Common use of Confidentiality Data Security Clause in Contracts

Confidentiality Data Security. 16.1 Supplier, for itself and on behalf of each Supplier Party and their respective assigns, agrees (A) to treat as confidential and proprietary, (B) not to disclose to others, during or subsequent to the Term, and (C) not to use, except for purposes of performing its obligations hereunder, without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance of this Agreement, including all Data and Inventions (collectively, "Confidential Information"). Supplier shall take all necessary precautions, contractual and otherwise, to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information that: (I) is, or shall have been, in the possession of Supplier and not subject to a confidentiality obligation prior to disclosure thereof to Supplier in connection with this Agreement; (II) through no act or omission of Supplier becomes published or otherwise available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III) is acquired by Supplier from any third party rightfully possessed of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.2, below), which is more specifically addressed in Section 16.2, below. All Confidential Information shall be delivered to Newmont upon the termination or expiration of this Agreement, or at any other time upon Newmont's request. Supplier shall not retain copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 until they are destroyed or erased. Supplier acknowledges that Newmont’s Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach of this Section 16.1 and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting bond (cash or otherwise), in the event of actual or threatened disclosure or use of Confidential Information in breach of this Section 16.1. 16.2 For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier shall, for as long as it has possession of any Personal Data, maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Data, and (B) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systems, and (II) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoing.

Appears in 1 contract

Sources: Purchase Agreement

Confidentiality Data Security. 16.1 Supplier, for itself and on behalf of each A. Supplier Party and their respective assigns, agrees (A) to treat as confidential and proprietary, (B) shall not to disclose to othersthird parties, during or subsequent to the Term, and (C) not to use, except use for purposes of other than performing its obligations hereunder, any Data, Inventions, or any other information that relates to the technical, legal, or business affairs or activities of Newmont or its affiliates which was obtained by or on behalf of Supplier in connection with the performance of the Services (collectively, “Confidential Information”), without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance of this Agreement, including all Data and Inventions (collectively, "Confidential Information"). Supplier shall take all necessary precautions, contractual and otherwise, to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information thatwhich: (I1) is, or shall have been, in the possession of Supplier and not subject to a confidentiality obligation prior to disclosure Supplier’s acquisition thereof to Supplier in connection with this Agreementthe performance of the Services; (II2) through no act or omission of Supplier Supplier, becomes published or otherwise available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III3) is acquired by Supplier from any third party rightfully possessed in possession of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, affiliates with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.25.B., below), which is more specifically addressed in Section 16.25.B., below. All Confidential Information shall be delivered to Newmont or destroyed by Supplier, at Newmont’s discretion, upon the termination or expiration of this Agreement, Agreement or at any other earlier time upon Newmont's ’s request. Supplier shall not retain any copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 5.A. until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 5.A. until they are destroyed or erased. Supplier acknowledges that Newmont’s the Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach by Supplier of this Section 16.1 5.A. and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, affiliates shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting a bond (cash or otherwise), in the event of actual or threatened unauthorized disclosure or use of Confidential Information in breach of this Section 16.1.5.A. 16.2 B. For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier Contractor in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier Contractor shall, for as long as it has possession of any Personal DataData or other Confidential Information (collectively, Sensitive Information”) on Contractor’s information technology systems, , maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Data, and (B) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systems, and (II) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoing.both

