{"component": "clause", "props": {"groups": [{"snippet_links": [{"key": "commercially-reasonable", "type": "clause", "offset": [19, 42]}, {"key": "technical-and-organisational-measures", "type": "definition", "offset": [43, 80]}, {"key": "unauthorised-access", "type": "definition", "offset": [103, 122]}, {"key": "dpis-policy", "type": "definition", "offset": [240, 251]}, {"key": "all-personal-data", "type": "definition", "offset": [268, 285]}, {"key": "in-connection-with", "type": "clause", "offset": [320, 338]}, {"key": "this-agreement", "type": "clause", "offset": [360, 374]}, {"key": "in-accordance-with", "type": "definition", "offset": [420, 438]}, {"key": "as-amended", "type": "definition", "offset": [543, 553]}, {"key": "from-time-to-time", "type": "clause", "offset": [554, 571]}, {"key": "applicable-data-protection-laws", "type": "definition", "offset": [688, 719]}, {"key": "the-personal-data", "type": "definition", "offset": [727, 744]}, {"key": "a-third-party", "type": "clause", "offset": [756, 769]}, {"key": "pursuant-to-applicable", "type": "clause", "offset": [823, 845]}, {"key": "authorisations-and-consents", "type": "clause", "offset": [898, 925]}, {"key": "with-respect-to", "type": "clause", "offset": [926, 941]}, {"key": "such-information", "type": "definition", "offset": [942, 958]}, {"key": "technical-safeguards", "type": "definition", "offset": [1016, 1036]}, {"key": "protection-of-the-security", "type": "clause", "offset": [1041, 1067]}, {"key": "integrity-of", "type": "clause", "offset": [1089, 1101]}, {"key": "business-contact-information", "type": "clause", "offset": [1122, 1150]}, {"key": "not-limited", "type": "clause", "offset": [1169, 1180]}, {"key": "preventing-access", "type": "clause", "offset": [1197, 1214]}, {"key": "disclosure-of-customer-data", "type": "clause", "offset": [1237, 1264]}, {"key": "provide-the", "type": "clause", "offset": [1311, 1322]}, {"key": "saas-solutions", "type": "definition", "offset": [1323, 1337]}, {"key": "by-customer", "type": "clause", "offset": [1451, 1462]}, {"key": "in-writing", "type": "definition", "offset": [1463, 1473]}, {"key": "specific-safeguards", "type": "clause", "offset": [1480, 1499]}, {"key": "customer-shall", "type": "clause", "offset": [1606, 1620]}, {"key": "on-behalf-of", "type": "definition", "offset": [1719, 1731]}, {"key": "unless-agreed-otherwise", "type": "clause", "offset": [1775, 1798]}, {"key": "a-separate", "type": "definition", "offset": [1809, 1819]}, {"key": "agreement-between-the-parties", "type": "clause", "offset": [1828, 1857]}, {"key": "data-centre", "type": "clause", "offset": [1953, 1964]}, {"key": "geographic-region", "type": "definition", "offset": [1980, 1997]}, {"key": "the-website", "type": "clause", "offset": [2037, 2048]}], "size": 4, "samples": [{"hash": "faP5M5PgPx4", "uri": "/contracts/faP5M5PgPx4#data-privacy-security", "label": "Master Software License and Subscription Agreement", "score": 31.9071178436, "published": true}, {"hash": "6R0orO4HjYm", "uri": "/contracts/6R0orO4HjYm#data-privacy-security", "label": "Master Software License and Subscription Agreement", "score": 26.1505813599, "published": true}], "snippet": "AvePoint shall use commercially reasonable technical and organisational measures de- signed to prevent unauthorised access, use, alteration, or disclosure of the Solutions or Customer Data, as fur- ther described in AvePoint\u2019s then-current DPIS Policy. Customer Data. All Personal Data received or collected by AvePoint in connection with the perfor- \u2587\u2587\u2587\u2587\u2587 of this Agreement (including its amendments) will be processed in accordance with AvePoint\u2019s Pri- vacy Policy, which can be accessed at \u2587\u2587\u2587\u2587://\u2587\u2587\u2587.\u2587\u2587\u2587- \u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587/\u2587\u2587\u2587\u2587\u2587\u2587\u2587/\u2587\u2587\u2587\u2587\u2587\u2587\u2587-\u2587\u2587\u2587\u2587\u2587\u2587, as amended from time to time. Any Personal Data received or collected by AvePoint or its Affiliates will further be processed in accordance with applicable data protection laws. Where the Personal Data is that of a third party, Cus- tomer certifies that it has obtained that data pursuant to applicable data protection laws and has obtained all necessary authorisations and consents with respect to such information. AvePoint shall maintain administra- tive, physical, and technical safeguards for protection of the security, confidentiality and integrity of Cus- tomer Data and Business Contact Information, includ- ing, but not limited to measures for preventing access, use, modification or disclosure of Customer Data or Business Contact Information except (a) to provide the SaaS Solutions and prevent or address service or tech- nical problems; (b) as compelled by law; or (c) as ex- pressly permitted by Customer in writing. Such specific safeguards shall be as set forth in the Documentation. When providing Customer Data or Business Contact Information, Customer shall not under any circum- stances provide Personal Data to AvePoint for the pro- cessing of such data on behalf of Customer, as defined in Article 28.1 GDPR, unless agreed otherwise by way of a separate written agreement between the Parties. All Customer Data passing through SaaS Solutions is stored by AvePoint in a Customer-selected data centre. If there is a geographic region indicated on the appli- cable Order or the website where Customer registers 2.", "hash": "3e117ef27e8a018281438f084b02985d", "id": 1}, {"snippet_links": [{"key": "sell-or-rent", "type": "clause", "offset": [21, 