Reporting Data Security
Reporting Data Security Sample Clauses
Related to Reporting Data Security
Data Security A. Identity Access Management. BNY Mellon will implement reasonable and industry recognized user access rules for users accessing Customer Data based on the need to know and the principle of least privilege, and including user ID and password requirements, session timeout and re-authentication requirements, unsuccessful login attempt limits, privileged access limits and multifactor authentication or equivalent safeguard where risk factors indicate that single factor authentication is inadequate.
Privacy and Data Security (a) The parties will keep confidential any information regarding the Trust, Jefferson National, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1—248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. NFD and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Jefferson National or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (the “Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (the “Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to JNSC under this Agreement.
Data Privacy and Security Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds' shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer's reasonable requests for information concerning Bank's information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank's discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the points included in the questionnaire). Customer acknowledges that certain information provided by Bank, including internal policies and procedures, may be proprietary to Bank, and agrees to protect the confidentiality of all such materials it receives from Bank. Bank agrees to resolve promptly any applicable control deficiencies that come to its attention that do not meet the standards established by federal and state privacy and data security laws, rules, regulations, and/or generally accepted industry standards related to Bank's information security program. Bank shall: (i) promptly notify Customer of any confirmed unauthorized access to personal information or other confidential information of Customer ("Breach of Security"); (ii) promptly furnish to Customer appropriate details of such Breach of Security and assist Customer in assessing the Breach of Security to the extent it is not privileged information or part of an investigation; (iii) reasonably cooperate with Customer in any litigation and investigation of third parties reasonably deemed necessary by Customer to protect its proprietary and other rights; (iv) use reasonable precautions to prevent a recurrence of a Breach of Security; and (v) take all reasonable and appropriate action to mitigate any potential harm related to a Breach of Security, including any reasonable steps requested by Customer that are practicable for Bank to implement. Nothing in the immediately preceding sentence shall obligate Bank to provide Customer with information regarding any of Bank's other customers or clients that are affected by a Breach of Security, nor shall the immediately preceding sentence limit Bank's ability to take any actions that Bank believes are appropriate to remediate any Breach of Security unless such actions would prejudice or otherwise limit Customer's ability to bring its own claims or actions against third parties related to the Breach of Security. If Bank discovers or becomes aware of a suspected data or security breach that may involve an improper access, use, disclosure, or alteration of personal information or other confidential information of Customer, Bank shall, except to the extent prohibited by Applicable Law or directed otherwise by a governmental authority not to do so, promptly notify Customer that it is investigating a potential breach and keep Customer informed as reasonably practicable of material developments relating to the investigation until Bank either confirms that such a breach has occurred (in which case the first sentence of this paragraph will apply) or confirms that no data or security breach involving personal information or other confidential information of Customer has occurred. For these purposes, "personal information" shall mean (i) an individual's name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver's license number, (c) state identification card number, (d) debit or credit card number, (e) financial account 22 number, (f) passport number, or (g) personal identification number or password that would permit access to a person's account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual's account. This provision will survive termination or expiration of the Agreement for so long as Bank or any Subcustodian continues to possess or have access to personal information related to Customer. Notwithstanding the foregoing "personal information" shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
Privacy and Security Except as set forth in Schedule 3.26:
Foreign Asset/Account Reporting Requirements and Exchange Controls Your country may have certain foreign asset and/or foreign account reporting requirements and exchange controls which may affect your ability to acquire or hold shares of Common Stock under the Plan or cash received from participating in the Plan (including from any dividends paid on shares of Common Stock or sale proceeds resulting from the sale of shares of Common Stock acquired under the Plan) in a brokerage or bank account outside your country. You may be required to report such accounts, assets or transactions to the tax or other authorities in your country. You also may be required to repatriate sale proceeds or other funds received as a result of your participation in the Plan to your country through a designated bank or broker within a certain time after receipt. You acknowledge that it is your responsibility to be compliant with such regulations, and you should consult your personal legal advisor for any details.
