Security Compromise. as soon as reasonably practicable but by no later than 72 (seventy-two) hours after becoming aware of any suspected or confirmed Personal Information Breach of any Personal Information in its possession or control, inform the other Party in writing thereof. Furthermore, a Party shall also inform the other Party in writing of the third party(ies) which may have been affected, the nature and extent of the Personal Information Breach and the identity of the unauthorized person/s who may have accessed or acquired the Personal Information. The Party, whose actions and/or omissions resulted in the Personal Information Breach, shall also take necessary remedial steps in order to mitigate the extent of the loss or compromise of such Personal Information, and prevent it from recurring. Such written notification however shall not be interpreted or construed as an admission of fault or liability by the other Party. Where the Party whose actions and/or omissions resulted in the Personal Information Breach, is deemed to be a Responsible Party/Controller, then it will be accountable to the Information Regulator and all affected Data Subjects, and will accordingly be required to carry out any required regulatory notifications of the Personal Information Breach in accordance with Applicable Data Protection Legislation.
Appears in 2 contracts
Sources: Bulk Oil Supply Agreement, Bulk Oil Supply Agreement