Third Party Vendors Nothing herein shall impose any duty upon DST in connection with or make DST liable for the actions or omissions to act of the following types of unaffiliated third parties: (a) courier and mail services including but not limited to Airborne Services, Federal Express, UPS and the U.S. Mails, (b) telecommunications companies including but not limited to AT&T, Sprint, MCI and other delivery, telecommunications and other such companies not under the party’s reasonable control, and (c) third parties not under the party’s reasonable control or subcontract relationship providing services to the financial industry generally, such as, by way of example and not limitation, the National Securities Clearing Corporation (processing and settlement services), Fund custodian banks (custody and fund accounting services) and administrators (blue sky and Fund administration services), and national database providers such as Choice Point, Acxiom, TransUnion or Lexis/Nexis and any replacements thereof or similar entities, provided, if DST selected such company, DST shall have exercised due care in selecting the same. Such third party vendors shall not be deemed, and are not, subcontractors for purposes of this Agreement.
Services Contractor Agrees to Perform Contractor agrees to perform the Services stated in Appendix A, “Scope of Services.” Officers and employees of the City are not authorized to request, and the City is not required to reimburse the Contractor for, Services beyond the Scope of Services listed in Appendix A, unless Appendix A is modified as provided in Section 11.5, “Modification of this Agreement.”
Providing Party A Party offering or providing a Service to the other Party under this Agreement.
Each Party Each Party represents and warrants to the other that: (i) it has the power to enter into and perform its obligations under this Agreement; and (ii) it has duly executed this Agreement by duly authorized persons so as to constitute valid and binding obligations of that Party.
The Supplier shall (a) Process the Personal Data only in accordance with instructions from the Authority to perform its obligations under this Framework Agreement; (b) ensure that at all times it has in place appropriate technical and organisational measures to guard against unauthorised or unlawful Processing of the Personal Data and/or accidental loss, destruction, or damage to the Personal Data; (c) not disclose or transfer the Personal Data to any third party or Supplier Personnel unless necessary for the provision of the Goods and/or Services and, for any disclosure or transfer of Personal Data to any third party, obtain the prior written consent of the Authority (save where such disclosure or transfer is specifically authorised under this Framework Agreement); (d) take reasonable steps to ensure the reliability and integrity of any Supplier Personnel who have access to the Personal Data and ensure that the Supplier Personnel: (i) are aware of and comply with the Supplier’s duties under this Clause 26.5.2 and Clause 26.2 (Confidentiality); (ii) are informed of the confidential nature of the Personal Data and do not publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Authority or as otherwise permitted by this Framework Agreement; and (iii) have undergone adequate training in the use, care, protection and handling of personal data (as defined in the DPA); (e) notify the Authority within five (5) Working Days if it receives: (i) from a Data Subject (or third party on their behalf) a Data Subject Access Request (or purported Data Subject Access Request), a request to rectify, block or erase any Personal Data or any other request, complaint or communication relating to the Authority's obligations under the DPA; (ii) any communication from the Information Commissioner or any other regulatory authority in connection with Personal Data; or (iii) a request from any third party for disclosure of Personal Data where compliance with such request is required or purported to be required by Law; (f) provide the Authority with full cooperation and assistance (within the timescales reasonably required by the Authority) in relation to any complaint, communication or request made (as referred to at Clause 26.5.2(e), including by promptly providing: (i) the Authority with full details and copies of the complaint, communication or request; (ii) where applicable, such assistance as is reasonably requested by the Authority to enable the Authority to comply with the Data Subject Access Request within the relevant timescales set out in the DPA; and (iii) the Authority, on request by the Authority, with any Personal Data it holds in relation to a Data Subject; and (g) if requested by the Authority, provide a written description of the measures that the Supplier has taken and technical and organisational security measures in place, for the purpose of compliance with its obligations pursuant to this Clause 26.5.2 and provide to the Authority copies of all documentation relevant to such compliance including, protocols, procedures, guidance, training and manuals.