Account Reporting Information Italian residents who, at any time during the fiscal year, hold foreign financial assets (including cash and shares of Common Stock) which may generate income taxable in Italy are required to report these assets on their annual tax returns (UNICO Form, RW Schedule) for the year during which the assets are held, or on a special form if no tax return is due. These reporting obligations will also apply to Italian residents who are the beneficial owners of foreign financial assets under Italian money laundering provisions.
Foreign Assets/Account Reporting Information Italian residents who, during the fiscal year, hold investments abroad or foreign financial assets (e.g., cash, Shares and RSUs) which may generate income taxable in Italy are required to report such on their annual tax returns (UNICO Form, RW Schedule) or on a special form if no tax return is due. The same reporting obligations apply to Italian residents who, even if they do not directly hold investments abroad or foreign financial assets (e.g., cash, Shares and RSUs), are beneficial owners of the investment pursuant to Italian money laundering provisions.
Foreign Asset/Account Reporting; Exchange Controls Participant’s country may have certain foreign asset and/or account reporting requirements and/or exchange controls which may affect Participant’s ability to acquire or hold shares of Stock under the Plan or cash received from participating in the Plan (including from any dividends received or sale proceeds arising from the sale of shares of Stock) in a brokerage or bank account outside Participant’s country. Participant may be required to report such accounts, assets or transactions to the tax or other authorities in his or her country. Participant also may be required to repatriate sale proceeds or other funds received as a result of Participant’s participation in the Plan to his or her country through a designated bank or broker and/or within a certain time after receipt. Participant acknowledges that it is his or her responsibility to be compliant with such regulations, and Participant should consult his or her personal legal advisor for any details.
Foreign Asset/Account Reporting Information Italian residents who, at any time during the fiscal year, hold foreign financial assets (including cash and Shares) which may generate income taxable in Italy are required to report these assets on their annual tax returns (UNICO Form, RW Schedule) for the year during which the assets are held, or on a special form if no tax return is due. These reporting obligations will also apply to Italian residents who are the beneficial owners of foreign financial assets under Italian money laundering provisions.
Securities/Tax Reporting Information If you hold shares of Common Stock acquired under the Plan in a brokerage account with a broker or bank outside Denmark, you are required to inform the Danish Tax Administration about the account. For this purpose, you must file a Form V (Erklaering V) with the Danish Tax Administration. Both you and the broker or bank must sign the Form V. By signing the Form V, the broker or bank undertakes an obligation, without further request each year and not later than February 1 of the year following the calendar year to which the information relates, to forward information to the Danish Tax Administration concerning the shares of Common Stock in the account. In the event that the applicable broker or bank with which the account is held does not wish to, or, pursuant to the laws of the country in question, is not allowed to assume such obligation to report, you acknowledge that you are solely responsible for providing certain details regarding the foreign brokerage or bank account and any shares of Common Stock acquired at vesting and held in such account to the Danish Tax Administration as part of your annual income tax return. By signing the Form V, you authorize the Danish Tax Administration to examine the account. A sample of the Form V can be found at the following website: xxx.xxxx.xx. In addition, if you open a brokerage account (or a deposit account with a U.S. bank), the brokerage account likely will be treated as a deposit account because cash can be held in the account. Therefore, you likely must file a Form K (Erklaering K) with the Danish Tax Administration. The Form K must be signed both by you and by the applicable broker or bank where the account is held. By signing the Form K, the broker/bank undertakes an obligation, without further request each year and not later than February 1 of the year following the calendar year to which the information relates, to forward information to the Danish Tax Administration concerning the content of the account. In the event that the applicable financial institution (broker or bank) with which the account is held, does not wish to, or, pursuant to the laws of the country in question, is not allowed to assume such obligation to report, you acknowledge that you are solely responsible for providing certain details regarding the foreign brokerage or bank account to the Danish Tax Administration as part of your annual income tax return. By signing the Form K, you authorize the Danish Tax Administration to examine the account. A sample of the Form K can be found at the following website: xxx.xxxx.xx.
