Privacy and Data Security Sample Clauses

POPULAR SAMPLE Copied 163 times

Privacy and Data Security. (a) In the prior three (3) years, the Company and its Subsidiaries have been in compliance with Privacy Laws, and in all material respects with (i) Contracts (or portions thereof) between the Company or its Subsidiaries and other Persons relating to Personal Data and (ii) applicable written policies, public statements and other public representations relating to the Processing of Personal Data, inclusive of all disclosures required by applicable Privacy Laws (“Privacy and Data Security Policies,” and together with Privacy Laws and such Contracts, “Privacy Commitments”). The execution, delivery and performance by the Company of this Agreement to which the Company is or will be a party, and the consummation of the transactions contemplated hereby or thereby, are not reasonably expected to, directly or indirectly, result in a violation of any Privacy Commitments that would be materially adverse to the Company and its Subsidiaries, taken as a whole. (b) In the prior three (3) years, the Privacy and Data Security Policies have at all times been maintained and made available to individuals in accordance with reasonable industry practices and as required by Privacy Laws, are accurate and complete and are not misleading or deceptive (including by omission). The practices of the Company or its Subsidiaries with respect to the Processing of Personal Data conform in all material respects to the Privacy and Data Security Policies that govern such Personal Data. (c) There is (and in the prior three years there has been) no material Legal Proceeding pending or, to the Company’s knowledge, threatened against or involving the Company or its Subsidiaries initiated by any Person (including (i) the Federal Trade Commission, any state attorney general or similar state official, (ii) any other Governmental authority, foreign or domestic or (iii) any regulatory or self-regulatory entity) alleging that any Processing of Personal Data by or on behalf of the Company or its Subsidiaries is or was in violation of any Privacy Commitments. To the Company’s Knowledge, there are no facts, circumstances or conditions that would reasonably be expected to form the basis for any proceeding for any potential violation of any Privacy Commitments. (d) In the prior three (3) years, (i) there has been no unauthorized access to, or unauthorized use, disclosure, or Processing of Personal Data in the possession or control of the Company or its Subsidiaries or any of its contractors with regard to a...

Split View

Download

Privacy and Data Security. The Company and each of its Subsidiaries have complied with all applicable Laws and all internal or publicly posted policies, notices, and statements concerning the collection, use, processing, storage, transfer, and security of personal information in the conduct of the Company’s and its Subsidiaries’ businesses, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. In the past three years, the Company and its Subsidiaries have not: (i) experienced any actual, alleged, or suspected data breach or other security incident involving personal information in their possession or control; or (ii) been subject to or received any notice of any audit, investigation, complaint, or other Legal Action by any Governmental Entity or other Person concerning the Company’s or any of its Subsidiaries’ collection, use, processing, storage, transfer, or protection of personal information or actual, alleged, or suspected violation of any applicable Law concerning privacy, data security, or data breach notification, and to the Company’s Knowledge, there are no facts or circumstances that could reasonably be expected to give rise to any such Legal Action, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect.

Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available ...

Privacy and Data Security. The Company is and has at all times been in compliance with all applicable Privacy Laws and the applicable terms of any Company Contracts governing privacy, data protection, data security, trans-border data flow, data loss, data theft, or breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information (including any such information of individuals, clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists that interact with the Company in connection with the operation of the Company’s business), except, in each case, for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. To the Knowledge of the Company, the Company (i) has implemented and maintains reasonable written policies and procedures that materially comply with applicable Privacy Laws and are designed to protect the privacy and security of Personal Information (the “Privacy Policies”) and (ii) has complied with such Privacy Policies, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. To the Knowledge of the Company, no Legal Proceeding has been asserted or threatened against the Company by any Person alleging a violation of Privacy Laws, Privacy Policies, or the applicable terms of any Company Contracts governing privacy, data protection, data security, trans-border data flow, data loss, data theft, or breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information. To the Knowledge of the Company, there have been no data security incidents or data breaches or other adverse events or incidents that have resulted in any unauthorized access to, or collection, use, disclosure, modification or destruction of, Personal Information or other data in the possession or control of the Company or any service provider acting on behalf of the ...

