Ti | = | {_Personal_Data} Provided to {_Supplier} |
|
sec | = | In the event that {_Supplier} accesses or otherwise {_Processes} any {_Company_Personal_Data} during its performance of the Agreement, it shall comply with the following obligations regarding {_Company_Personal_Data}: - {NeedToDo.sec}
- {Conf.sec}
- {Care.sec}
- {CareByStaff.sec}
- {Comply.sec}
- {Expire.sec}
|
|
NB | = | Redundant with second sentence of Engage.Conf.Sec. |
|
NeedToDo.sec | = | {_Supplier} shall view and {_Process} {_Company_Personal_Data} only to the extent necessary to perform {_this_Agreement} or upon {_Company}'s written instructions. |
|
Conf.sec | = | {_Supplier} undertakes to keep {_Company_Personal_Data} confidential, and agrees to not disclose {_Company_Personal_Data} to third parties without having first received express written approval from {_Company}. {_Supplier} and {_Supplier's_Personnel} shall {_Process} {_Company_Personal_Data} only on a need-to-know basis, regarding the performance of {_this_Agreement} and any PO or SOW issued pursuant to {_this_Agreement}. |
|
Care.sec | = | {Care.ImplementMeasures.sec} {Care.AdequateMeasures.sec} {Care.InformOfBreach.sec} |
|
Care.ImplementMeasures.sec | = | {_Supplier} shall implement technical and organizational measures to ensure the security and confidentiality of {_Company_Personal_Data} in order to prevent, among other things: {Harm.List} |
|
Harm.List | = | - {Harm.Mangle.cl};
- {Harm.Disclose.cl}; and
- {Harm.UnlawfulProcessing.cl}.
|
|
Harm.Mangle.cl | = | accidental, unauthorized or unlawful destruction, alteration, modification or loss of {_Company_Personal_Data} |
|
Harm.Disclose.cl | = | accidental, unauthorized or unlawful disclosure or access to {_Company_Personal_Data} |
|
Harm.UnlawfulProcessing.cl | = | unlawful forms of {_Processing} |
|
Care.AdequateMeasures.sec | = | The security measures taken by {_Supplier} shall be in compliance with all applicable data protection regulations and shall be commensurate with the risks represented by the {_Processing} and the nature of the {_Company_Personal_Data} to be {_Processed}, taking into consideration the state of the art security measures available to protect such data and the implementation costs of such measures. |
|
Care.InformOfBreach.sec | = | {_Supplier} shall immediately inform {_Company} of any breach of its security and confidentiality obligations under this Section. |
|
|
CareByStaff.sec | = | {CareByStaff.SupplierEnsures.sec} {CareByStaff.ObtainNDA.sec} {CareByStaff.FormOfNDA.sec} {CareByStaff.SpecialNDA.sec} |
|
CareByStaff.SupplierEnsures.sec | = | {_Supplier} shall implement all measures necessary to ensure compliance by {_Supplier's_Personnel} with the obligations relating to {_Company_Personal_Data}. |
|
CareByStaff.ObtainNDA.sec | = | {_Supplier} shall require {_Supplier's_Personnel}, as a condition of having access to {_Company_Personal_Data}, to sign individual confidentiality agreements in which they each agree individually to comply with the obligations of this Section of the Agreement. |
|
CareByStaff.FormOfNDA.sec | = | {Schedule_B} of {_this_Agreement} shall be deemed an adequate form of confidentiality agreement. |
|
CareByStaff.SpecialNDA.sec | = | {_Company} may also require {_Supplier} to require {_Supplier's_Personnel}, as a condition of participating in specific assignments, to sign individual confidentiality agreements that are tailored for specific assignments. |
|
Comply.sec | = | {Comply.Law.sec} {Comply.EmploymentDataPolicy.sec} {Comply.Collect.sec} |
|
Comply.Law.sec | = | {_Supplier} shall comply with all applicable laws and regulations on personal data protection. |
|
Comply.EmploymentDataPolicy.sec | = | {_Supplier} will process "Employment Data" consistent with the {_Company_Employment_Data_Protection_Standards}, a copy of which are located at {P1.EmploymentDataPolicyURL} and may be requested from {_Company}. |
|
Comply.Collect.sec | = | In particular, if during the performance of {_this_Agreement} {_Supplier} seeks to obtain {_Company_Personal_Data} directly from {_Data_Subjects}: (i) {Comply.Collect.InformSubjects.cl}; and (ii) {Comply.Collect.ObtainApproval.cl}. |
|
Comply.Collect.InformSubjects.cl | = | {_Supplier} must provide such {_Data_Subjects} with the information required by applicable law and regulation and when necessary, obtain the {_Data_Subjects}' consent to acquire such information |
|
Comply.Collect.ObtainApproval.cl | = | except for {_Supplier}'s employees or subcontractors, {_Supplier} must obtain {_Company}'s written approval of the information and consent language to be used by {_Supplier} to gather such {_Company_Personal_Data} from the {_Data_Subjects} |
|
Comply.Breach.sec | = | Failure by {_Supplier} to comply with any obligations relating to {_Company_Personal_Data} or {_Personal_Data} set forth in {_this_Agreement} is considered a material breach of {_this_Agreement}. |
|
Audit.sec | = | {Audit.OnDemand.sec} {Audit.Access.sec} |
|
Audit.OnDemand.sec | = | {_Company} may conduct at any time, subject to a prior written notice to {_Supplier}, an on-site verification of {_Supplier}'s compliance with obligations relating to {_Company_Personal_Data}, even after the termination of {_this_Agreement}. |
|
Audit.Access.sec | = | {_Supplier} shall provide access to all applicable facilities, equipment and records in order to conduct such verification. |
|
Expire.sec | = | Upon termination of {_this_Agreement}, for whatever reason: (i) {Expire.HaltProcessing.cl}, and (ii) {Expire.Survive.cl}. |
|
Expire.HaltProcessing.cl | = | {_Supplier} shall stop any processing of {_Company_Personal_Data} and shall return to {_Company} any copy and/or reproduction thereof |
|
Expire.Survive.cl | = | these obligations regarding {_Company_Personal_Data} shall remain in full force |
| = | |
| = | [G/Z/ol/Base] |
|