GLBA. To the extent that any information obtained by the Receiving Party is “nonpublic personal information” about “consumers” or “customers” as such terms are defined in GLBA and in regulations issued thereunder (collectively, “Consumer Data”), then in addition to the obligations of the Receiving Party under this Section 7, the Receiving Party agrees that it will not disclose or use such Consumer Data provided to it by the Disclosing Party under this Agreement other than to carry out the purpose of this Agreement or in any manner prohibited by the GLBA or the regulations issued thereunder. The Receiving Party further covenants and agrees to maintain appropriate measures designed to meet the objectives of the applicable guidelines establishing information security standards as adopted by any federal regulatory agencies having jurisdiction over Receiving Party’s affairs. These measures include appropriate disposal of Consumer Data, as required, and taking appropriate actions to address incidents of unauthorized access to sensitive Consumer Data, including notification to the other Party as soon as possible of any such incident. Without limiting the foregoing, each Party represents and warrants that its information security program is designed to: (i) ensure the security and confidentiality of Consumer Data; (ii) protect against any anticipated threats or hazards to the security or integrity of such data; and (iii) protect against unauthorized access to or use of such data that could result in substantial harm or inconvenience to any consumer.
Appears in 2 contracts
Sources: Identity Protection Service Provider Agreement (Lifelock, Inc.), Identity Protection Service Provider Agreement (Lifelock, Inc.)