Data Security and Business Continuity Sample Clauses

Data Security and Business Continuity. Each Party shall prepare and maintain, during the Term of this Agreement, disaster recovery, business resumption and contingency plans, whether prepared and maintained directly or by a Third-Party Service Provider, that are appropriate for the nature and scope of the activities of and the obligations to be performed by such Party hereunder and consistent with industry standards for the banking and commercial lending industry, including backup servicers. Each Party’s plans shall be sufficient to enable it to promptly resume the performance of its obligations hereunder in the event of a natural disaster, destruction of such Party’s facilities or operations, utility or communication failures, or similar interruption in the operations of such Party or the operations of a third party which in turn materially affect the operations of such Party. 9.1 Each Party shall maintain, at its sole cost and expense, the information systems in accordance with industry standards necessary to perform its obligations under this Agreement in a compliant manner, as well as to reasonably secure all Proprietary Information and Protected Data. Each Party, at its own cost and expense, shall, and shall require that all of its employees or agents comply with its Information Security Program, including with regard to processing, handling, managing and securing Proprietary Information and Protected Data. 9.2 Each Party shall notify and reasonably cooperate with the other Party in the event of any actual, threatened or suspected data security breach related to the Program in accordance with Section 7. If either Party receives guidance on data security or business continuity from any Regulatory Authority, it shall promptly provide to the other Party written notice of such guidance. 9.3 Each Party agrees and represents to the other Party that it has, or shall have prior to the receipt of any Proprietary Information or Protected Data, designed and implemented an Information Security Program. Each Party shall provide reasonable advance written notice to the other Party of any material revisions or changes to its Information Security Program. 9.4 Bank (at its own cost and expense) shall have the right to inspect, upon reasonable prior notice of at least ten (10) Banking Days, Affirm’s Information Security Program, associated audit reports, summaries of test results or equivalent measures taken by Affirm to ensure that its Information Security Program complies with Applicable Law. Any such ins...