33]}, {"key": "personal-information-collected", "type": "clause", "offset": [38, 68]}, {"key": "the-company-has", "type": "definition", "offset": [95, 110]}, {"key": "at-all-times", "type": "clause", "offset": [111, 123]}, {"key": "all-applicable-laws", "type": "clause", "offset": [138, 157]}, {"key": "protection-of-personal-information", "type": "clause", "offset": [213, 247]}, {"key": "failure-to-comply", "type": "clause", "offset": [262, 279]}, {"key": "material-adverse-effect", "type": "definition", "offset": [323, 346]}, {"key": "any-loss", "type": "definition", "offset": [380, 388]}, {"key": "unauthorized-access", "type": "definition", "offset": [400, 419]}, {"key": "security-of", "type": "clause", "offset": [450, 461]}, {"key": "commercially-reasonable-efforts", "type": "definition", "offset": [523, 554]}, {"key": "personally-identifiable-information", "type": "definition", "offset": [572, 607]}, {"key": "knowledge-of-the-company", "type": "definition", "offset": [632, 656]}, {"key": "in-compliance", "type": "clause", "offset": [686, 699]}, {"key": "relating-to", "type": "definition", "offset": [728, 739]}, {"key": "notification-obligations", "type": "clause", "offset": [775, 799]}, {"key": "each-case", "type": "definition", "offset": [804, 813]}, {"key": "relate-to", "type": "definition", "offset": [822, 831]}], "size": 2, "samples": [{"hash": "l8bB8SOPs4g", "uri": "/contracts/l8bB8SOPs4g#data-privacy-security", "label": "Contribution Agreement (Vinebrook Homes Trust, Inc.)", "score": 34.5879516602, "published": true}, {"hash": "fhp8LgJdqX4", "uri": "/contracts/fhp8LgJdqX4#data-privacy-security", "label": "Side Letter to Contribution Agreement (Vinebrook Homes Trust, Inc.)", "score": 34.3579750061, "published": true}], "snippet": "The Company does not sell or rent any Personal Information collected, used or disclosed to it. The Company has at all times complied with all applicable Laws regarding the collection, retention, transfer, use and protection of Personal Information, except where failure to comply would not reasonably be expected to have a Material Adverse Effect. The Company has not experienced any loss, damage or unauthorized access, disclosure, use or breach of security of any Personal Information in its possession. The Company uses commercially reasonable efforts to safeguard any personally identifiable information that it obtains. To the Knowledge of the Company, the Company is and has been in compliance in with all applicable Laws relating to loss, theft and breach of security notification obligations, in each case as they relate to Personal Information.", "hash": "5c871180657a3cf059c17faa64c1fdb5", "id": 2}, {"snippet_links": [{"key": "no-protected-health-information", "type": "clause", "offset": [0, 31]}, {"key": "health-insurance-portability-and-accountability-act-of-1996", "type": "definition", "offset": [64, 123]}, {"key": "necessary-for", "type": "definition", "offset": [170, 183]}, {"key": "the-collaboration", "type": "clause", "offset": [205, 222]}, {"key": "by-a-party", "type": "clause", "offset": [241, 251]}, {"key": "other-party", "type": "clause", "offset": [259, 270]}, {"key": "this-agreement", "type": "clause", "offset": [277, 291]}, {"key": "to-microsoft", "type": "clause", "offset": [365, 377]}, {"key": "provide-documentation", "type": "clause", "offset": [464, 485]}, {"key": "source-of-the-data", "type": "clause", "offset": [498, 516]}, {"key": "required-consents", "type": "definition", "offset": [527, 544]}, {"key": "approvals-and-authorizations", "type": "clause", "offset": [546, 574]}, {"key": "use-restrictions", "type": "definition", "offset": [713, 729]}, {"key": "other-requirements", "type": "definition", "offset": [733, 751]}, {"key": "the-proposed", "type": "clause", "offset": [906, 918]}, {"key": "review-of", "type": "clause", "offset": [962, 971]}, {"key": "for-clarity", "type": "clause", "offset": [992, 1003]}, {"key": "is-not-required-to", "type": "clause", "offset": [1014, 1032]}, {"key": "advance-notice", "type": "definition", "offset": [1044, 1058]}, {"key": "to-provide", "type": "definition", "offset": [1104, 1114]}, {"key": "information-of-a", "type": "clause", "offset": [1294, 1310]}, {"key": "not-store", "type": "definition", "offset": [1363, 1372]}, {"key": "any-action", "type": "definition", "offset": [1400, 1410]}, {"key": "with-respect-to", "type": "clause", "offset": [1411, 1426]}, {"key": "subject-to-the", "type": "definition", "offset": [1483, 1497]}, {"key": "data-privacy", "type": "clause", "offset": [1498, 1510]}, {"key": "data-security-laws", "type": "definition", "offset": [1514, 1532]}, {"key": "any-jurisdiction", "type": "definition", "offset": [1536, 1552]}, {"key": "the-united-states-of-america", "type": "clause", "offset": [1564, 1592]}, {"key": "prior-written-consent", "type": "clause", "offset": [1613, 1634]}], "size": 1, "samples": [{"hash": "fdN1xsemAwB", "uri": "/contracts/fdN1xsemAwB#data-privacy-security", "label": "Strategic Collaboration Agreement (Adaptive Biotechnologies Corp)", "score": 30.3470230103, "published": true}], "snippet": "No Protected Health Information (as such term is defined in the Health Insurance Portability and Accountability Act of 1996), other than the Protected Health Information necessary for a Party to carry out the Collaboration, will be provided by a Party to the other Party under this Agreement. If Adaptive intends to makes any Protected Health Information available to Microsoft for use in the Collaboration, Adaptive will first notify Microsoft of such intent and provide documentation of: (i) the source of the data, (ii) any required