Protection of Humber Services confidential information and business
Use of Humber Services Data
Suppliers shall only process/use Humber Services Data in accordance with this policy and, in all cases, in accordance with Humber Services written instructions from time to time. Humber Services Data must not be processed/used for any other purpose.
Data Security Management
Data “Security” covers organisational (i.e. people, processes) and technical measures to safeguard against:
• unauthorized or unlawful processing
• against accidental loss, destruction of, or damage to Humber Services Data.
Suppliers must always have in place, and regularly test and evaluate, appropriate technical and organisational security measures such as:
• Regularly monitoring your system for possible vulnerabilities and attacks
• Conducting penetration testing to identify ways to further strengthen security.
Security must be appropriate to the likely risks to individuals if data was lost, stolen or disclosed to unauthorised people.
Controlling access to Humber Services
Data Suppliers must ensure that only its employees who may be required by Suppliers to assist it in meeting its obligations under the agreement will have access to Humber Services Data.
Suppliers must maintain, and provide to Humber Services, if requested, details of all employees with access to Humber Services Data.
Suppliers must ensure that appropriate physical access controls are in place where Humber Services Data is stored.
Sub-Processing
Humber services do not conduct any sub-processing with any data.
Security breaches or incident management
Suppliers must immediately notify (by means below) Humber Services of any if any of the following incidents occur in relation to Humber Services data:
• unauthorised or unlawful processing
• unauthorised or accidental loss
• damage to
• alteration of
• destruction of
• disclosure
Suppliers must provide Humber Services with all reasonable information, data and documentation relating to, and full co-operation and assistance and implement and comply with any reasonable steps and actions requested by Humber Services to minimise or stop such Security Breach and/or to prevent such Security Breach reoccurring.
Humber Services will immediately inform suppliers if any of the following incidents occur in relation to supplier / customer data:
• unauthorised or unlawful processing
• unauthorised or accidental loss
• damage to
• alteration of
• destruction of
• disclosure
Humber Services will provide Suppliers with all reasonable information, data and documentation relating to, and full co-operation and assistance and implement and comply with any reasonable steps and actions requested by Suppliers to minimise or stop such Security Breach and/or to prevent such Security Breach reoccurring.