Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Variable Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure ...
Privacy and Data Security. Parent and each of its Subsidiaries have complied with all Data Protection Requirements in the conduct of Parent’s and its Subsidiaries’ businesses, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Parent Material Adverse Effect. Parent and each of its Subsidiaries have all necessary authority, rights, consents and authorizations to engage in the Data Activities of Personal Data maintained by or for Parent and its Subsidiaries to the extent required in connection with the operation of Parent’s and its Subsidiaries’ business as currently conducted. Since January 1, 2019, Parent and its Subsidiaries have not: (i) experienced any actual, alleged, or suspected data breach or other security incident involving Personal Data in their possession or control; or (ii) been subject to or received any notice of any audit, investigation, complaint, or other Legal Action by any Governmental Entity or other Person concerning Parent’s or any of its Subsidiaries’ Data Activities in relation to Personal Data or actual, alleged, or suspected violation of any Data Protection Requirement concerning privacy, data security, or data breach notification, and to Parent’s Knowledge, there are no facts or circumstances that could reasonably be expected to give rise to any such Legal Action, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Parent Material Adverse Effect. Parent and its Subsidiaries (i) have executed current and valid “Business Associate Agreements” (as described by HIPAA and the corresponding regulations) with each (A) “business associate” (as described by HIPAA and the corresponding regulations), (B) “covered entity” (as described by HIPAA and the corresponding regulations), and (C) “subcontractor” (as described by HIPAA and the corresponding regulations); and (ii) materially comply with such Business Associate Agreements. The Company and each of its Subsidiaries have obtained, as applicable, all rights necessary to undertake de-identification of user data and has de-identified such user data in accordance with the requirements of HIPAA and other Data Protection Requirements.
Privacy and Data Security. The Loan Parties and their Subsidiaries shall, at all times, remain in compliance in all material respects with all applicable United States and international privacy and data security laws and regulations including GDPR (to the extent applicable).
Privacy and Data Security. (a) Homology and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Homology Contracts relating to privacy, security, collection or use of Personal Information of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Homology or any of its Subsidiaries in connection with the operation of Homology’s and its Subsidiaries’ business, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Homology Material Adverse Effect. To the Knowledge of Homology, Homology has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Homology Contracts, concerning the privacy, security, collection and use of Personal Information (“Homology Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Homology, as of the date hereof, no claims have been asserted or threatened against Homology by any Person alleging a violation of Privacy Laws, Privacy Policies and/or the applicable terms of any Homology Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Homology has not received written notice of any of the same. To the Knowledge of Homology, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Homology data in the custody or control of Homology or any service provider acting on behalf of Homology, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Homology Contract.
Privacy and Data Security. Parent and each of its Subsidiaries have complied with all applicable Laws and all internal or publicly posted policies, notices, and statements concerning the collection, use, processing, storage, transfer, and security of personal information in the conduct of Parent’s and its Subsidiaries’ businesses, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Parent Material Adverse Effect. In the past three years, Parent and its Subsidiaries have not: (i) experienced any actual, alleged, or suspected data breach or other security incident involving personal information in their possession or control; or (ii) been subject to or received any notice of any audit, investigation, complaint, or other Legal Action by any Governmental Entity or other Person concerning Parent’s or any of its Subsidiaries’ collection, use, processing, storage, transfer, or protection of personal information or actual, alleged, or suspected violation of any applicable Law concerning privacy, data security, or data breach notification, and to the Parent’s Knowledge, there are no facts or circumstances that could reasonably be expected to give rise to any such Legal Action, in each case except as would not reasonably be expected to have, individually or in the aggregate, a Parent Material Adverse Effect.
Privacy and Data Security. Any data, including all Personal Information related to the current, former or prospective shareholders, officers or trustees of each Trust, that MUIS receives, generates, collects or otherwise processes on behalf of a Trust pursuant to the services performed under the terms of this Agreement (collectively, “Trust Data”) will be used by MUIS solely in connection with performing or enforcing any obligations with respect to the Agreement. For purposes of this Agreement, “
Privacy and Data Security. (a) In the prior three (3) years, the Company and its Subsidiaries have been in compliance with Privacy Laws, and in all material respects with (i) Contracts (or portions thereof) between the Company or its Subsidiaries and other Persons relating to Personal Data and (ii) applicable written policies, public statements and other public representations relating to the Processing of Personal Data, inclusive of all disclosures required by applicable Privacy Laws (“Privacy and Data Security Policies,” and together with Privacy Laws and such Contracts, “Privacy Commitments”). The execution, delivery and performance by the Company of this Agreement to which the Company is or will be a party, and the consummation of the transactions contemplated hereby or thereby, are not reasonably expected to, directly or indirectly, result in a violation of any Privacy Commitments that would be materially adverse to the Company and its Subsidiaries, taken as a whole.
