6. Security of Data Processing

  1. We have implemented and will maintain the technical and organisational measures for the Service as described in the ONEiO Security Standards and this Section of this DPA. In particular, We have implemented and will maintain the following technical and organisational measures: 

    (a) security of the Service as set out in Section 1.1 of the ONEiO Security Standards; 

    (b) physical security of the facilities as set out in Section 1.2 of the ONEiO Security Standards; 

    (c) measures to control access rights for Our employees and contractors in relation to the Service as set out in Section 1.1 of the ONEiO Security Standards; and 


    (d) processes for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures implemented by Us as described in Section 2 of the ONEiO Security Standards. 


  2. Customer may elect to implement technical and organisational measures in relation to the Customer Data. Such technical and organisational measures include the following which may be obtained by Customer directly from a third-party supplier or from Us as described in the Service Description: 


     (a) pseudonymisation and encryption to ensure an appropriate level of security; 

     (b) measures to ensure the ongoing confidentiality, integrity, availability and resilience of the data processing systems and services provided by Customer to third parties; 


    (c) measures to allow Customer to backup and archive appropriately in order to restore availability and access to Customer Data in a timely manner in the event of a physical or technical incident affecting the Service; and 


    (d) processes for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures implemented by Customer.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.