach of the security requirements of the Business as referred to in clause 8.2(a); and and d) ensure that it does not knowingly or negligently do or omit to do anything which places the Business in breach of the Business’ obligations under the DPA.