Appears in 1 contract

Sources: Service Agreement

Confidentiality Data Security. 16.1 Suppliera. Each Party acknowledges that it and its employees or agents, for itself in the course of the projects and on behalf services contemplated by this Agreement, may be exposed to or acquire information that is proprietary or confidential to the other Party (“Confidential Information”). Each Party agrees to hold Confidential Information of each Supplier the other Party in strict confidence and their respective assigns, agrees (A) to treat as confidential and proprietary, (B) not to use such Confidential Information or discuss or disclose such Confidential Information to othersany third party. The Parties agree that Confidential Information does not include: (i) information which at the time of disclosure is, during or subsequent without fault of the recipient becomes, generally available; (ii) information which either Party can show was in its possession at the time of disclosure or was independently developed by it; (iii) information received from a third party which had the right to transmit same without violation of any confidentiality agreement with the other party; and (iv) information which is required to be disclosed pursuant to court order or by law. The per-User pricing provided under this Agreement is Confidential Information. b. TeamDynamix will implement reasonable and appropriate measures for the TeamDynamix Applications (as determined by TeamDynamix) (the “Security Standards”) designed to help Client secure Client content against accidental or unlawful loss, access, or disclosure (the “Security Objectives”) in accordance with the TeamDynamix Security Standards. TeamDynamix may modify the TeamDynamix Security Standards from time to time but will continue to provide at least the same level of security as is in place on the Effective Date. c. TeamDynamix will not access or use Client content except as necessary to maintain or provide the services under this Agreement, or as necessary to comply with the law or a binding order of a governmental body. TeamDynamix will not (i) disclose Client content to any government or third party, or (ii) move Client content from the TeamDynamix servers; except in each case as necessary to comply with the law or a binding order of a governmental body (such as a subpoena or court order). Unless it would be in violation of a court order or other legal requirement, TeamDynamix will give Client reasonable notice of any legal requirement or order referred to in this Section 8(c), to allow Client to seek a protective order or other appropriate remedy. TeamDynamix will only use personal information and billing information in accordance with its privacy policy (available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/privacy-policy-terms), and Client consents to such usage. TeamDynamix will not collect or use any personal information prior to the Term, and (C) not to use, except for purposes of performing its obligations hereunder, without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance effective date of this Agreement, including all Data and Inventions (collectively, "Confidential Information"). Supplier shall take all necessary precautions, contractual and otherwise, Client will not submit or otherwise make available any personal information to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information that: (I) is, or shall have been, in the possession of Supplier and not subject to a confidentiality obligation TeamDynamix prior to disclosure thereof to Supplier in connection with this Agreement; (II) through no act or omission of Supplier becomes published or otherwise available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III) is acquired by Supplier from any third party rightfully possessed of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.2, below), which is more specifically addressed in Section 16.2, below. All Confidential Information shall be delivered to Newmont upon the termination or expiration of this Agreement, or at any other time upon Newmont's request. Supplier shall not retain copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 until they are destroyed or erased. Supplier acknowledges that Newmont’s Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach of this Section 16.1 and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting bond (cash or otherwise), in the event of actual or threatened disclosure or use of Confidential Information in breach of this Section 16.1date. 16.2 For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier shall, for as long as it has possession of any Personal Data, maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Data, and (B) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systems, and (II) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoing.

