Safety of processing Sample Clauses

Safety of processing. The level of security shall take into account: That the system stores extensive amounts of information about Norwegian and foreign workers in Norway that is registered in the system that can affect people's lives and health in the workplace. Information from the system can also be compiled into profiles that may have an impact on the rights and freedoms of the data subjects. The security level must therefore take this into account. The data processor shall henceforth have the right to make decisions on technical and organisational security measures that are to be implemented to ensure the necessary (and agreed) level of security. The Data Processor shall nevertheless – in all cases and at least – implement the following measures agreed with the Data Controller: 1. Security in databases 2. Built into the software
View SourceView Similar (2)
Safety of processing. (1) The Contractor shall take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing of the Client Data as well as the risk of varying likelihood and severity for the rights and freedoms of data subjects, to ensure a level of security for the Client Data appropriate to the risk. (2) The contractor is permitted to change or adapt technical and organizational measures during the term of the contract as long as they continue to meet the legal requirements.
View SourceView Similar (2)
Safety of processing. 6.1. The Contractor shall, in accordance with Article 32 of the GDPR, take necessary and appropriate technical and organisational measures, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing of the Client Data, as well as the varying likelihood and severity of the risk to the rights and freedoms of the data subjects, in order to ensure a level of protection for the Client Data appropriate to the risk (Annex 2). 6.2. The Contractor is permitted to change or adapt technical and organisational measures during the term of the contract as long as they continue to meet the legal requirements. A corresponding amendment to Annex 2 shall be made available to the Client in each case. 6.3. The contractor may allow its employees who are tasked with processing personal data for the client to work on a mobile basis. The term mobile working is understood to mean that employees can do their work temporarily at any location and do not need a fixed workstation in the company to do so. The data is stored on the company's systems in its own data centers or in data centers operated by providers. The data, information, applications, etc. are accessed via end devices and/or services that are secured in accordance with the company's security standards.
View Source
Safety of processing. 6.1 The parties shall implement technical and organisational measures specified in Art. 32 GDPR prior to the commencement of the processing of this contract and maintain them during the contract. 6.2 As the technical and organisational measures are subject to technical progress and technological development as well as legal changes, the parties are permitted to implement alternative and adequate measures, if this does not fall below the security level of the specified measures. If a Party determines that the measures implemented in accordance with clause 6.1 of this Agreement are not sufficient or that technical progress or legal changes require further measures, it shall immediately inform the other Party thereof in writing. The implementation of such further measures shall only take place after the written consent of the respective other party. The parties shall document such changes. 6.3 The Parties warrant to implement all appropriate technical and organisational measures in such a way that the data processing is carried out in accordance with the requirements of applicable data protection regulations (the GDPR) and ensures the protection of the rights of the data subject.
View Source
Safety of processing. (1. The processor shall implement at least the technical and organizational measures listed in Annex IV to ensure the security of the personal data. This shall include the protection of data against a breach of security leading to the destruction, loss, alteration, unauthorized disclosure of or access to the data, whether accidental or unlawful (hereinafter "personal data breach"). In assessing the appropriate level of protection, the parties shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purposes of the processing and the risks presented to the data subjects.
View Source
Safety of processing. 10.1. The Contractor confirms that it has taken the measures required in its area of responsibility in accordance with Art. 32
View Source
Safety of processing a) The Processor shall take at least the technical and organizational measures listed in Annex II to ensure the security of the Personal Data. This shall include the protection of the data against a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, the data, whether accidental or unlawful (hereinafter "Personal Data Breach"). When assessing the appropriate level of protection, the Parties shall take due account of the state of the art, the implementation costs, the nature, scope, circumstances and purposes of the processing and the risks involved for the data subjects. b) The Processor shall grant its personnel access to the personal data subject to processing only to the extent strictly necessary for the performance, management and monitoring of the Contract. The Processor warrants that the persons authorized to process the personal data received have undertaken to maintain confidentiality or are subject to an appropriate statutory duty of confidentiality and have previously familiarized themselves with the data protection provisions relevant to them.
View Source

Related to Safety of processing

  • Security of processing (a) The data importer and, during transmission, also the data exporter shall implement appropriate technical and organisational measures to ensure the security of the data, including protection against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to that data (hereinafter ‘personal data breach’). In assessing the appropriate level of security, the Parties shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purpose(s) of processing and the risks involved in the processing for the data subjects. The Parties shall in particular consider having recourse to encryption or pseudonymisation, including during transmission, where the purpose of processing can be fulfilled in that manner. In case of pseudonymisation, the additional information for attributing the personal data to a specific data subject shall, where possible, remain under the exclusive control of the data exporter. In complying with its obligations under this paragraph, the data importer shall at least implement the technical and organisational measures specified in Annex II. The data importer shall carry out regular checks to ensure that these measures continue to provide an appropriate level of security. (b) The data importer shall grant access to the personal data to members of its personnel only to the extent strictly necessary for the implementation, management and monitoring of the contract. It shall ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. (c) In the event of a personal data breach concerning personal data processed by the data importer under these Clauses, the data importer shall take appropriate measures to address the breach, including measures to mitigate its adverse effects. The data importer shall also notify the data exporter without undue delay after having become aware of the breach. Such notification shall contain the details of a contact point where more information can be obtained, a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and personal data records concerned), its likely consequences and the measures taken or proposed to address the breach including, where appropriate, measures to mitigate its possible adverse effects. Where, and in so far as, it is not possible to provide all information at the same time, the initial notification shall contain the information then available and further information shall, as it becomes available, subsequently be provided without undue delay. (d) The data importer shall cooperate with and assist the data exporter to enable the data exporter to comply with its obligations under Regulation (EU) 2016/679, in particular to notify the competent supervisory authority and the affected data subjects, taking into account the nature of processing and the information available to the data importer.

  • Duration of Processing Subject to any Section of the DPA and/or the Agreement dealing with the duration of the Processing and the consequences of the expiration or termination thereof, Data Processor will Process Personal Data for the duration of the Agreement, unless otherwise agreed upon in writing.