consents, approvals and authorizations necessary for Microsoft to have access to or use such Protected Health Information in the Collaboration, and (iii) any security, privacy, use restrictions or other requirements that would apply to Microsoft\u2019s access to or use of such Protected Health Information. Microsoft may elect to accept or not to accept receiving access to the proposed Protected Health Information following its review of such documentation. For clarity, Adaptive is not required to follow the advance notice process described in this paragraph in order to provide to Microsoft, for use in the Collaboration, anonymous sequencing data (which data must not include any data that could enable the sequencing data to be linked to Protected Health Information of a donor). Microsoft covenants and agrees that it will not store, process or otherwise take any action with respect to data under the Collaboration that causes Adaptive to be subject to the data privacy or data security laws of any jurisdiction other than the United States of America, without Adaptive\u2019s prior written consent.", "hash": "d9ea471c35b1b434f183c23f8fc1dfb9", "id": 3}, {"snippet_links": [{"key": "the-data", "type": "clause", "offset": [104, 112]}, {"key": "to-the-extent", "type": "clause", "offset": [138, 151]}, {"key": "each-group-company", "type": "clause", "offset": [164, 182]}, {"key": "necessary-authority", "type": "clause", "offset": [191, 210]}, {"key": "consents-and-authorizations", "type": "clause", "offset": [220, 247]}, {"key": "in-connection-with", "type": "clause", "offset": [347, 365]}, {"key": "operation-of", "type": "definition", "offset": [370, 382]}, {"key": "at-all-times", "type": "clause", "offset": [485, 497]}, {"key": "privacy-practices", "type": "clause", "offset": [530, 547]}, {"key": "privacy-policies", "type": "definition", "offset": [570, 586]}, {"key": "fully-implemented", "type": "definition", "offset": [619, 636]}, {"key": "material-omissions", "type": "clause", "offset": [670, 688]}, {"key": "knowledge-of-the-company", "type": "definition", "offset": [742, 766]}, {"key": "in-violation", "type": "definition", "offset": [808, 820]}, {"key": "data-protection-laws", "type": "clause", "offset": [824, 844]}, {"key": "access-to-personal-information", "type": "clause", "offset": [1001, 1031]}, {"key": "by-or-on-behalf-of", "type": "definition", "offset": [1078, 1096]}, {"key": "company-to-notify", "type": "clause", "offset": [1184, 1201]}, {"key": "governmental-entities", "type": "clause", "offset": [1202, 1223]}, {"key": "affected-individuals", "type": "definition", "offset": [1225, 1245]}, {"key": "other-parties", "type": "definition", "offset": [1249, 1262]}, {"key": "unauthorized-access", "type": "definition", "offset": [1289, 1308]}, {"key": "confidential-information-or-trade-secrets", "type": "clause", "offset": [1350, 1391]}, {"key": "on-schedule", "type": "definition", "offset": [1413, 1424]}, {"key": "no-group-company-has", "type": "clause", "offset": [1438, 1458]}, {"key": "written-complaint", "type": "clause", "offset": [1472, 1489]}, {"key": "notice-of-investigation", "type": "definition", "offset": [1493, 1516]}, {"key": "not-limited", "type": "clause", "offset": [1532, 1543]}, {"key": "to-inquiries", "type": "clause", "offset": [1544, 1556]}, {"key": "other-communications", "type": "clause", "offset": [1560, 1580]}, {"key": "any-person", "type": "clause", "offset": [1586, 1596]}, {"key": "governmental-entity", "type": "clause", "offset": [1608, 1627]}, {"key": "independent-contractors", "type": "clause", "offset": [1709, 1732]}, {"key": "uses-or-disclosures", "type": "clause", "offset": [1734, 1753]}, {"key": "security-practices", "type": "definition", "offset": [1761, 1779]}, {"key": "security-incidents", "type": "clause", "offset": [1783, 1801]}, {"key": "third-party", "type": "definition", "offset": [1870, 1881]}, {"key": "disclosure-of-personal-information", "type": "clause", "offset": [1905, 1939]}, {"key": "company-agent", "type": "definition", "offset": [1974, 1987]}, {"key": "employee-or-independent-contractor", "type": "definition", "offset": [1989, 2023]}, {"key": "material-liabilities", "type": "definition", "offset": [2068, 2088]}, {"key": "applicable-data-protection-requirements", "type": "definition", "offset": [2099, 2138]}, {"key": "relating-to", "type": "definition", "offset": [2139, 2150]}, {"key": "security-of-personal-information", "type": "clause", "offset": [2166, 2198]}, {"key": "the-execution", "type": "clause", "offset": [2200, 2213]}, {"key": "agreement-or", "type": "definition", "offset": [2248, 2260]}, {"key": "any-other-agreement", "type": "definition", "offset": [2261, 2280]}, {"key": "in-this-agreement", "type": "definition", "offset": [2293, 2310]}, {"key": "breach-of-any", "type": "clause", "offset": [2332, 2345]}, {"key": "assets-and-equipment", "type": "clause", "offset": [2407, 2427]}, {"key": "in-all-material-respects", "type": "definition", "offset": [2611, 2635]}, {"key": "as-required", "type": "clause", "offset": [2636, 2647]}, {"key": "business-of-the-group-companies", "type": "clause", "offset": [2689, 2720]}, {"key": "free-and-clear", "type": "clause", "offset": [2745, 2759]}, {"key": "reasonable-controls", "type": "definition", "offset": [2955, 2974]}, {"key": "to-maintain", "type": "clause", "offset": [3031, 3042]}, {"key": "confidential-information-and", "type": "clause", "offset": [3070, 3098]}, {"key": "continuous-operation", "type": "definition", "offset": [3114, 3134]}, {"key": "and-security", "type": "clause", "offset": [3147, 3159]}, {"key": "it-systems-and-data", "type": "definition", "offset": [3167, 