Appears in 1 contract

Sources: License Agreement

Confidentiality Data Security. 16.1 Supplier, for itself and on behalf of each Supplier Party and their respective assigns, agrees (A) 7.1 From time to treat as confidential and proprietary, (B) not to disclose to others, time during or subsequent to the Term, and (C) not to use, except for purposes of performing its obligations hereunder, without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance Term of this Agreement, including all Data either Party (as the “Disclosing Party”) may disclose or make available to the other Party (as the “Receiving Party”), information of Disclosing Party or its business that is labeled or identified as “confidential,” or which should reasonably be understood as confidential given the nature of the information and Inventions the circumstances of its disclosure (collectively, "Confidential Information"). Supplier shall take all necessary precautions; provided, contractual and otherwisehowever, to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, that Confidential Information shall does not include any information that: (Ia) is, is or shall have been, in the possession of Supplier and not subject to a confidentiality obligation prior to disclosure thereof to Supplier in connection with this Agreement; (II) through no act or omission of Supplier becomes published or otherwise generally available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III) is acquired by Supplier from any third party rightfully possessed other than as a result of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.2, below), which is more specifically addressed in Section 16.2, below. All Confidential Information shall be delivered to Newmont upon the termination or expiration of this Agreement, or at any other time upon NewmontReceiving Party's request. Supplier shall not retain copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 until they are destroyed or erased. Supplier acknowledges that Newmont’s Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach of this Section 16.1 7; (b) is or becomes available to the Receiving Party on a non-confidential basis from a third-party source that, to the Receiving Party's knowledge, was not legally or contractually restricted from disclosing such information; (c) was in Receiving Party's possession prior to Disclosing Party's disclosure hereunder; or (d) the Receiving Party establishes by documentary evidence, was or is independently developed by Receiving Party without using any of the Disclosing Party's Confidential Information. 7.2 The Receiving Party shall: (x) protect and Newmont and/or its affiliates will suffer irreparable harm as a result safeguard the confidentiality of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting bond (cash or otherwise), in the event of actual or threatened disclosure or use of Disclosing Party's Confidential Information with at least the same degree of care as the Receiving Party would protect its own Confidential Information of like importance, but in breach no event with less than a reasonable degree of this Section 16.1. 16.2 For purposes of care; (y) not use the Disclosing Party's Confidential Information, or permit it to be used, for any purpose other than to exercise its rights or perform its obligations under this Agreement; and (z) not disclose any such Confidential Information to any person or entity, “Personal Data” means information regarding any individual except (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individualsi) recorded in any format, which is obtained as contemplated by Supplier in connection with this Agreement and that identifies in order to exercise its rights or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier shall, for as long as it has possession of any Personal Data, maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Dataperform its obligations hereunder, and (Bii) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosureReceiving Party's Group who need to know the Confidential Information to assist the Receiving Party, or destructionact on its behalf, to exercise its rights or perform its obligations under this Agreement. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectivelySection 7 only, “Sensitive Information”) on Supplier’s information technology systemsReceiving Party's Group” shall mean the Receiving Party's corporate affiliates and its or their employees, Supplier shallofficers, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systemsdirectors, shareholders, partners, members, managers, agents, independent contractors, service providers, attorneys, accountants, and (II) use commercially reasonable efforts to scan its information technology system financial advisors. In any event, the Receiving Party shall be responsible for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach violation of this Section 16.2 has occurred, that 7 caused by any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate member of the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoingReceiving Party’s Group.

