(f) notify DataX without undue delay on becoming aware of a Personal Data breach (e) assist DataX, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators (iv) The client complies with reasonable instructions notified to it in advance by DataX with respect to the processing of the Personal Data (iii) DataX and the client complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred and (ii) the data subject has enforceable rights and effective legal remedies (i) the Client or DataX has provided appropriate safeguards in relation to the transfer (d) not transfer any Personal Data outside of the European Economic Area unless the prior written consent of DataX has been obtained and the following conditions are fulfilled: (c) ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential and (b) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it)
(a) process that Personal Data only on the written instructions of the insertion order unless otherwise required by the laws of any member of the European Union or by the laws of the European Union applicable to the client to process Personal Data (Applicable Laws). Without prejudice to the generality of these terms the client shall, in relation to any Personal Data provided by DataX in connection with the performance by DataX of its obligations under this Agreement: The Insertion Order to this Agreement sets out the scope, nature and purpose of processing by DataX and the client, the duration of the processing and the types of personal data (as defined in the Data Protection Legislation, Personal Data) and categories of Data Subject. The parties acknowledge that for the purposes of the Data Protection Legislation, DataX is the data controller and the client is the data processor (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation). This clause is in addition to, and does not relieve, remove or replace, a party’s obligations under the Data Protection Legislation. The Data Protection Acts 1988 to 2018, any other applicable law or regulation relating to the processing of personal data and to privacy legislation (including the E-Privacy Directive and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (“E-Privacy Regulations”), as such legislation shall be supplemented, amended, revised or replaced from time to time, including by operation of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) (and laws implementing or supplementing the GDPR, and laws amending or supplementing the E-Privacy Regulations) Both parties will comply with all applicable requirements of the Data Protection Legislation. You can view our compliance policy here:įor the purposes of this clause the following definitions shall apply:
This policy is reviewed on a quarterly basis against all regulatory authorities in Ireland, the UK and the EU. Please take special notice of our data compliance policy which governs the compliant use of data supplied by DataX.
0 kommentar(er)