3186]}, {"key": "no-material-breaches", "type": "clause", "offset": [3282, 3302]}, {"key": "unauthorized-uses", "type": "clause", "offset": [3327, 3344]}, {"key": "material-cost", "type": "clause", "offset": [3418, 3431]}, {"key": "duty-to-notify", "type": "clause", "offset": [3452, 3466]}, {"key": "any-other-person", "type": "definition", "offset": [3467, 3483]}, {"key": "internal-review", "type": "definition", "offset": [3518, 3533]}, {"key": "backup-and-disaster-recovery", "type": "clause", "offset": [3611, 3639]}, {"key": "consistent-with", "type": "clause", "offset": [3651, 3666]}, {"key": "standards-and-practices", "type": "clause", "offset": [3676, 3699]}], "size": 1, "samples": [{"hash": "aB9uDvPXmh9", "uri": "/contracts/aB9uDvPXmh9#data-privacy-security", "label": "Agreement and Plan of Merger (Cooper Companies, Inc.)", "score": 32.8576316833, "published": true}], "snippet": "(a) The Group Companies are, and during the past three (3) years have been, in material compliance with the Data Protection Requirements. To the extent applicable, each Group Company has all necessary authority, rights, consents and authorizations to Process any Personal Information maintained by or for each Group Company to the extent required in connection with the operation of each Group Company\u2019s business as currently conducted. During the past 3 years, each Group Company has at all times provided accurate notice of its privacy practices on its websites, such privacy policies are comprehensive, accurate and fully implemented, and they have not contained any material omissions of any Group Company\u2019s privacy practices nor, to the knowledge of the Company, have they been misleading, deceptive or in violation of Data Protection Laws in any material respect.\n(b) There has been no material occurrence of (x) unlawful or unauthorized destruction, loss, use, modification or disclosure of or access to Personal Information owned, stored, used, maintained or controlled by or on behalf of any Group Company such that Data Protection Requirements require or required the Group Company to notify Governmental Entities, affected individuals or other parties of such occurrence or (y) unauthorized access to or disclosure of the Group Companies\u2019 confidential information or trade secrets. Except as set forth on Schedule 3.22(b), (i) no Group Company has received any written complaint or notice of investigation, including but not limited to inquiries or other communications from any Person, entity or Governmental Entity regarding any Group Company or any of any Group Company\u2019s agents\u2019, employees\u2019 or independent contractors\u2019 uses or disclosures of, or security practices or security incidents regarding, Personal Information, nor any written complaint from any third party regarding the improper disclosure of Personal Information by any Group Company or any Group Company agent, employee or independent contractor; and (ii) no Group Company has incurred any material liabilities under any applicable Data Protection Requirements relating to the privacy or security of Personal Information. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Data Protection Requirements.\n(c) The information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases of the Group Companies (collectively, \u201cIT Systems\u201d) are adequate for, and operate and perform in all material respects as required in connection with the operation of, the business of the Group Companies as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. During the past three (3) years, the Group Companies have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards that are designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including Personal Information) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Group Companies have implemented backup and disaster recovery technology consistent with industry standards and practices.", "hash": "cf580f3703fd296331ba11b5769b9fa6", "id": 4}, {"snippet_links": [{"key": "information-collected", "type": "clause", "offset": [11, 32]}, {"key": "by-the-sellers", "type": "clause", "offset": [48, 62]}, {"key": "with-respect-to", "type": "clause", "offset": [63, 78]}, {"key": "of-the-sellers", "type": "clause", "offset": [115, 129]}, {"key": "personal-information", "type": "clause", "offset": [143, 163]}, {"key": "in-connection-with", "type": "clause", "offset": [164, 182]}, {"key": "conduct-of-the-business", "type": "definition", "offset": [187, 210]}, {"key": "sell-or-rent", "type": "clause", "offset": [224, 236]}, {"key": "the-information", "type": "clause", "offset": [244, 259]}, {"key": "programs-and-procedures", "type": "clause", "offset": [370, 393]}, {"key": "commercially-reasonable", "type": "clause", "offset": [403, 426]}, {"key": "security-of", "type": "clause", "offset": [473, 484]}, {"key": "applicable-seller", "type": "definition", "offset": [525, 542]}, {"key": "unauthorized-access", "type": "definition", "offset": [563, 582]}, {"key": "any-loss", "type": "definition", "offset": [670, 678]}, {"key": "breach-of-security", "type": "definition", "offset": [722, 740]}], "size": 1, "samples": [{"hash": "jqyrG1TJ4se", "uri": "/contracts/jqyrG1TJ4se#data-privacy-security", "label": "Asset Purchase Agreement (Gibraltar Industries, Inc.)", "score": 31.1327857971, "published": true}], "snippet": "Except for information collected and maintained by the Sellers with respect to their respective employees, neither of the Sellers collects any personal information in connection with the conduct of the Business and does not sell