Common use of Information Technology Clause in Contracts

Information Technology. L Brands shall cause each Service Recipient, its employees and any subcontractors to: (a) not attempt to obtain access to or use any information technology systems of any Service Provider Party, or any data owned by any Service Provider Party, or any data used or processed by any Service Provider Party (other than any data of any Service Recipient), except to the extent required to receive the Services; (b) maintain reasonable security measures to protect the systems of each Service Provider Party to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; (c) not permit access or use of information technology systems of any Service Provider Party by a third party other than as authorized by prior written consent of Service Provider; (d) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Provider Party; and (e) comply with the security policies and procedures of each Service Provider Party (to the extent previously provided to each Service Recipient in writing). Each party hereto shall promptly notify the other party in the event it or any of its respective Affiliates becomes aware of or suspects that there has been a breach of security or a loss, theft or unauthorized access, use or disclosure of any information technology systems (collectively, “IT Breach”) of any Service Provider Party or any Service Recipient to the extent such (i) IT Breach could adversely affect the provision or receipt of the Services hereunder or such other party’s data or Confidential Information or (ii) notice is required by Applicable Law.

Information Technology. L Brands (a) Subject to the terms and conditions herein, VS may access Service Provider’s information technology systems solely to the extent necessary to (i) provide Service Provider information regarding the type, volume and requested timing and destination of VS Products to be transported and delivered in connection with the Services or any other information requested by Service Provider and (ii) to the extent available, receive access to real-time data related to the VS Products for purposes of tracking and tracing freight; provided that Service Provider may without prior notice and without liability to VS, exclude for good cause any VS employee from Service Provider’s information technology systems if, in Service Provider’s reasonable and good faith opinion, such exclusion is deemed advisable in the interest of completion of the Services, the safety or security of the information technology systems or employees of any Service Provider Party or the confidentiality of any Service Provider Party’s Confidential Information. (b) VS shall, and shall cause each Service Recipient, its employees and any subcontractors to: to (ai) not attempt to obtain access to or use any information technology systems of any Service Provider Party, or any data owned by any Service Provider Party, or any data used or processed by any Service Provider Party (other than any data of any Service RecipientVS), except to the extent required to receive the Services; , (bii) maintain reasonable security measures to protect the systems of each Service Provider Party to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; , (ciii) not permit access or use of information technology systems of any Service Provider Party by a third party other than as authorized by prior written consent of Service Provider; , (div) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Provider Party; , and (ev) comply with the security policies and procedures of each Service Provider Party (to the extent previously provided to each VS in writing and applicable to such Service Recipient in writingProvider Party’s information technology systems). Each party hereto Party shall promptly notify the other party Party in the event it or any of its respective Affiliates becomes aware of or suspects that there has been a breach of security or a loss, theft or unauthorized access, use or disclosure of any information technology systems (collectively, “IT Breach”) of any Service Provider Party or any Service Recipient VS to the extent such (iA) IT Breach could adversely affect the provision or receipt of the Services hereunder or such other partyParty’s data or Confidential Information or (iiB) notice is required by Applicable Law.

Information Technology. L Brands VS shall cause each Service Recipient, its employees and any subcontractors to: (a) not attempt to obtain access to or use any information technology systems of any Service Provider Party, or any data owned by any Service Provider Party, or any data used or processed by any Service Provider Party (other than any data of any Service Recipient), except to the extent required to receive the Services; (b) maintain reasonable security measures to protect the systems of each Service Provider Party to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; (c) not permit access or use of information technology systems of any Service Provider Party by a third party other than as authorized by prior written consent of Service Provider; (d) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Provider Party; and (e) comply with the security policies and procedures of each Service Provider Party (to the extent previously provided to each Service Recipient in writing). Each party hereto shall promptly notify the other party in the event it or any of its respective Affiliates becomes aware of or suspects that there has been a breach of security or a loss, theft or unauthorized access, use or disclosure of any information technology systems (collectively, “IT Breach”) of any Service Provider Party or any Service Recipient to the extent such (i) IT Breach could adversely affect the provision or receipt of the Services hereunder or such other party’s data or Confidential Information or (ii) notice is required by Applicable Law.

