Dailymotion has implemented and shall maintain adequate physical and organizational measures necessary to preserve the security of the Third-Party Personal Data integrated within Your Content (ex. aimed at preventing unintended destruction, loss, distortion, damage or unauthorized access to such Third-Party Personal Data). These measures are adapted to the level of the risk presented by the Processing. Nevertheless, we remind You that the Dailymotion Service is not a storage service and that You should take all necessary precautions to backup and preserve Your Content. Dailymotion does not assume any liability for the loss of the said files.
Dailymotion undertakes to implement the following organizational measures and ensures their respect by its staff and its Sub-Processors :
ensure that the persons authorized to process Third-Party Personal Data or otherwise involved in the delivery of the Services are aware of, trained and organized to provide sufficient guarantees of security and confidentiality with respect to Third-Party Personal Data; and
implement access and authorization management rules such as:
centralized management of access rights,
gradation of access and use rights,
periodic reviews.
take all reasonable steps to prevent the misappropriated or fraudulent use of processed Third-Party Personal Data.
In addition, the main technical measures currently implemented by Dailymotion are as follows:
network segmentation and filtering between zones,
multi-factor authentication,
event log, collection and centralization of logs,
anti-virus,
management of security patches,
security / flow encryption (SSL),
Internal PKI,
Encryption of data in transit and at rest,
bug-bounty program,
application of anonymization and pseudonymization techniques (ex. tokenization, aggregation, hashing, etc.),
periodic re-certification of accounts (periodic review of access rights),
peer-to-peer code review (development methodology),
periodic security audits (architecture, configuration, code, intrusion tests, etc.).
In the event of a Third-Party Personal Data Breach (as defined in the GDPR) of which Dailymotion is aware, Dailymotion commits itself to notify You of this Third-Party Personal Data Breach as soon as possible either at the email address associated with Your Dailymotion Account (or any other email address communicated to Dailymotion by You for this purpose) or through any other appropriate means (ex. banner notification visible from Your Dailymotion Account). Dailymotion will cooperate with You, should You choose to notify the Supervisory Authority or an affected Data Subjects of the Third-Party Personal Data Breach. Please note that the competent Supervisory Authority under this DPA is the CNIL.
Furthermore, Dailymotion undertakes to provide You with all reasonable assistance in order to help You in respecting Your obligations regarding the security of the Third-Party Personal Data. You understand and agree that the reasonable costs of our assistance, if any, will be at Your expense.
沒有留言:
張貼留言