or rent any of the information it has collected with respect to its employees. Each of the Sellers has established and implemented policies, programs and procedures that are commercially reasonable to protect the confidentiality, integrity and security of any personal information concerning the applicable Seller\u2019s employees against unauthorized access, use, modification, disclosure or other misuse. Neither of the Sellers has experienced any loss or unauthorized access, disclosure, use or breach of security of any personal information in its possession.", "hash": "e3eb87b1572f62a26d0d3ee2260f8b92", "id": 5}, {"snippet_links": [{"key": "to-the-extent", "type": "clause", "offset": [3, 16]}, {"key": "applicable-law", "type": "clause", "offset": [82, 96]}, {"key": "pursuant-to-this-agreement", "type": "clause", "offset": [98, 124]}, {"key": "in-accordance-with", "type": "definition", "offset": [140, 158]}, {"key": "privacy-policy", "type": "clause", "offset": [163, 177]}, {"key": "available-at", "type": "definition", "offset": [178, 190]}, {"key": "for-the-avoidance-of-doubt", "type": "clause", "offset": [228, 254]}, {"key": "the-controller", "type": "clause", "offset": [281, 295]}, {"key": "personal-data-processed", "type": "clause", "offset": [338, 361]}, {"key": "administrative-security-measures", "type": "clause", "offset": [459, 491]}, {"key": "disclosure-of", "type": "clause", "offset": [541, 554]}, {"key": "unauthorized-access", "type": "definition", "offset": [562, 581]}, {"key": "data-held", "type": "clause", "offset": [621, 630]}], "size": 1, "samples": [{"hash": "jBkPv3hJpkX", "uri": "/contracts/jBkPv3hJpkX#data-privacy-security", "label": "Content Licensing Agreement", "score": 33.6162834167, "published": true}], "snippet": "a. To the extent that AIPP processes personal data (as that term is defined under applicable law) pursuant to this Agreement it shall do so in accordance with its Privacy Policy available at \u2587\u2587\u2587\u2587\u2587://\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587.\u2587\u2587\u2587/privacy/. For the avoidance of doubt, AIPP is and shall remain the controller (or similar term under applicable law) of personal data processed under this Agreement.\nb. AIPP will use reasonable and appropriate technical, organizational, and administrative security measures designed to prevent loss, misuse, corruption, or disclosure of and/or unauthorized access, alteration or destruction to personal data held in its custody under this Agreement.", "hash": "bd66ee3170c81a5565fb5c459cacb5a0", "id": 6}, {"snippet_links": [{"key": "to-the-extent", "type": "clause", "offset": [0, 13]}, {"key": "the-services", "type": "clause", "offset": [14, 26]}, {"key": "information-from", "type": "clause", "offset": [80, 96]}, {"key": "those-terms", "type": "clause", "offset": [172, 183]}, {"key": "applicable-privacy-laws", "type": "definition", "offset": [199, 222]}, {"key": "in-accordance-with", "type": "definition", "offset": [224, 242]}, {"key": "the-applicable", "type": "clause", "offset": [263, 277]}, {"key": "providing-services", "type": "clause", "offset": [320, 338]}, {"key": "international-laws", "type": "clause", "offset": [415, 433]}, {"key": "eu-general-data-protection-regulation", "type": "definition", "offset": [682, 719]}, {"key": "california-consumer-privacy-act-of-2018", "type": "definition", "offset": [746, 785]}, {"key": "other-laws", "type": "definition", "offset": [807, 817]}, {"key": "marketing-communications", "type": "clause", "offset": [829, 853]}, {"key": "security-breach-notification", "type": "clause", "offset": [865, 893]}, {"key": "minimum-security-requirements", "type": "clause", "offset": [904, 933]}, {"key": "disposal-of-records", "type": "clause", "offset": [956, 975]}, {"key": "applicable-to", "type": "definition", "offset": [1008, 1021]}, {"key": "the-processing-of-personal-data", "type": "clause", "offset": [1022, 1053]}, {"key": "a-service-provider", "type": "definition", "offset": [1103, 1121]}, {"key": "data-processor", "type": "clause", "offset": [1122, 1136]}, {"key": "in-relation-to", "type": "clause", "offset": [1137, 1151]}, {"key": "data-and-personal-information", "type": "clause", "offset": [1166, 1195]}, {"key": "responsible-for", "type": "clause", "offset": [1266, 1281]}, {"key": "data-privacy-laws", "type": "definition", "offset": [1310, 1327]}, {"key": "data-provided", "type": "clause", "offset": [1332, 1345]}, {"key": "subject-to", "type": "clause", "offset": [1363, 1373]}, {"key": "necessary-authority", "type": "clause", "offset": [1418, 1437]}, {"key": "required-consent", "type": "clause", "offset": [1461, 1477]}, {"key": "data-subjects", "type": "definition", "offset": [1483, 1496]}, {"key": "to-transfer", "type": "clause", "offset": [1498, 1509]}, {"key": "such-information", "type": "definition", "offset": [1510, 1526]}, {"key": "contractor-to", "type": "clause", "offset": [1541, 1554]}, {"key": "in-connection-with", "type": "clause", "offset": [1580, 1598]}, {"key": "operational-requirements", "type": "clause", "offset": [1686, 1710]}, {"key": "of-contractor", "type": "clause", "offset": [1740, 1753]}, {"key": "security-commitments", "type": "clause", "offset": [1768, 1788]}, {"key": "relevant-information", "type": "definition", "offset": [1790, 1810]}, {"key": "laws-and-regulations", "type": "definition", "offset": [1828, 1848]}, {"key": "and-other-information", "type": "clause", "offset": [1850, 1871]}, {"key": "system-requirements", "type": "definition", "offset": [1889, 1908]}, {"key": "policies-and-procedures", "type": "clause", "offset": [1961, 