Security Audits. During the term of this Agreement and thereafter, for as long as Agency retains Client Customer Information, Client, the Client’s clients, Agency representatives and agents will be entitled to conduct audits of Agency’s relevant operations, facilities, systems, etc. to confirm that Agency has complied with the Information Security Program Requirements (the “Security Audits”). Any Security Audit shall be scheduled and conducted during normal business hours and shall not unreasonably interfere with Agency’s business activities. In the event that any Security Audit results in the discovery of material security risks to Client Customer Information, or violations of applicable federal and state consumer privacy laws, rules, and regulations, Agency shall (i) respond to Client in writing with Agency’s plan to promptly take reasonable measures and corrective actions necessary to effectively eliminate the risk or cure the violation, at no cost to Client, and (ii) allow Client and the Client’s clients to review any system and transaction logs related thereto which pertain to Client’s information or data potentially compromised. Agency shall have five (5) business days to cure such security risk or violation, unless the parties mutually agree in writing to a longer period of time for such cure. Client’s right, and the right of the Client’s clients, Agency representatives and agents, to conduct a Security Audit, and any exercise of such right, shall not in any way diminish or affect Agency’s duties and liabilities under this Agreement.
Appears in 16 contracts
Samples: Collection Agency Agreement (CURO Group Holdings Corp.), Collection Agency Agreement (CURO Group Holdings Corp.), Collection Agency Agreement (CURO Group Holdings Corp.)