Privacy and Data Security. During the course of the Agreement, CampMinder may receive or have access to Personal Data of Licensee. CampMinder agrees and covenants that it will use and disclose Personal Data solely and exclusively for the purposes for which the Personal Data, or access to it, is provided pursuant to the terms and conditions of this Agreement. Further, each Party shall comply with all Data Protection Laws applicable to the parties’ respective collection, use, disclosure and other processing of Personal Data hereunder. Without limiting the generality of the foregoing, Licensee represents and warrants that it has, and will obtain, all right, title, and interest in and to any Licensee Data provided hereunder which may be necessary for CampMinder to process such Personal Data for the purposes set forth herein, including in connection with the analysis and monitoring of Licensee’s and its Authorized Users’ use of the Software Products, and in connection with the legitimate non-commercial business and information security operations of Licensee. In the event the Parties must enter into any agreement or additional provisions to maintain compliance with all applicable Data Protection Laws, the Parties shall negotiate in good faith to agree to such additional terms, including any processing terms required under the GDPR. Licensee represents that it is not subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), will not provide any information that is subject to HIPAA to CampMinder, and will promptly advise CampMinder if Licensee becomes or provides any information subject to HIPAA. CampMinder will maintain reasonable and appropriate administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Licensee Data, including Personal Data. In the event that any Personal Data is disclosed by CampMinder (or its employees, subcontractors or agents) to an unauthorized third party (a “Data Breach”), then CampMinder shall give notice to Licensee, with full particulars if known, and shall commence an investigation of any such incident. Licensee shall be solely responsible for providing any notices or providing any remedies required by applicable Data Protection Law.
Privacy and Data Security. (a) The Company Entities have a privacy policy regarding the collection, use and disclosure of personal information in connection with the operation of the Business for which any Company Entity is the “controller” or similarly responsible under applicable Laws regarding the collection, retention, use and protection of personal information, or otherwise held or processed on its behalf and each Company Entity is and has been in material compliance with such privacy policy. The Company Entities have posted a privacy policy in a clear and conspicuous location on all public websites owned or operated by the Company Entities.
Privacy and Data Security. “Business Privacy and Data Security Policies” means all of the Company’s past or present, internal or public-facing policies, notices, and statements concerning the privacy, security, or Processing of Personal Information. “Personal Information” means any information that identifies or, alone or in combination with any other information, could reasonably be used to identify, locate, or contact a natural person, including name, street address, telephone number, email address, identification number issued by a Governmental Entity, credit card number, bank information, customer or account number, online identifier, device identifier, IP address, browsing history, search history, or other website, application, or online activity or usage data, location data, biometric data, medical or health information, or any other information that is considered “personally identifiable information,” “personal information,” or “personal data” under Applicable Law. “Privacy Laws” means all applicable Laws, Governmental Orders, and binding guidance issued by any Governmental Entity concerning the privacy, security, or Processing of Personal Information (including Applicable Laws of jurisdictions where Personal Information was collected), including, as applicable, data breach notification Applicable Laws, consumer protection Applicable Laws, Applicable Laws concerning requirements for website and mobile application privacy policies and practices, Social Security number protection Applicable Laws, data security Applicable Laws, and Applicable Laws concerning email, text message, or telephone communications. Without limiting the foregoing, Privacy Laws include: the Federal Trade Commission Act, the Telephone Consumer Protection Act, the Telemarketing and Consumer Fraud and Abuse Prevention Act, the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, the Children’s Online Privacy Protection Act, the California Consumer Privacy Act of 2018, the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, the Fair Credit Reporting Act, the Fair and Accurate Credit Transaction Act, the Health Insurance Portability and Accountability Act of 1996, as amended and supplemented by the Health Information Technology for Economic and Clinical Health Act of the American Recovery and Reinvestment Act of 2009, the Xxxxx-Xxxxx-Xxxxxx Act, the Family Educational Rights and Privacy Act, the GDPR, and all other similar international, federal, state, provincia...
