Data Privacy and Security Requirements means all of the following, to the extent relating to privacy or data security and applicable to the Company: (a) all applicable Laws; (b) all applicable and leading industry standards followed by companies providing similar products or services and of a similar size and in the same industry; (c) the Company’s written privacy policies and security policies; and (d) the Company’s obligations under Contracts.
Data Privacy and Security Requirements means, collectively, all of the following to the extent relating to privacy, security or data breach notification requirements, including with respect to the processing of Personal Information, and applicable to the Company or any of its Affiliates: (a) all applicable Privacy Laws; (b) the Company’s external-facing privacy policies; (c) if applicable to the Company or any of its Affiliates, the Payment Card Industry Data Security Standard (PCI DSS), and any other industry or self-regulatory standard to which the Company or any of its Affiliates is bound or holds itself out to the public as being in compliance with; and (d) applicable provisions of Contracts to which the Company or any of its Affiliates is a party or bound.
Data Privacy and Security Requirements means (i) the Company’s and its Subsidiaries internal and posted policies and procedures with respect to privacy, Personal Data, data and system security, (ii) applicable privacy and data security Laws and industry standards (including the Payment Card Industry Data Security Standards), and (iii) applicable requirements relating to data collection, use, privacy, security or protection under any Contracts.
Examples of Data Privacy and Security Requirements in a sentence
Toward these goals, CVS expects that each vendor/supplier negotiate with us in good faith to reasonably accommodate CVS Health’s contractual requirements, such as our form Business Associate Agreement, our Consumer, Data Privacy and Security Requirements (DPSR) agreements, and any other vendor/supplier agreements we may require from time to time.
Seller has implemented and is in compliance with a written information security program that includes commercially reasonable physical, technical, organizational and administrative security measures to secure business data collected, held or maintained by it, or on its behalf, from and against unauthorized access, acquisition, destruction, damage, disclosure, loss, corruption, alteration, or use, in accordance with applicable Data Privacy and Security Requirements and industry standards.
The Company and the conduct of the Business are in material compliance with, and have been in material compliance with, all Data Privacy and Security Requirements.
Seller has entered into a written agreement with each third-party service provider, vendor, and business partner as required by any Data Privacy and Security Requirements in the conduct of the Business.
Toward these goals, CVS expects that each vendor/supplier negotiate with us in good faith to reasonably accommodate CVS Health’s contractual requirements, such as our form Business Associate Agreement, our Data Privacy and Security Requirements (DPSR) agreement, and any other vendor/supplier agreements we may require from time to time.
More Definitions of Data Privacy and Security Requirements
Data Privacy and Security Requirements means, to the extent relating to privacy, data protection and/or security of any Personally Identifiable Information, all applicable (i) Laws, (ii) policies (including privacy policies) of the Company, (iii) generally accepted industry standards applicable to the industry in which the Company operates and (iv) contractual requirements to which the Company is subject.
Data Privacy and Security Requirements means, collectively, all of the following to the extent relating to the Processing of Personal Data or otherwise relating to privacy, security, or data breach notification requirements and applicable to any Group Company, to the conduct of the Business, the Company Products, or to any of the Company IT Systems or any Business Data: (i) the Group Companies’ own rules, policies, and procedures; (ii) all applicable Laws (including, as applicable, the General Data Protection Regulation (GDPR) (EU) 2016/679) and the California Consumer Privacy Act (2020)); (iii) industry standards applicable to the industry in which the Business operates (including the Payment Card Industry Data Security Standard (PCI DSS)); and (iv) contracts into which any Group Company has entered or by which they are otherwise bound.
Data Privacy and Security Requirements means, collectively, all of the following to the extent relating to data treatment or otherwise relating to privacy, security, or security breach notification requirements and applicable to the Company, to the conduct of the Business, or to any of the Business systems or any Business data: (i) the Company’s own rules, policies, and procedures; (ii) all applicable laws, rules and regulations relating to privacy, data protection, or data security, including with respect to the collection, storage, transmission, transfer (including cross-border transfers), disclosure, use and disposal of Personal Data; (iii) industry standards applicable to the industry in which the Business operates; and (iv) Contracts into which the Company has entered or by which it is otherwise bound.
Data Privacy and Security Requirements means, to the extent relating to privacy, data protection and/or security of any PII, all applicable
Data Privacy and Security Requirements means, to the extent relating to privacy, data protection or data security, and applicable to the Company or any of its Subsidiaries, all (i) Applicable Laws, (ii) any internal or externally-facing written policies (including written privacy policies or notices) of the Company or any of its Subsidiaries; (iii) generally accepted industry standards applicable to the industry in which the Company and its Subsidiaries operate and to which the Company or any of its Subsidiaries have agreed or are otherwise legally bound; and (iv) contractual requirements to which the Company or any of its Subsidiaries is subject.
Data Privacy and Security Requirements means, to the extent applicable to Seller or the conduct of the Business: (a) all applicable Laws, rules and regulations relating to the collection, storage, transmission, transfer, disclosure, use, security, retention, disposal or other processing of Personal Data; (b) the Payment Card Industry Data Security Standard (“PCI DSS”); (c) all Laws and contractual obligations relating to data loss, theft, breach of security notification obligations, the collection, storage, transmission, transfer, disclosure, use, security, retention, disposal or other processing of business data; and (d) all public statements, including all publicly posted privacy policies and notices, regarding Seller’s collection, storage, transmission, transfer, disclosure, use, security, retention, disposal or other processing of business data.
Data Privacy and Security Requirements means, to the extent relating to privacy, data protection and/or security of any Personally Identifiable Information, in each case, solely to the extent applicable to the Company’s operations (a) Laws including, without limitation, (i) the U.S. Health Insurance Portability and Accountability Act of 1996, as amended by the U.S. Health Information Technology for Economic and Clinical Health Act of 2009, including the regulations promulgated thereunder (“HIPAA”), (ii) the EU Data Protection Directive 95/46/EC of 24 October 1995, the EU General Data Protection Regulation 2016/679/EU of April 27, 2016, the EU ePrivacy Directive 2002/58/EC of 12 July 2002 and the related implementing legislation of the EU Member States, (iii) Section 5 of the Federal Trade Commission Act as it applies to the receipt, access, use, disclosure, and security of consumer Personally Identifiable Information, (iv) the Swiss Federal Act on Data Protection (FADP) of 19 June 1992, and (v) all U.S. state laws pertaining to the privacy and security of Personally Identifiable Information and data breach notification, (b) policies (including privacy policies) of the Company and consent to the extent the Company has obtained consent to collect Personally Identifiable Information, (c) generally accepted industry standards applicable to the industry in which the Company operates which are binding on the Company and (d) contractual requirements to which the Company is subject.