1984]}, {"key": "design-documentation", "type": "clause", "offset": [1993, 2013]}, {"key": "contracts-with-customers", "type": "clause", "offset": [2019, 2043]}, {"key": "information-security-policies", "type": "definition", "offset": [2045, 2074]}, {"key": "systems-and-data", "type": "clause", "offset": [2138, 2154]}, {"key": "notification-to-contractor", "type": "clause", "offset": [2219, 2245]}, {"key": "contractor-provided", "type": "clause", "offset": [2316, 2335]}, {"key": "related-incidents", "type": "definition", "offset": [2441, 2458]}, {"key": "to-this-agreement", "type": "clause", "offset": [2479, 2496]}, {"key": "notify-contractor", "type": "clause", "offset": [2517, 2534]}, {"key": "aggregate-consumer-information", "type": "definition", "offset": [2634, 2664]}, {"key": "right-to-convert", "type": "clause", "offset": [2735, 2751]}, {"key": "for-contractor", "type": "definition", "offset": [2853, 2867]}, {"key": "to-enter", "type": "definition", "offset": [2968, 2976]}, {"key": "financial-data", "type": "definition", "offset": [3012, 3026]}, {"key": "the-third-party", "type": "definition", "offset": [3032, 3047]}, {"key": "by-signing", "type": "clause", "offset": [3096, 3106]}, {"key": "disclosure-of", "type": "clause", "offset": [3173, 3186]}, {"key": "the-understanding", "type": "clause", "offset": [3293, 3310]}], "size": 1, "samples": [{"hash": "hWsNm7e5y7J", "uri": "/contracts/hWsNm7e5y7J#data-privacy-security", "label": "Standard Services Agreement", "score": 30.7953166962, "published": true}], "snippet": "To the extent the Services require Contractor receive personal data or personal information from Town, Contractor may process any personal data or personal information, as those terms are defined in applicable privacy laws, in accordance with the requirements of the applicable privacy law relevant to the processing in providing Services hereunder. Applicable privacy laws may include any local, state, federal or international laws, standards, guidelines, policies or regulations governing the collection, use, disclosure, sharing or other processing of personal data or personal information with which Contractor or its clients must comply. Such privacy laws may include (i) the EU General Data Protection Regulation 2016/679 (GDPR); (ii) the California Consumer Privacy Act of 2018 (CCPA); and/or (iii) other laws regulating marketing communications, requiring security breach notification, imposing minimum security requirements, requiring the secure disposal of records, and other similar requirements applicable to the processing of personal data or personal information. Contractor is acting as a Service Provider/Data Processor in relation to Town personal data and personal information, as those terms are defined respectively under the CCPA/GDPR. Town is responsible for notifying Contractor of any data privacy laws the data provided to Contractor is subject to and Town represents and warrants it has all necessary authority (including any legally required consent from data subjects) to transfer such information and authorize Contractor to process such information in connection with the Services described herein. Contractor has established information security related operational requirements that support the achievement of Contractor\u2019s information security commitments, relevant information security related laws and regulations, and other information security related system requirements. Such requirements are communicated in Contractor\u2019s policies and procedures, system design documentation, and contracts with customers. Information security policies have been implemented that define Contractor\u2019s approach to how systems and data are protected. Town is responsible for providing timely written notification to Contractor of any additions, changes or removals of access for Town personnel to Contractor provided systems or applications. If Town becomes aware of any known or suspected information security or privacy related incidents or breaches related to this agreement, Town should timely notify Contractor via email at \u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587@\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587. Contractor does not treat de-identified data or aggregate consumer information as personal data or personal information, and Contractor reserves the right to convert Town personal data or personal information into de-identified data or aggregate consumer information for Contractor\u2019s own purposes. As a benefit of benchmarking Town to others in its industry, Town allows Contractor to enter its confidential accounting and/or financial data into the third party benchmarking software that Contractor utilizes. By signing this Agreement, Town expressly authorizes Contractor to make such disclosure of Town\u2019s confidential accounting and/or financial data, as Contractor may elect within its discretion, with the understanding that, in doing so, Town will not be specifically identified.", "hash": "00c149de3b08c028cb7a29a7375a594f", "id": 7}, {"snippet_links": [{"key": "not-store", "type": "definition", "offset": [23, 32]}, {"key": "payment-data", "type": "definition", "offset": [52, 64]}, {"key": "card-details", "type": "definition", "offset": [73, 85]}, {"key": "applicable-data-protection-laws", "type": "definition", "offset": [123, 154]}, {"key": "security-protocols", "type": "definition", "offset": [196, 214]}, {"key": "pci-dss", "type": "clause", "offset": [226, 233]}, {"key": "the-merchant-must", "type": "clause", "offset": [250, 267]}], "size": 1, "samples": [{"hash": "lXjfhIMuVF9", "uri": "/contracts/lXjfhIMuVF9#data-privacy-security", "label": "Merchant Onboarding Terms and Conditions", "score": 34.2397079468, "published": true}], "snippet": "6.1 The Merchant shall not store sensitive customer payment data such as card details, OTPs, or CVV unless permitted under applicable data protection laws.