Information Technology. L Brands VS shall cause each Service Recipient, its employees and any subcontractors to: (a) not attempt to obtain access to or use any information technology systems of any Service Provider Party, or any data owned by any Service Provider Party, or any data used or processed by any Service Provider Party (other than any data of any Service Recipient), except to the extent required to receive the Services; (b) maintain reasonable security measures to protect the systems of each Service Provider Party to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; (c) not permit access or use of information technology systems of any Service Provider Party by a third third-party other than as authorized by prior written consent of Service Provider; (d) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Provider Party; and (e) comply with the security policies and procedures of each Service Provider Party (to the extent previously provided to each Service Recipient in writing). Each party hereto shall promptly notify the other party in the event it or any of its respective Affiliates becomes aware of or suspects that there has been a breach of security or a loss, theft or unauthorized access, use or disclosure of any information technology systems (collectively, “IT Breach”) of any Service Provider Party or any Service Recipient to the extent such (i1) IT Breach could adversely affect the provision or receipt of the Services hereunder or such other party’s data or Confidential Information or (ii2) notice is required by Applicable Law.

Information Technology. L Brands (a) SpinCo shall cause each Service RecipientRecipient and its respective employees, its employees officers, directors, advisors and representatives (collectively, “Representatives”) and any subcontractors to: (ai) not attempt to obtain access to or use any information technology systems of any Service Provider PartyProvider, or any data owned by any Service Provider PartyProvider, or any data used or processed by any Service Provider Party (other than any data of any Service Recipient), except to the extent required to receive the Services; (bii) access and use the information technology systems made available by each Service Provider solely via a secure method selected by such Service Provider in its sole discretion; (iii) maintain reasonable security measures to protect the systems of each Service Provider Party to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; (civ) not permit access or use of information technology systems of any Service Provider Party by a third party other than as authorized by prior written consent of Service ProviderComcast; (dv) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Provider PartyProvider; and (evi) comply with the security policies and procedures of each Service Provider Party (to the extent previously provided to each Service Recipient in writing). ; (vii) communicate system passwords, keys, passcodes and other authentication credentials (collectively, “Access Credentials”) to users in a secure manner, with a proof of identity check of the intended users; and (viii) maintain the confidentiality of all such Access Credentials, including by ensuring no such Access Credentials are used for any purpose other than the receipt of the Services. (b) Comcast shall cause each Service Provider and its respective Representatives to: (i) not attempt to obtain access to or use any information technology systems of any Service Recipient, or any data owned by any Service Recipient, or any data used or processed by any Service Recipient (other than any data of any Service Provider), except to the extent required to perform the Services; (ii) access and use the information technology systems made available by each Service Recipient solely via a secure method selected by such Service Recipient in its sole discretion; (iii) maintain reasonable security measures to protect the systems of each Service Recipient to which it has access pursuant to this Agreement from access by unauthorized third parties, and any “back door”, “time bomb”, “Trojan Horse”, “worm”, “drop dead device”, “virus” or other computer software routine intended or designed to disrupt, disable, harm or otherwise impede in any manner the operation of such systems; (iv) not disable, damage or erase or disrupt or impair the normal operation of the information technology systems of any Service Recipient; (v) communicate Access Credentials to users in a secure manner, with a proof of identity check of the intended users; and (vi) maintain the confidentiality of all such Access Credentials, including by ensuring no such Access Credentials are used for any purpose other than the performance of the Services. (c) Each party hereto shall promptly (and, in any event, within twenty-four (24) hours) notify the other party in the event it or any of its respective Affiliates becomes aware of or suspects that there has been a breach of security or a loss, theft or unauthorized access, use or disclosure of any information technology systems (collectively, “IT Breach”) of any Service Provider Party or any Service Recipient to the extent such (i) IT Breach could adversely affect the provision or receipt of the Services hereunder or such other party’s data or Confidential Information or (ii) notice is required by Applicable Law. (d) Each Service Provider shall retain sole administrative rights and control of the tools, applications and infrastructure used in connection with the applicable Services (including any and all applicable Access Credentials). No such Access Credentials shall transfer or be released to any Service Recipient either during the Term of the applicable Service or thereafter, and no Service Recipient or Representative or subcontractor thereof shall retain any such Access Credentials following the Term of the applicable Service.