Privacy and Data Security. Since May 16, 2023, and to the Company’s Knowledge, between June 30, 2022 and May 16, 2023, each of the Company and its Subsidiaries has complied with all applicable Privacy Laws, including with respect to the collection, acquisition, use, storage and transfer (including cross-border transfer) of Personal Information, except for such non-compliance as is not, and would not reasonably be expected to be, individually or in the aggregate, material to the Company and its Subsidiaries, taken as a whole. Since May 16, 2023, the Company and its Subsidiaries have complied in all material respects with each of their respective written and published policies concerning the privacy of Personal Information (“Privacy Policies”), if applicable and required. The Company and its Subsidiaries maintain commercially reasonable policies, procedures and security measures with respect to the physical and electronic security and privacy of Personal Information that are designed to achieve compliance in all material respects with Privacy Laws, and the Company and its Subsidiaries are in compliance in all material respects with such policies and procedures. To the Knowledge of the Company, there have been no material breaches or material violations of any security measures of the Company and its Subsidiaries, or any material unauthorized access, use or disclosure of any Personal Information. None of the Company and its Subsidiaries has received written notice (or, to the Knowledge of the Company, any other communication) of (a) any material violation or breach, or alleged material violation or breach, of Privacy Laws and/or Privacy Policies, or (b) any claims against any of the Company and its Subsidiaries by any Person, and there is no Legal Proceeding pending or, to Knowledge of the Company, threatened against any of the Company and its Subsidiaries, alleging a violation or breach of Privacy Laws and/or Privacy Policies, except in each case as would not be material to the Company and its Subsidiaries, taken as a whole.

Privacy and Data Security. Except as would not reasonably be expected to result in a Material Adverse Effect, (a) the Company and its Subsidiaries have established written privacy policies applicable to the collection, use, disclosure, maintenance and transmission of Personal Data, (b) each of the Company and its Subsidiaries is in compliance in all material respects with their written privacy policies, contracts which impose requirements relating to the collection, processing, storage, disclosure, disposal or other handling of Personal Data, any applicable laws relating to privacy, data protection, anti-spam, personal information and similar consumer protection laws, and any applicable industry standards which impose requirements on the collection, processing, storage, disclosure, disposal or other handling of Personal Data (collectively, the “Privacy Requirements”). Except as would not reasonably be expected to result in a Material Adverse Effect, neither the operation by the Company or any of its Subsidiaries of any its websites nor the content thereof or data processed, collected, stored or disseminated by such entity in connection therewith, violates in any material respect any applicable law regarding privacy, data protection, anti-spam, personal information and similar consumer protection laws. Since January 1, 2021, none of the Company nor any of its Subsidiaries has experienced (i) incidents of unauthorized access or other security breaches, including any loss, misuse, damage, unauthorized access, unauthorized disclosure or unauthorized use of any Personal Data, or (ii) any other event that the Company or any of its Subsidiaries required a data breach notice to any Person or Governmental Entity under Privacy Requirements, except, in each case, as would not reasonably be expected to result in a Material Adverse Effect. Except as, individually or in the aggregate, would not reasonably be expected to result in a Material Adverse Effect, the hardware, software, databases, web s▇▇▇▇, ▇▇▇▇▇▇ applications, servers, workstations, routers, hubs, switches, circuits, networks, communications networks, and other information technology owned, licensed, leased or otherwise used, distributed or held for use by the Company or its Subsidiaries (i) have not, within the three (3) years prior to the date of this Agreement, malfunctioned or failed in a manner that resulted in chronic or otherwise material disruptions to the operation of the business of the Company and its Subsidiaries, and (ii)...

Privacy and Data Security. (a) The Company and its Subsidiaries have implemented and complied in all material respects for the past five (5) years with their written privacy policies governing the Processing of Personal Information (“Privacy Policies”). The Privacy Policies accurately describe the Company’s and its Subsidiaries’ Processing of Personal Information. During the last five (5) years, the Company’s and its Subsidiaries’ Processing of Personal Information was and is in compliance in all material respects with (i) all contractual obligations legally binding on the Company or its Subsidiaries and applicable to the Processing of Personal Information (“Privacy Contracts”), (ii) applicable Privacy Laws, and (iii) all published notices of the Company’s and its Subsidiaries’ relating to the Processing of Personal Information. The Company and each of its Subsidiaries have entered into agreements in substantially the form required by applicable Privacy Laws in relation to the Processing of Personal Information and agreements or agreements governing the international transfer of data where required. (b) The Company and each of its Subsidiaries have implemented, maintains and complies in all material respects with a written information security program consistent with reasonable and customary industry standards that complies in all material respects with applicable Privacy Laws and Privacy Contracts. The Company and each of its Subsidiaries have taken reasonable steps designed to ensure that any Personal Information or confidential information collected, Processed, or handled by or transferred or disclosed to authorized third parties acting on behalf of the Company or any Subsidiary of the Company provides reasonable safeguards, in each case, in compliance with applicable Privacy Laws and consistent with general industry standards for an entity of the same size and in the same industry as the Company. (c) To the Knowledge of the Company, during the last five (5) years, none of the Company or any Subsidiary of the Company has experienced any breaches of security (including, but not limited to ransomware) involving the unauthorized access, use, acquisition, or disclosure of Personal Information, or confidential information collected, owned, used, stored, received, Processed, or controlled by or on behalf of the Company and its Subsidiaries (a “

Privacy and Data Security. The Loan Parties and their Subsidiaries shall, at all times, remain in compliance in all material respects with all applicable United States and international privacy and data security laws and regulations including GDPR (to the extent applicable).

