Data Privacy and Security Sample Clauses

The Data Privacy and Security clause establishes the obligations of parties to protect personal and sensitive information from unauthorized access, use, or disclosure. Typically, this clause requires adherence to relevant data protection laws, implementation of security measures such as encryption or access controls, and prompt notification in the event of a data breach. Its core function is to safeguard confidential data, ensuring compliance with legal standards and minimizing the risk of data misuse or loss.

POPULAR SAMPLE Copied 40 times

Data Privacy and Security. Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds’ shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer’s reasonable requests for information concerning Bank’s information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank’s discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the poin...

Split View

Download

Data Privacy and Security. (a) The Company and its Subsidiaries have at all times for the past two (2) years complied in all material respects with, and are currently in compliance in all material respects with, all applicable Privacy Laws, Privacy and Data Security Policies (as defined below) and contractual commitments relating to the Processing of Personal Data (collectively, the “Privacy Requirements”). The Company and its Subsidiaries have implemented adequate written policies relating to the Processing of Personal Data as and to the extent required by applicable Law (“Privacy and Data Security Policies”). (b) There is no pending, nor has there been for the past two (2) years, any Proceeding against the Company or any of its Subsidiaries initiated by (i) any Person, (ii)the United States Federal Trade Commission, any state attorney general or similar state official, (iii) any other Governmental Entity, foreign or domestic, or (iv) any regulatory or self-regulatory entity, alleging that any violation of any Privacy Requirement by the Company or its Subsidiaries with respect to any Processing of Personal Data by or on behalf of the Company or any of its Subsidiaries. (c) There has been no breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or any of its Subsidiaries or, to the Company’s knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Company or any of its Subsidiaries, or any unauthorized intrusions, breaches of security or other data security incidents with respect to the Company IT Systems. (d) The Company and its Subsidiaries own or have license to use the Company IT Systems as necessary to operate the Business as currently conducted and the Company IT Systems operate and perform in a manner that permits the Company and its Subsidiaries to conduct the Business as currently conducted. To the Company’s knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the Software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person. (e) The Company has taken commercially reasonable organizational, physical, administrative and technical measures required by Privacy Requirements, and consistent with standards prudent in the industry in which the...

Data Privacy and Security. 7.1.1 With respect to any End-User Customer Information received, accessible, or accessed by Merchant, Merchant will comply with applicable law regarding the use of non-public personal information and the requirements of BlueSnap’s Privacy Policy as amended from time to time. Further, Merchant (i) will not use any End-User Customer Information for any other purpose other than those contemplated hereunder, (ii) has and will maintain reasonable and appropriate measures to protect the security and confidentiality of such End-User Customer Information, and (iii) will not, directly or through an affiliate, disclose or permit the disclosure of any End-User Customer Information to any other person that is not an affiliate or service provider, or an employee or agent of any such party with a demonstrable need to know such End User Customer Confidential Information in order to fulfill the obligations hereunder. Merchant shall take all available steps and precautions to prevent fraud, theft and/or misappropriation of End-User Customer Information. 7.1.2 Subject to each Merchant’s obligations of confidentiality or a duty to restrict dissemination of proprietary information arising from third party relationships or as otherwise imposed by law, ▇▇▇▇▇▇▇▇ will promptly notify BlueSnap as soon as commercially reasonable upon learning of any suspected or actual security breach, unauthorized disclosure, compromise of privacy involving End-User Customers’ Information or the actual loss or theft of any such personal information (“Security Incident”).

