SafeGuard Software Limited shall observe its obligations under the Data Protection Requirements.
Where SafeGuard Software Limited processes Personal Data on behalf of you, it shall:
– process Personal Data only in accordance with instructions from you (which may be specific instructions or instructions of a general nature as set out by Contract or as otherwise notified by you to SafeGuard Software Limited during the Term);
– process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Ordered Services or as is required by Law or any Regulatory Body;
– implement appropriate technological measures to protect against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected;
– take reasonable steps to ensure the reliability of any SafeGuard Software Limited personnel who have access to the Personal Data;
– obtain prior written consent from you in order to transfer the Personal Data to any sub-contractors for the provision of the Ordered Services;
– ensure that any SafeGuard Software Limited personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this Clause 1;
– ensure that none of SafeGuard Software Limited personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by you;
– notify you (within five working days) if it receives:
1. a request from a Data Subject to have access to that person’s Personal Data; or
2. a complaint or request relating to your obligations under the Data Protection Requirements;
– provide you with full co-operation and assistance in relation to any complaint or request made, including by:
1. providing you with full details of the complaint or request;
2. complying with a data access request within the relevant timescales set out in the Data Protection Requirements and in accordance with your instructions;
3. providing you with any Personal Data it holds in relation to a Data subject (within the timescales required by you); and
4. providing you with any information requested by you;
– permit you or its representatives (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit SafeGuard Software Limited’s data Processing activities (and/or those of its agents, subsidiaries and Sub-Contractors) and comply with all reasonable requests or directions by you to enable you to verify and/or procure that SafeGuard Software Limited is in full compliance with its obligations;
– provide a written description of the technical and organisational methods employed by SafeGuard Software Limited for processing Personal data (within the timescales required by you): and
– not Process Personal Data outside the European Economic Area without the prior written consent of you and, where you consents to transfer, to comply with:
1. the obligations of the Data Controller under the Eight Data Protection Principle set out in Schedule 1 of the data Protection Act 1998 by providing an adequate level of protection to any Personal Data that is transferred; and
any reasonable instructions notified to it by you.
2. SafeGuard Software Limited shall comply at all times with the Data Protection Requirements and shall not perform its obligations under this Contract in such a way as to cause you to breach any of its applicable obligations under the Data Protection Requirements.
– You may from time to time serve on SafeGuard Software Limited an information notice requiring SafeGuard Software Limited within such time and in such form as is specified in the information notice, to furnish to you such information as you may reasonably require relating to:
1. compliance by SafeGuard Software Limited with SafeGuard Software Limited’s obligations in connection with the processing of Personal Data; and/or
2. the rights of the data subjects, including but not limited to subject access rights.
– SafeGuard Software Limited will allow its data processing facilities, procedures and documentation to be submitted for scrutiny by you or its auditors in order to ascertain compliance with the relevant laws of the United Kingdom.
– With respect to the parties’ rights and obligations, the parties acknowledge that, except where otherwise agreed, you remain the Data Controller and SafeGuard Software Limited is the Data Processor.
– Save as set out in these Conditions, any unauthorised processing, use or disclosure of personal data by SafeGuard Software Limited is strictly prohibited.
Let's connect. Follows us on Twitter, like us on Facebook.