Appears in 1 contract

Sources: Master Services Agreement

Confidentiality Data Security. 16.1 Supplier14.1. Information exchanged under this Agreement will be treated as confidential if identified as such at disclosure or if the subject matter or circumstances of disclosure would reasonably indicate such treatment and shall include, without limitation, the Customer Data and Regulated Data (“Confidential Information”). Confidential Information may only be used for itself the purpose of fulfilling obligations or exercising rights under this Agreement, and on behalf shared with employees, agents or contractors with a need to know such information to support that purpose. The Parties will procure that any of each Supplier its employees, agents or contractors to whom Confidential Information is disclosed are bound by contractual obligations equivalent to those in this Clause 14.1. Confidential information will be protected using a reasonable degree of care to prevent unauthorised use or disclosure for five (5) years from the date of receipt or (if longer) for such period as the information remains confidential. These obligations do not cover information that: (i) was known or becomes known to the receiving Party and their respective assignswithout obligation of confidentiality, agrees provided that (A) such recipient has no knowledge that such information is subject to a confidentiality agreement and (B) such information is not of a type or character that a reasonable person would have regarded it as confidential; (ii) is independently developed by the receiving Party without violating the disclosing Party’s rights; (iii) is or becomes publicly known (other than through unauthorised disclosure by or through a Party); (iv) is disclosed by the owner of such information to a third party free of any obligation of confidentiality; or (v) where disclosure is required by law or a governmental agency provided that, to the extent lawful so to do, the receiving Party shall notify the disclosing Party of the request giving it reasonable opportunity to respond, and cooperate with the disclosing Party’s reasonable, lawful efforts to resist, limit or delay disclosure at the disclosing Party’s expense, and provided that except for making such required disclosure, such information shall otherwise continue to be Confidential Information. Additionally, without limiting Customer’s obligation to maintain the confidentiality of Darktrace’s Intellectual Property, these obligations do not require Customer to treat as confidential and proprietaryinformation a Report or any other information specifically about Customer’s Data or Customer network systems, (B) not including any threats thereto or analysis thereof. 14.2. The Parties acknowledge that the Offering may be used to disclose to others, during process information regulated by applicable privacy or subsequent data protection laws. Solely to the Termextent relevant to Darktrace’s provision of Services, Darktrace shall act only on the instructions of Customer in processing any Regulated Data as a data processor. Customer hereby instructs Darktrace to take such steps in the processing of Regulated Data as are reasonably necessary to the performance of Darktrace’s obligations under this Agreement, and agrees that such instructions constitute its full and complete instructions as to the means by which Regulated Data shall be processed by Darktrace. Each Party agrees that it shall comply with the Data Privacy Laws in exercising its rights and performing its obligations under this Agreement. Specifically, ▇▇▇▇▇▇▇▇▇ agrees that it shall: 14.2.1. not use Regulated Data save for the purposes of delivering the Offering and Services as instructed by this Agreement and in accordance with the documented instructions of Customer. Further Darktrace shall immediately inform Customer if, in Darktrace’s reasonable opinion, an instruction from Customer infringes Data Privacy Laws 14.2.2. taking into account the nature, scope, context and purposes of processing, it shall take, implement and maintain appropriate administrative, physical, technical and organisational measures to protect any Regulated Data accessed or processed by it against unauthorised or unlawful processing or accidental loss, destruction, damage or disclosure to the which are at least equal to the most stringent of the following: (a) those set out in Darktrace’s Information Security Standards, and (Cb) not any highest standard required by law or regulation applicable to useDarktrace;ensure, except for having regard to the state of art (including technological development) and the cost of implementing such measures and the nature, scope, context and purposes of performing its obligations hereunderprocessing as well as the severity of the risk to the rights and freedoms of natural persons, procure that such measures (as set out in Clause 13.2.3) ensure a level of security appropriate to: (a) the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction, disclosure, access or damage; and (b) the nature of the data to be protected; 14.2.3. if the Customer is based in the European Union, not transfer Regulated Data outside the European Economic Area without the express prior written consent of NewmontCustomer and not without procuring provision of adequate safeguards (as defined by the European Commission from time to time); 14.2.4. take reasonable steps to ensure the reliability of its agents and employees who have access to any Regulated Data;not engage a subcontractor without the general written authorisation of the Customer , which consent may and procure that any of its subcontractors who process Regulated Data enter into a data processing agreement ensuring that the subcontractor shall abide by data protection requirements no less stringent than in this Clause 14. Darktrace shall be withheld fully liable for any reason whatsoever, any information, whether verbal or written, breach by the subcontractor of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential data protection obligations set out in nature, that may come within the knowledge of such Supplier Party in the performance this Clause; 14.2.5. upon termination of this Agreement, including it shall delete or return all such Regulated Data in accordance with the Customer’s written instructions); 14.2.6. document disclosures to third parties of Regulated Data and Inventions (collectively, "Confidential Information")information related to such disclosures as would be required for Customer to respond to a request by an individual for an accounting of disclosures of their Regulated Data; 14.2.7. Supplier shall take all necessary precautions, contractual and otherwise, provide reasonable support to prevent unauthorized disclosure Customer in complying with any legally mandated request for access to or use correction of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information that: (I) isRegulated Data by any individual, or shall have beenaccess or demand made by any court or governmental authority responsible for enforcing privacy or data protection laws, and where such request or demand is submitted to Darktrace, promptly notify the Customer of it; and 14.2.8. in the event that Darktrace suffers a breach of security (which for the avoidance of doubt shall include, without limitation, any breach of Darktrace’s obligations under this Clause 14.2 and/or any loss, destruction, damage of, or compromise to, any Customer Data in Darktrace’s possession of Supplier and not subject to a confidentiality obligation prior to disclosure thereof to Supplier in connection with this Agreement; (II) through no act or omission of Supplier becomes published or otherwise available to control), inform the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III) is acquired by Supplier from any third party rightfully possessed Customer immediately upon learning of the same and having no direct reasonably cooperate with the Customer in respect of the measures that should be taken in response. 14.3. Neither Party will make any public statement or indirect confidentiality obligation to Newmont issue any public communication regarding any incident described in this Clause, without the other Party’s prior written consent, except as strictly required by law or its affiliates, with respect regulation. 14.4. To the extent there are changes to the same; providedData Privacy Laws which materially affect the costs or risk profile of a Party, however, that the foregoing exceptions shall not apply with respect Parties will meet in good faith to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.2, below), which is more specifically addressed in Section 16.2, below. All Confidential Information shall be delivered discuss any changes to Newmont upon the termination or expiration of this Agreement, or at any other time upon Newmont's request. Supplier shall not retain copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 until they are destroyed or erased. Supplier acknowledges that Newmont’s Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach of this Section 16.1 and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting bond (cash or otherwise), in the event of actual or threatened disclosure or use of Confidential Information in breach of this Section 16.1. 16.2 For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier shall, for as long as it has possession of any Personal Data, maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Data, and (B) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systems, and (II) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shallFor the avoidance of doubt, at its own expense, cooperate with Newmont in investigating this Agreement shall be updated as and responding to the foregoingextent required to comply with the General Data Protection Regulation (EU 2016/679) prior to 25 May 2018.

