SECURITY UPDATES AND SUPPORT Clause Samples

SECURITY UPDATES AND SUPPORT. Consultant shall maintain a technical support line with access to PG&E so that any security-related issues can be addressed promptly. Consultant shall notify PG&E without delay if Consultant detects or is made aware of any Malicious Code or security vulnerability in the deliverables during their Service Life. If Malicious Code or security vulnerability is identified during the Service Life, Consultant shall provide an update or revision to the deliverables to remove the Malicious Code and/or cure the vulnerability (a “Security Patch”) as soon as possible and at no charge to PG&E. Consultant shall assist PG&E to implement the Security Patch if requested by PG&E and shall reimburse PG&E for the cost of implementing the Security Patch. INDEMNIFICATION, WITHHOLDING, AND LIMITATION OF LIABILITY INDEMNIFICATION Consultant shall indemnify, hold harmless and defend PG&E, its affiliates, subsidiaries, parent company, officers, managers, directors, agents, and employees, from and against all claims, demands (including ransomware demands), losses, damages, costs, expenses, and liability (legal, contractual, or otherwise), which arise from or are in any way connected with any (a) injury to or death of persons, including but not limited to employees of PG&E or Consultant (including Subcontractors); (b) injury to property or other interests of PG&E, Consultant (including Subcontractors), or any third party; (c) violation of Applicable Law, including but not limited to environmental laws or regulations; (d) strict liability imposed by Applicable Law; or (e) a breach of its confidentiality or data security obligations hereunder; or (f) any security incident attributed to the work hereunder; so long as such injury, violation, or strict liability (as set forth in (a) - (f) above) arises from or is in any way connected with Consultant’s (including Subcontractors) performance of, or failure to perform, this Contract, however caused, regardless of any strict liability or negligence of PG&E, whether active or passive, excepting only such loss, damage, cost, expense, liability, payment, violation, or strict liability caused by the sole negligence of PG&E or for which indemnity is not allowed under Applicable Law. Consultant acknowledges that any claims, demands, losses, damages, costs, expenses, and liability that arise from or are in any way connected with the release or spill of any legally designated hazardous material or waste and arise from or is in any way connected with t...

SECURITY UPDATES AND SUPPORT. Consultant shall maintain a technical support line with access to PG&E so that any security- related issues can be addressed promptly. Consultant shall notify PG&E without delay if Consultant detects or is made aware of any Malicious Code or security vulnerability in the deliverables during their Service Life. If Malicious Code or security vulnerability is identified during the Service Life, Consultant shall provide an update or revision to the deliverables to remove the Malicious Code and/or cure the vulnerability (a “Security Patch”) as soon as possible and at no charge to PG&E. Consultant shall assist PG&E to implement the Security Patch if requested by PG&E and shall reimburse PG&E for the cost of implementing the Security Patch.

SECURITY UPDATES AND SUPPORT. Aggregator(s) shall maintain a technical support line with access to AESC to promptly address any security-related issues and if Aggregator(s) become aware of any Malicious Code or security vulnerability in the Deliverables during their Service Life, they shall immediately notify AESC, who shall immediately notify PG&E. If Malicious Code or security vulnerability is identified during the Service Life, AESC shall provide an update or revision to any Deliverables related to the Services in accordance with this Agreement, will remove the Malicious Code and/or cure the vulnerability (a “Security Patch”) without delay and at no charge and upon request, assist PG&E in implementing the Security Patch and at no charge. USE OF PG&E PROPERTY: All records, reports, computer programs, written procedures and similar materials, documents, or data, in whatever form, provided by AESC to Aggregators shall remain PG&E’s Confidential Information. Aggregator shall be responsible to safeguard such PG&E Confidential Information in accordance with the terms of this Agreement and such information be returned immediately to AESC or PG&E upon completion of Aggregator’s use for performance of the Services, Work, or earlier upon AESC or PG&E’s request. Alternatively, Aggregator may destroy such information, provided an officer of Aggregator certifies the destruction in writing.