\n6.2 Toucan implements industry-standard security protocols, including PCI DSS compliance, and the Merchant must ensure similar levels of security on their platform.", "hash": "b66defd672139869594e9d78f2b78e5a", "id": 8}, {"snippet_links": [{"key": "data-protection-and-privacy-laws", "type": "definition", "offset": [66, 98]}, {"key": "not-limited", "type": "clause", "offset": [115, 126]}, {"key": "health-insurance-portability-and-accountability-act", "type": "clause", "offset": [137, 188]}, {"key": "eu-general-data-protection-regulation", "type": "definition", "offset": [207, 244]}, {"key": "applicable-obligations", "type": "definition", "offset": [279, 301]}, {"key": "with-regard-to", "type": "clause", "offset": [302, 316]}, {"key": "personally-identifiable-information", "type": "definition", "offset": [329, 364]}, {"key": "personal-health-information", "type": "clause", "offset": [366, 393]}, {"key": "personal-data", "type": "definition", "offset": [395, 408]}, {"key": "confidential-or-protected-information", "type": "clause", "offset": [439, 476]}, {"key": "such-information", "type": "definition", "offset": [551, 567]}, {"key": "provide-services", "type": "definition", "offset": [593, 609]}, {"key": "required-by", "type": "definition", "offset": [658, 669]}, {"key": "applicable-data", "type": "clause", "offset": [674, 689]}, {"key": "without-limitation", "type": "clause", "offset": [728, 746]}, {"key": "business-associate-agreement", "type": "definition", "offset": [750, 778]}, {"key": "data-processing-agreement", "type": "clause", "offset": [780, 805]}, {"key": "agreement-or", "type": "definition", "offset": [824, 836]}, {"key": "required-document", "type": "definition", "offset": [849, 866]}, {"key": "by-client", "type": "clause", "offset": [951, 960]}, {"key": "commercially-reasonable", "type": "clause", "offset": [971, 994]}, {"key": "in-place", "type": "clause", "offset": [1006, 1014]}, {"key": "to-ensure", "type": "clause", "offset": [1015, 1024]}, {"key": "respond-to", "type": "clause", "offset": [1124, 1134]}, {"key": "relating-to", "type": "definition", "offset": [1147, 1158]}, {"key": "this-agreement", "type": "clause", "offset": [1200, 1214]}, {"key": "of-client", "type": "clause", "offset": [1236, 1245]}, {"key": "access-to", "type": "definition", "offset": [1284, 1293]}, {"key": "the-provisions-of-this", "type": "clause", "offset": [1339, 1361]}, {"key": "upon-notice", "type": "definition", "offset": [1376, 1387]}, {"key": "regulatory-entity", "type": "definition", "offset": [1435, 1452]}, {"key": "notice-to-company", "type": "clause", "offset": [1541, 1558]}], "size": 1, "samples": [{"hash": "cYMW3ReMvog", "uri": "/contracts/cYMW3ReMvog#data-privacy-security", "label": "Master Services Agreement", "score": 31.7879657745, "published": true}], "snippet": "Client recognizes that it may have responsibilities under various data protection and privacy laws, including, but not limited to the US Health Insurance Portability and Accountability Act (\u201cHIPAA\u201d) and the EU General Data Protection Regulation (GDPR), and will comply with such applicable obligations with regard to any and all personally identifiable information, personal health information, personal data and/or any and all sensitive, confidential or protected information (\"PI\") regarding any Member, and/or any individual for whom Company holds such information or for whom Company will provide Services (\"Company PI\") by executing all other documents required by any applicable data protection or privacy law, including, without limitation, a business associate agreement, data processing agreement, joint controller agreement or any similar required document, and also by doing the following:\na. only use Company PI as specifically instructed by Client;\nb. place commercially reasonable safeguards in place to ensure that Company PI is safe from disclosure, misuse or theft;\nc. assist Company if Company is asked to respond to any request relating to the privacy of Company PI as a result of this Agreement;\nd. require that any of Client\u2019s agents or sub-contractors that have access to, process, or hold any Company PI comply with the provisions of this paragraph;\ne. upon notice from Company or any authorized governmental or regulatory entity, stop and remediate any unauthorized processing of Company PI; and\nf. provide immediate notice to Company if Client can no longer comply with the provisions of this paragraph.", "hash": "bb5d4a1ecaac58ff5903bcfe1f4c587b", "id": 9}, {"snippet_links": [{"key": "use-of-the-licensed-software", "type": "clause", "offset": [34, 62]}, {"key": "to-register", "type": "clause", "offset": [84, 95]}, {"key": "user-accounts", "type": "clause", "offset": [107, 120]}, {"key": "responsible-for", "type": "clause", "offset": [146, 161]}, {"key": "user-name", "type": "definition", "offset": [210, 219]}, {"key": "password-information", "type": "definition", "offset": [224, 244]}, {"key": "to-customer", "type": "clause", "offset": [319, 330]}, {"key": "online-privacy-policy", "type": "clause", "offset": [477, 498]}, {"key": "available-at", "type": "definition", "offset": [509, 521]}, {"key": "customer-consents", "type": "definition", "offset": [600, 617]}, {"key": "primary-data", "type": "clause", "offset": [677, 689]}, {"key": "in-accordance-with", "type": "definition", "offset": [690, 