Appears in 1 contract

Sources: Master Customer Agreement

Confidentiality Data Security. 16.1 Supplier, for itself and on behalf of each Supplier Party and their respective assigns, agrees (A) to treat as confidential and proprietary, (B) not to disclose to others, during or subsequent to the Term, and (C) not to use, except for purposes of performing its obligations hereunder, without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance of this Agreement, including all Data and Inventions (collectively, "Confidential Information"). Supplier shall take all necessary precautions, contractual and otherwise, to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information that: (I) is, or shall have been, in the possession of Supplier and not subject to a confidentiality obligation prior to disclosure thereof to Supplier in connection with this Agreement; (II) through no act or omission of Supplier becomes published or otherwise available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III) is acquired by Supplier from any third party rightfully possessed of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.2, below), which is more specifically addressed in Section 16.2, below. All Confidential Information shall be delivered to Newmont upon the termination or expiration of this Agreement, or at any other time upon Newmont's request. Supplier shall not retain copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 until they are destroyed or erased. Supplier acknowledges that Newmont’s Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach of this Section 16.1 and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting bond (cash or otherwise), in the event of actual or threatened disclosure or use of Confidential Information in breach of this Section 16.1. 16.2 For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier Contractor in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier Contractor shall, for as long as it has possession of any Personal DataData or other Confidential Information (collectively, Sensitive Information”) on Contractor’s information technology systems, , maintain reasonable security procedures and practices that are both (A) appropriate to the nature of the Personal Data, and (B) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (I) employ industry-standard firewall and encryption protection for its information technology systems, and (II) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoing.both

