MODUK DEFCON 532B PDF

Definitions

In this Condition the following words and expressions shall have the meanings given to them, except where the context requires a different meaning:

‘Contractor Personnel’ means all directors, officers, employees, agents, consultants and contractors of the Contractor and/or of any Sub- Contractor engaged in the performance of its obligations under the Contract;

‘Data Loss Event’ means any event that results in unauthorised access to Personal Data held by the Contractor under this Contract, and/or actual loss and/or destruction of Personal Data in breach of the Contract, including any Personal Data Breach;

‘Data Protection Legislation’ means (1) the GDPR, the LED and any applicable national implementing Laws as amended from time to time;

 the DPA 2018 (subject to Royal Assent) to the extent that it relates to processing of personal data and privacy; and (3) all applicable Law about the processing of personal data and privacy;

‘Data Protection Impact Assessment’ means an assessment by the Controller of the impact of the envisaged processing on the protection of Personal Data; e. ‘Data Subject Access Request’ means a request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to the Data Protection Legislation to access their Personal Data; f. ‘DPA 2018’ means the Data Protection Act 2018;

 ‘GDPR’ means the General Data Protection Regulation (Regulation (EU) 2016/679);

‘Law’ means any law, subordinate legislation within the meaning of Section 21(1) of the Interpretation Act 1978, bye-law, enforceable right within the meaning of Section 2 of the European Communities Act 1972, regulation, order, regulatory policy, mandatory guidance or code of practice, judgment of a relevant court of law, or directives or requirements with which the Contractor is bound to comply;

‘LED’ means the Law Enforcement Directive (Directive (EU) 2016/680);

‘Protective Measures’ means appropriate technical and organisational measures which includes:

pseudonymising and encrypting Personal Data; ensuring confidentiality, integrity, availability and resilience of systems and services;

ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident; and

regularly assessing and evaluating the effectiveness of the such measures adopted by it; k. ‘Sub-processor’” means any third Party appointed to process Personal Data on behalf of the Contractor related to the Contract; l. The following expressions shall have the same meanings as in Article 4 of the GDPR:

Controller;

Processor;

Data Subject;

Personal Data;

Personal Data Breach; and

Data Protection Officer.