Data Privacy and Security. (a) Each Group Company does not knowingly collect or process Personal Data contrary to law, to each Group Company’s knowledge. The Company has safeguards in place that are sufficient to protect Personal Data and confidential information in the Company’s possession or control from unauthorized access by third Persons and to ensure that the operation of the businesses of each Group Company (including with respect to employee matters) are in compliance with all Privacy and Security Requirements in all material respects. (b) There are no pending Proceedings, nor has there been any Proceedings against any Group Company initiated by (i) any Person; (ii) the United States Federal Trade Commission, any state attorney general or similar state official; (iii) any other Governmental Entity or (iv) any regulatory or self-regulatory entity, in each case, alleging that any Processing of Personal Data by or on behalf of a Group Company is in violation of any applicable Privacy Laws. (c) Since the Lookback Date, (i) there has been no material unauthorized access, use, acquisition or disclosure of Personal Data, or confidential business information in the possession or control of any Group Company or, to the Company’s knowledge, any third party service provider on behalf of any Group Company, and (ii) to the Company’s knowledge, there have been no unauthorized intrusions into or Security Breaches of any Group Company systems networks, communication equipment or other technology necessary for the operations of the Group Companies’ business. The Group Companies have not experienced any material successful unauthorized access to, use or modification of, or interference with Company IT Systems since the Lookback Date and none of the Group Companies is aware of any written or, to the knowledge of the Company, oral notices or complaints from any Person regarding such a Security Breach or incident. None of the Group Companies has received any written complaints, claims, demands, inquiries or other notices, including a notice of investigation, from any Person (including any Governmental Entity or self-regulatory authority) regarding any of the Group Companies’ Processing of Personal Data or compliance with applicable Privacy and Security Requirements. Since the Lookback Date, none of the Group Companies have provided or have been obligated to provide notice under any Privacy and Security Requirements to regarding any Security Breach or unauthorized access to or use of any Company ...

Data Privacy and Security. Supplier shall comply with the Data Privacy and Security Addendum terms contained in Exhibit C, attached hereto and made a part hereof.

Data Privacy and Security. A. Personal Data and Customer Instructions. Under this Agreement, Apple, acting as a data processor on your behalf, may receive Personal Data if provided by You. By entering into this Agreement, You instruct Apple to process Your Personal Data, in accordance with applicable law: (i) to provide the Service; (ii) pursuant to Your instructions as given through your use of the Services (including the web portal and other functionality of the Service); (iii) as specified under this Agreement; and (iv) as further documented in any other written instructions given by You and acknowledged by Apple as constituting instructions under this Agreement. Apple shall comply with the instructions described in this Section 3A unless prohibited by an applicable legal requirement from doing so, in which case Apple will inform You of that legal requirement before processing Personal Data (unless prohibited by that law from doing so on important grounds of public interest).

Data Privacy and Security. (a) Except where any non-compliance would not, individually or the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and each of its Subsidiaries comply, and within the past three (3) years have complied, with all applicable (i) Privacy and Security Laws, (ii) written contractual commitments to which they are legally bound to the extent relating to and governing Personal Data protection, privacy, and security, and (iii) Privacy Policies. (b) The Company and each of its Subsidiaries have taken commercially reasonable steps consistent with their size and resources as well as the nature and purpose of the Processing and the types of Personal Data and, where appliable, Privacy and Security Laws, that are designed to: (i) protect their Business Systems and Personal Data from a Security Incident and (ii) maintain, as applicable, the confidentiality, integrity and availability of such Business Systems and Company Data. (c) In the past three (3) years, the Company and each of its Subsidiaries has regularly performed a security risk assessment and obtained an independent vulnerability assessment performed by a recognized third-party firm. The Company and each of its Subsidiaries have used reasonable efforts to address and remediate all material vulnerabilities, threats, and deficiencies identified in each such assessment. (d) In the past three (3) years, to the knowledge of the Company, neither the Company nor any of its Subsidiaries has: (i) experienced any material Security Incident involving any Business System or Company Data in their respective possession, custody, or control or otherwise held or Processed on its behalf, (ii) been required to send a notification or report to any Person pursuant to applicable Privacy and Security Laws as a result of any material Security Incident, or (iii) failed in any material respect to comply with any notification or reporting requirement to any Person in connection with any material Security Incident under applicable Privacy and Security Laws. (e) To the knowledge of the Company, there is no formal or written complaint, audit, proceeding, investigation, claim, or other Action currently pending or that has been, within the past three (3) years, brought or initiated against the Company or any of its Subsidiaries by any Person before a Governmental Entity with respect to any actual or alleged (i) material Security Incident or (ii) material violation of any applicable Privacy and Security Laws by...

