Autonomous Works Ltd (“Provider”) shall notify the school or school district (“Customer”) within forty-eight (48) hours if Student Data is accessed or obtained by an unauthorized individual or company. Provider shall email the Customer of a (“Notice”) of a Data Breach and describe details on record of what happened, what Student Data was involved and how the provider is resolving the issue. The Customer can collect all the information via email or phone contact of the Provider.

The Notice will specifically include:

• A description of the breach in plain language.
• Specific Student Data that Autonomous Works Ltd believes to have been compromised.
• Estimated time, date or date range the breach occurred.
• An action plan of what Autonomous Works Ltd has done to protect against further data breach.
• Direct communication to individuals whose information has been breached.
• Contact information to obtain further details from Autonomous Works Ltd.

Provider agrees to adhere to all requirements in State and federal law regarding a data breach related to the Student Data. Provider will forward the required responsibilities and procedures for notification and mitigation of any such data breach.

Provider keeps a written record of the incident response plan that reflects best practices and is consistent with industry standards and federal and state law. These relate to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information.