Appears in 1 contract

Sources: Purchase Agreement

Confidentiality Data Security. 16.1 Supplier, for itself and on behalf of each A. Supplier Party and their respective assigns, agrees (A) to treat as confidential and proprietary, (B) shall not to disclose to othersthird parties, during or subsequent to the Term, and (C) not to use, except use for purposes of other than performing its obligations hereunder, any Data, Inventions, or any other information that relates to the technical, legal, or business affairs or activities of Newmont or its affiliates which was obtained by or on behalf of Supplier in connection with the performance of the Services (collectively, “Confidential Information”), without the express prior written consent of Newmont, which consent may be withheld for any reason whatsoever, any information, whether verbal or written, of any description whatsoever (expressly including any technical information, experiments, or data) regarding plans, programs, plants, processes, products, minerals, real property interests, costs, equipment, or operations of Newmont or its affiliates, or other information which has been expressly identified by Newmont as being confidential in nature, that may come within the knowledge of such Supplier Party in the performance of this Agreement, including all Data and Inventions (collectively, "Confidential Information"). Supplier shall take all necessary precautions, contractual and otherwise, to prevent unauthorized disclosure or use of Confidential Information. Notwithstanding the foregoing, Confidential Information shall not include any information thatwhich: (I1) is, or shall have been, in the possession of Supplier and not subject to a confidentiality obligation prior to disclosure Supplier’s acquisition thereof to Supplier in connection with this Agreementthe performance of the Services; (II2) through no act or omission of Supplier Supplier, becomes published or otherwise available to the public under circumstances such that the public may utilize the same without any direct or indirect confidentiality obligation to Newmont or its affiliates; or (III3) is acquired by Supplier from any third party rightfully possessed in possession of the same and having no direct or indirect confidentiality obligation to Newmont or its affiliates, affiliates with respect to the same; provided, however, that the foregoing exceptions shall not apply with respect to Confidential Information which meets the definition of Personal Data (as set forth in Section 16.25.B., below), which is more specifically addressed in Section 16.25.B., below. All Confidential Information shall be delivered to Newmont or destroyed by Supplier, at Newmont’s discretion, upon the termination or expiration of this Agreement, Agreement or at any other earlier time upon Newmont's ’s request. Supplier shall not retain any copies of Confidential Information without Newmont’s express written authorization. Notwithstanding the foregoing, Supplier may retain one archival hard copy of the Confidential Information for such period of time that Supplier normally retains archival hard copies, and such hard copy shall remain subject to this Section 16.1 5.A. until it is destroyed. In addition, if Supplier’s computer system automatically retains back-up copies of Confidential Information, Supplier may retain such copies in Supplier’s archival computer storage for the period of time that Supplier normally archives backed-up computer records, and such computer copies shall remain subject to this Section 16.1 5.A. until they are destroyed or erased. Supplier acknowledges that Newmont’s the Confidential Information is an important asset of Newmont and/or its affiliates and that there is not an adequate remedy at law for a breach by Supplier of this Section 16.1 5.A. and Newmont and/or its affiliates will suffer irreparable harm as a result of such a breach. Therefore, Supplier agrees that Newmont and/or its affiliates, as applicable, affiliates shall be entitled to equitable relief, including temporary and permanent injunctive relief without the obligation of posting a bond (cash or otherwise), in the event of actual or threatened unauthorized disclosure or use of Confidential Information in breach of this Section 16.1.5.A. 16.2 B. For purposes of this Agreement, “Personal Data” means information regarding any individual (whether an employee or agent of Newmont, its affiliates, or contractors of it or its affiliates, or other individuals) recorded in any format, which is obtained by Supplier in connection with this Agreement and that identifies or could identify an individual personally, either by itself or together with other information, including demographic information such as name, sex, age and contact information, financial information such as taxpayer identification numbers and bank account information, and health information such as medical records and insurance claims. Supplier shall, for as long as it has possession of any Personal Data, maintain reasonable security procedures and practices that are both (A1) appropriate to the nature of the Personal Data, and (B2) reasonably designed to help protect the Personal Data from unauthorized access, use, modification, disclosure, or destruction. For purposes of this Agreement, Supplier is the processor and Newmont is the controller of any Personal Data. Without limiting the generality of the requirements set forth above in this Section, if Supplier has any Personal Data or other Confidential Information (collectively, “Sensitive Information”) on Supplier’s information technology systems, Supplier shall, for as long as any Sensitive Information resides on Supplier’s information technology system: (Ia) employ industry-standard firewall and encryption protection for its information technology systems, and (IIb) use commercially reasonable efforts to scan its information technology system for viruses and malware and promptly mitigate the effects of any viruses or malware detected. Supplier immediately shall notify Newmont if it becomes aware, or has reason to believe, that any breach of this Section 16.2 5.B. has occurred, that any unauthorized access to or use of, or any security breach relating to or otherwise affecting, any Sensitive Information has occurred, or that any person who has had access to Sensitive Information has violated or intends to violate the terms of this Agreement. Supplier shall, at its own expense, cooperate with Newmont in investigating and responding to the foregoing.

Appears in 1 contract

Sources: Service Agreement