708]}, {"key": "this-policy", "type": "definition", "offset": [709, 720]}, {"key": "the-internet", "type": "clause", "offset": [783, 795]}, {"key": "telecommunications-services", "type": "clause", "offset": [862, 889]}, {"key": "information-technology-infrastructure", "type": "clause", "offset": [901, 938]}, {"key": "commercially-reasonable-efforts", "type": "definition", "offset": [953, 984]}, {"key": "security-of-data", "type": "clause", "offset": [1012, 1028]}, {"key": "the-design", "type": "clause", "offset": [1106, 1116]}, {"key": "ordinary-use", "type": "definition", "offset": [1157, 1169]}, {"key": "breach-of-any", "type": "clause", "offset": [1218, 1231]}, {"key": "notwithstanding-the-foregoing", "type": "clause", "offset": [1261, 1290]}, {"key": "access-data", "type": "definition", "offset": [1396, 1407]}, {"key": "intended-use", "type": "clause", "offset": [1455, 1467]}, {"key": "to-use-the-software", "type": "clause", "offset": [1586, 1605]}, {"key": "applicable-data-privacy-laws", "type": "definition", "offset": [1686, 1714]}, {"key": "to-indemnify", "type": "clause", "offset": [1740, 1752]}, {"key": "other-accrued-liabilities", "type": "definition", "offset": [1788, 1813]}, {"key": "by-customer", "type": "clause", "offset": [1821, 1832]}, {"key": "in-violation", "type": "definition", "offset": [1864, 1876]}], "size": 1, "samples": [{"hash": "8NpCaiV9KWV", "uri": "/contracts/8NpCaiV9KWV#data-privacy-security", "label": "Service Level Agreement", "score": 31.8728237152, "published": true}], "snippet": "8.1 Customer understands that the use of the Licensed Software may require Customer to register individual user accounts with Pulsar. Customer is responsible for maintaining the confidentiality of any account, user name, or password information used in conjunction with the Licensed Software and for restricting access to Customer\u2019s computer and account. Customer is responsible for all activities that occur under Customer\u2019s account or password.\n8.2 Pulsar has established an online privacy policy, which is available at \u2587\u2587\u2587.\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587 (\u201cPrivacy Policy\u201d). By using the Licensed Software, Customer consents to Pulsar\u2019s collecting, storing, and processing Customer\u2019s Primary Data in accordance with this Policy.\n8.3 The Licensed Software is designed to be accessed through the Internet and thus makes use of third-party hardware, networking equipment, telecommunications services, and other information technology infrastructure. Pulsar makes commercially reasonable efforts to protect the privacy and security of data and Customer\u2019s use of the Licensed Software. Pulsar has taken precautions in the design of the Licensed Software to assure that ordinary use of the Licensed Software will not result in the breach of any privacy-related regulations. Notwithstanding the foregoing, it may be possible for some individuals to utilize illegal methods to input, track, store, or otherwise access data not in accordance with the Licensed Software\u2019s intended use. CUSTOMER HEREBY ACKNOWLEDGES THAT THE LICENSED SOFTWARE IS NOT INTENDED FOR SUCH USE AND THAT SHOULD CUSTOMER CHOOSE TO USE THE SOFTWARE IN SUCH A MANNER, CUSTOMER ALONE ASSUMES ALL RESPONSIBILITY FOR COMPLIANCE WITH APPLICABLE DATA PRIVACY LAWS. CUSTOMER FURTHER AGREES TO INDEMNIFY PULSAR FOR ANY AND ALL DAMAGES AND OTHER ACCRUED LIABILITIES CAUSED BY CUSTOMER\u2019S USE OF THE LICENSED SOFTWARE IN VIOLATION OF THIS PROVISION.", "hash": "f819afc80dab11d31b4aad625ed9f1ba", "id": 10}], "next_curs": "Cl4SWGoVc35sYXdpbnNpZGVyY29udHJhY3RzcjoLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2Ih5kYXRhLXByaXZhY3ktc2VjdXJpdHkjMDAwMDAwMGEMogECZW4YACAA", "clause": {"children": [["sicherheit", "Sicherheit"], ["data-security", "Data Security"], ["data-migration", "Data Migration"], ["data-ownership", "Data Ownership"], ["global-availability", "Global Availability"]], "size": 20, "parents": [["representations-and-warranties-of-the-company", "REPRESENTATIONS AND WARRANTIES OF THE COMPANY"], ["proprietary-rights-data-privacy", "Proprietary Rights Data Privacy"], ["general-provisions", "General Provisions"], ["governing-law-and-language", "Governing Law and Language"], ["representations-and-warranties-of-the-seller-parties", "REPRESENTATIONS AND WARRANTIES OF THE SELLER PARTIES"]], "title": "Data Privacy & Security", "id": "data-privacy-security", "related": [["data-privacy-and-security", "Data Privacy and Security", "Data Privacy and Security"], ["data-privacy-and-security-laws", "Data Privacy and Security Laws", "Data Privacy and Security Laws"], ["data-privacy", "Data Privacy", "Data Privacy"], ["data-privacy-consent", "Data Privacy Consent", "Data Privacy Consent"], ["data-security-and-privacy-plan", "Data Security and Privacy Plan", "Data Security and Privacy Plan"]], "related_snippets": [], "updated": "2025-08-27T05:52:21+00:00", "also_ask": [], "drafting_tip": null, "explanation": "The Data Privacy & Security clause establishes the obligations of parties to protect personal and sensitive information collected, processed, or stored during the course of their relationship. It typically outlines requirements for implementing appropriate technical and organizational measures, complying with relevant data protection laws, and notifying affected parties in the event of a data breach. This clause serves to safeguard confidential data, ensure legal compliance, and mitigate the risks associated with unauthorized access or disclosure of information."}, "json": true, "cursor": ""}}