Data Privacy Laws |
means all laws that relate to data protection, privacy, the use of information relating to individuals, and or the information rights of individuals including without limitation, the Data Protection Act 1998, the Privacy and Electronic Communication (EC Directive) Regulations 2003, the Regulation of Investigatory Powers Act 2000, the Telecommunications (lawful Business Practice) (Interception of Communications) Regulations 2000, Privacy and Electronic Communications (EC Directive) Regulations 2003, the Consumer Protection from Unfair Trading Regulations 2008, any laws in force in any relevant jurisdiction which implements the Directive, the Regulation, and all and any regulations made under those acts or regulations all applicable formal or informal guidance, rules, requirements, directions, guidelines, recommendations, advice, codes of practice, policies, measures or publications of the Information Commissioner's Office, other relevant regulator, and or relevant industry body, in each case in any relevant jurisdiction(s) and the equivalent in any other relevant jurisdictions. |
Supplier Personnel |
means all staff, contractors, employees, agents, sub-contractors and sub-processors of Supplier |
Data Protection Losses |
means all liabilities and other amounts, including:
- costs (including legal costs), claims, demands, actions, settlements, interest, charges, procedures, expenses, losses and damages (including relating to material or non-material damage);
- any fines, penalties, other regulatory sanctions and compensation paid to data subjects (including compensation to protect goodwill and ex gratia payments);
- restoring, rectifying, correcting, and amending The Client's data including the costs of activating disaster recovery;
- the costs of investigating, recovering, remedying breaches of this Agreement by Supplier, any Data Breachor breach of Data Privacy Law (including staff training, changes to systems and putting in place measures to prevent future breaches and process and other related losses);
- setting up a dedicated helpline (including the resources and staffing costs associated with the same) and website for data subjects;
- facilitating and paying for third party credit monitoring checks for the data subjects (for up to 12 months after a Data Breach);
- the costs of notifying Data Subjects;
- any additional operational and/or administrative costs and expenses incurred by The Client, including costs relating to time spent by or on behalf of The Client in dealing with the consequences of any breach of this Agreement or breach of Data Privacy Laws and any associated legal costs;
- any wasted expenditure;
- costs of compliance with investigations by a Supervisory Authority; and
- the costs of loading the Personal Data, , to the extent the same are lost, damaged or destroyed, and any loss or corruption of Personal Data (including the costs of rectification or restoration of Personal Data);
|
Data Subject |
has (until 24 May 2018) the meaning given under the Directive and (from 25 May 2018) the meaning given under the Regulation |
Directive |
means the European Commission Directive 95/46/EC with respect to the Processing of Personal Data |
Personal Data |
means (until 24 May 2018) personal data as defined in the Directive and (from 25 May 2018) personal data as defined in the Regulation to be processed by Civil & Corporate Security Ltd for or on behalf of the The Client or in respect of services supplied by Civil & Corporate Security Ltd to the The Client (the Services). |
Processing |
means obtaining, recording or holding Personal Data or carrying out any operation or set of operations on Personal Data (whether or not by automatic means), including:
- organisation, adaptation or alteration of Personal Data;
- retrieval, consultation or use of Personal Data;
- disclosure of the information or Personal Data by transmission, dissemination or otherwise making available; or
- alignment, combination, blocking, erasure or destruction of the Personal Data,
and Processed, Processes and Process shall be construed accordingly.. |
Regulation |
means the General Data Protection Regulation ((EU) 2016/679)). |
Services |
means the fulfilment of a contractual obligation provided to or from The Client through a written or electronic agreement document. |
Supervisory Authority |
means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Privacy Laws; |