Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.
Privacy and Data Security (a) The parties will keep confidential any information regarding the Company, Nationwide, the Variable Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the fees payable to Nationwide under this Agreement.
Completeness and Contents of Instructions The Authorized Person shall be responsible for assuring the adequacy and accuracy of Instructions. Particularly, upon any acquisition or disposition or other dealing in the Fund's Investments and upon any delivery and transfer of any Investment or moneys, the person initiating such Instruction shall give the Custodian an Instruction with appropriate detail, including, without limitation:
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
Vendor Logo (Supplemental Vendor Information Only) No response Optional. If Vendor desires that their logo be displayed on their public TIPS profile for TIPS and TIPS Member viewing, Vendor may upload that logo at this location. These supplemental documents shall not be considered part of the TIPS Contract. Rather, they are Vendor Supplemental Information for marketing and informational purposes only. Bid Attributes Disadvantaged/Minority/Women Business & Federal HUBZone Some participating public entities are required to seek Disadvantaged/Minority/Women Business & Federal HUBZone ("D/M/WBE/Federal HUBZone") vendors. Does Vendor certify that their entity is a D/M/WBE/Federal HUBZone vendor? If you respond "Yes," you must upload current certification proof in the appropriate "Response Attachments" location. NO Historically Underutilized Business (HUB) Some participating public entities are required to seek Historically Underutilized Business (HUB) vendors as defined by the Texas Comptroller of Public Accounts Statewide HUB Program. Does Vendor certify that their entity is a HUB vendor? If you respond "Yes," you must upload current certification proof in the appropriate "Response Attachments" location. No National Coverage Can the Vendor provide its proposed goods and services to all 50 US States? Yes
Zone File Access Agreement Registry Operator will enter into an agreement with any Internet user, which will allow such user to access an Internet host server or servers designated by Registry Operator and download zone file data. The agreement will be standardized, facilitated and administered by a Centralized Zone Data Access Provider, which may be ICANN or an ICANN designee (the “CZDA Provider”). Registry Operator (optionally through the CZDA Provider) will provide access to zone file data per Section 2.1.3 of this Specification and do so using the file format described in Section 2.1.4 of this Specification. Notwithstanding the foregoing, (a) the CZDA Provider may reject the request for access of any user that does not satisfy the credentialing requirements in Section 2.1.2 below; (b) Registry Operator may reject the request for access of any user that does not provide correct or legitimate credentials under Section 2.1.2 below or where Registry Operator reasonably believes will violate the terms of Section 2.1.5. below; and, (c) Registry Operator may revoke access of any user if Registry Operator has evidence to support that the user has violated the terms of Section 2.1.5 below.
Data Security and Privacy Plan As more fully described herein, throughout the term of the Master Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Master Agreement are as follows:
Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
Information Regarding Collateral Not effect any change (i) in any Loan Party’s legal name or in any trade name used to identify it in the conduct of its business or in the ownership of its properties, (ii) in the location of any Loan Party’s chief executive office, its principal place of business, any office in which it maintains books or records relating to Collateral owned by it or any office or facility at which any material Pari Passu Priority Collateral owned by it is located (including the establishment of any such new office or facility) other than changes in location to a property identified on Schedule 3.24, another property location previously identified on a Perfection Certificate Supplement or otherwise by notice to the Administrative Agent and the Collateral Agent, as to which the steps required by clause (B) below have been completed or to a Mortgaged Property or a leased property subject to a Landlord Access Agreement, (iii) in any Loan Party’s identity or organizational structure, (iv) in any Loan Party’s Federal Taxpayer Identification Number or organizational identification number, if any, or (v) in any Loan Party’s jurisdiction of organization (in each case, including by merging with or into any other entity, reorganizing, dissolving, liquidating, reorganizing or organizing in any other jurisdiction), until (A) it shall have given the Collateral Agent and the Administrative Agent not less than ten (10) Business Days’ prior written notice (in the form of an Officers’ Certificate) of its intention to do so, or such lesser notice period agreed to by the Administrative Agent and the Collateral Agent, clearly describing such change and providing such other information in connection therewith as the Collateral Agent or the Administrative Agent may reasonably request and (B) it shall have taken all action reasonably satisfactory to the Administrative Agent and the Collateral Agent to maintain the perfection and priority of the security interest of the Collateral Agent for the benefit of the Secured Parties in the Collateral, if applicable. Each Loan Party agrees to promptly provide the Administrative Agent and the Collateral Agent, upon request therefor, with certified Organizational Documents reflecting any of the changes described in the preceding sentence. For the purposes of the Regulation, (i) no U.K. Guarantor shall change its centre of main interest (as that term is used in Article 3(1) of the Regulation) from England and Wales, (ii) nor shall any Irish Guarantor change its centre of main interest from Ireland or Germany, nor shall Irish Guarantor have an “establishment” (as that term is used in Article 2(h) of the Regulation) in any jurisdiction other than Ireland or Germany, (iii) nor shall any Swiss Guarantor change its centre of main interest from Switzerland, nor shall any Swiss Guarantor have an “establishment” in any other jurisdiction, (iv) nor shall German Seller change its centre of main interest from Germany, (v) nor shall any Dutch Guarantor change its centre of main interest from the Netherlands, nor shall any Dutch Guarantor have an “establishment” in any other jurisdiction, (vi) nor shall any French Guarantor change its centre of main interest from France, nor shall any French Guarantor have an “establishment” in any other jurisdiction, (vii) nor shall any Belgian Guarantor change its centre of main interest from Belgium, nor shall any Belgian Guarantor have an “establishment” in any other jurisdiction and (viii) other than as provided in paragraph (ii) above, no Guarantor (to the extent such Guarantor is subject to the Regulation) shall have a centre of main interest other than as situated in its jurisdiction of incorporation.
Confidentiality and Data Security (a) The Custodian agrees to keep confidential, and to cause its employees and agents to keep confidential, all records of the Funds and information relating to the Funds, including without limitation information as to their respective shareholders and their respective portfolio holdings, unless the release of such records or information is made (i) in connection with the services provided under this Agreement, (ii) at the written direction of the applicable Fund or otherwise consented to, in writing, by the respective Funds, (iii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Custodian has determined, on the advice of counsel, that it is required to comply, or (iv) where the Custodian has determined, on the advice of counsel, that the failure to release such information would expose the Custodian to civil or criminal contempt proceedings; provided in the case of clause (iii) or (iv) the Custodian provides the applicable Fund written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Section 10(a), or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement. Notwithstanding the foregoing but subject to Section 10(d), (1) the Custodian may use information regarding the Funds in connection with certain functions performed on a centralized basis by the Custodian, its affiliates or its or their service providers (including audit, accounting, risk, legal, compliance, sales, administration, product communication, relationship management, compilation and analysis of customer-related data and storage) and disclose such information to its affiliates and to its or their service providers who are subject to the confidentiality obligations hereunder with respect to such information, but only for the purpose of servicing the Funds in connection with the relationship contemplated by this Agreement or providing additional services to the Funds, and (2) the Custodian may aggregate Fund or Portfolio data with similar data of other customers of the Custodian (“Aggregated Data”) and may use Aggregated Data so long as such Aggregated Data represents such a sufficiently large sample that no Fund or Portfolio data can be identified either directly or by inference or implication.