Data Privacy and Security. Data Privacy. "

Data Privacy and Security. (i) The Company and each of its Subsidiaries complies, and during the past three years has complied, in all material respects, with all Privacy and Information Security Requirements. Neither the Company nor any of its Subsidiaries have been notified in writing of, or is the subject of, any complaint or proceeding or to the Company’s knowledge, any, regulatory investigation related to Processing of Personal Data by any Governmental Entity or payment card association, regarding any actual or possible violations of any Privacy and Information Security Requirement by or with respect to the Company or any of its Subsidiaries. (ii) The Company and each of its Subsidiaries employs commercially reasonable organizational, administrative, physical and technical safeguards that comply in all material respects with all Privacy and Information Security Requirements to protect Company Data within its custody or control and requires the same of all vendors under contract with the Company that Process Company Data on its behalf. The Company and each of its Subsidiaries have provided all requisite notices and obtained all required consents, and satisfied all other requirements (including but not limited to notification to Governmental Entities), necessary for the Processing (including international and onward transfer) of all Personal Data in connection with the conduct of the business as currently conducted and in connection with the consummation of the transactions contemplated hereunder. (iii) To the knowledge of the Company, neither the Company nor any of its Subsidiaries has suffered a security breach with respect to any of the Company Data and to the Company’s knowledge, there has been no unauthorized or illegal use of or access to any Company Data. Neither the Company nor any of its Subsidiaries has notified, or been required to notify, any Person of any information security breach involving Personal Data. To the Company’s knowledge, the Company Systems have had no material errors or defects that have not been fully remedied and contain no code designed to disrupt, disable, harm, distort or otherwise impede in any manner the legitimate operation of such Company Systems (including what are sometimes referred to as “viruses”, “worms”, “time bombs” or “back doors”) that have not been removed or fully remedied. Neither the Company nor any of its Subsidiaries have experienced within the past three years any material disruption to, or material interruption in, the conduct...

Data Privacy and Security. Except as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect: (a) The Company and its Subsidiaries are, and since the Lookback Date have been, in compliance with all applicable Privacy Commitments. To the Knowledge of the Company, all Personal Information collected, processed, transferred, disclosed, shared, stored, protected or used by the Company or its Subsidiaries, or shared with a third party, in connection with the operation of their respective businesses is, and since the Lookback Date has been, collected, processed, transferred, disclosed, shared, stored, protected and used by the Company, its Subsidiaries or third parties acting on their behalf in accordance with all applicable Privacy Commitments. No disclosures made in any written privacy policies, notices, or statements published by the Company or its Subsidiaries have been inaccurate, misleading or deceptive. The Company has not sold, licensed or rented any Personal Information to a third party for monetary or other valuable consideration. To the Knowledge of the Company, the Company and its Subsidiaries are not, and since the Lookback Date have not been, (i) under audit or investigation by any Governmental Authority regarding the Company’s compliance with applicable Privacy Commitments or (ii) subject to any third-party notification, claim, demand, audit or action in relation to the Company’s collection, processing, transfer, disclosure, sharing, storing, security and use of Personal Information. (b) The Company and its Subsidiaries (i) have implemented and maintain commercially reasonable technical, physical, and organizational measures intended to protect against and identify anticipated threats or hazards to, the security, confidentiality, integrity and availability of Personal Information, Company Information and Systems, including a commercially reasonable incident response plan and backup procedures, and (ii) have commercially reasonable procedures in place designed to remediate (A) Information Security Incidents and (B) audit or security assessment findings deemed to be a material, critical or high risk to the effectiveness of any System. The Company and its Subsidiaries have fully remediated any and all material, critical or high-risk security vulnerabilities associated with Systems for which the Company or its Subsidiaries have or should reasonably have become aware. To the Knowledge of the Company, there are...