Privacy and Data Security. (i) Since the Reference Date, the use and dissemination by the Company of any Personal Data is in compliance in all material respects with the Company’s privacy policies and terms of use, all applicable Information Privacy and Security Laws and all other Personal Data Obligations. No Personal Data is stored or otherwise maintained outside the United States by the Company or any third party. The Company has not engaged in cross-border processing of Personal Data. True and complete copies of all privacy policies that have been used by the Company since the Reference Date have been provided to Buyer. The Company has consistently posted a privacy policy in a clear and conspicuous location on all websites and any mobile applications owned or operated by the Company. (ii) The Company does not Collect or Use Personal Data from any Person in any manner other than as described in the Contracts and privacy policies delivered to Buyer. (iii) The Company maintains policies and procedures regarding data security and privacy and maintains administrative, technical and physical safeguards that are commercially reasonable and, in any event, in compliance with all applicable Information Privacy and Security Laws and all Contracts to which the Company is bound. Since the Reference Date, the Company has complied in all material respects with the terms of all Contracts to which the Company is a party relating to data privacy, security or breach notification (including provisions that impose conditions or restrictions on the collection, use, disclosure, transmission, destruction, maintenance, storage, or safeguarding of Personal Data). (iv) At any time since the Reference Date, there have been no security breaches relating to, or violations of any security policy or Information Privacy and Security Law regarding, or any unauthorized access, disclosure, or use of, any data or information used by the Company, including Personal Data. No written notice has been provided to the Company by a third party vendor or any other person of any security breach relating to Personal Data. Since the Reference Date, the Company has not experienced a loss or unauthorized disclosure, use, or breach of privacy or security of any Personal Data in the custody or control of the Company that would have required notice to any third Person (including any Governmental Authority or parties to any Contract) under any applicable Law. No Person (including any Governmental Authority) has commenced any Action...

Privacy and Data Security. (a) Section 5.25(a) of the MTI Disclosure Schedule sets forth as of the date hereof a true and complete list of all of the types of Personal Data or highly sensitive information that MTI and its Subsidiaries collects or transmits through: (1) its products or service offerings, and (2) any website or other platforms it maintains, operates or uses in the conduct of its business. (b) Each of MTI and its Subsidiaries is, and at all times has been, in compliance with all: (1) Privacy Laws; (2) PCI Requirements; (3) applicable payment card brand, card association, payment processor and bank rules and requirements; (4) Privacy Agreements; and (5) federal, state, local and foreign Laws, rules and regulations pertaining to sales and marketing practices, including, without limitation, the CAN-SPAM Act, the Telephone Consumer Protection Act, and the Telemarketing Sales Rule. (1) Each of MTI and its Subsidiaries has implemented Privacy and Data Security Policies that are no less rigorous than industry best practices. (2) Each of MTI and its Subsidiaries is in compliance with, and has always complied with, any statutory and fiduciary obligations to safeguard the privacy of Personal Data that it collects, uses, transmits or processes through its products or service offerings, including its websites or platforms that it maintains, operates or uses in the ordinary conduct of its business. (3) Each of MTI and its Subsidiaries satisfies any statutory and fiduciary obligations they have to provide notice to website visitors or obtain consent for their or a third party’s use of monitoring features such as cookies or tags. (4) MTI and its Subsidiaries have made available a true, correct, and complete copy of each Privacy and Data Security Policy in effect at any time since the respective inceptions of MTI and its Subsidiaries. (5) At all times, each of MTI and its Subsidiaries has been and is in compliance with all of its Privacy and Data Security Policies. (6) Neither the execution, delivery, or performance of this Agreement, nor the consummation of any of the transactions contemplated under this Agreement will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws. Each of MTI and its Subsidiaries has delivered to EVI accurate and complete copies of all of the Privacy Agreements. (d) Each of MTI and its Affiliates/Subsidiaries has not, and currently does not, market its products and services to any Persons under the age of 13...