Common use of Additional Limitations Clause in Contracts

Additional Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer’s disclosure of Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuing Entity PII to its personnel or allow its personnel access to Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuing Entity PII to perform an Asset Representations Review, (B) with the prior written consent of the Issuing Entity and the Grantor Trust or (C) as required by Applicable Law. When permitted, the disclosure of or access to Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuing Entity PII on the proper use and protection of Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuing Entity PII with or to any third party without the prior written consent of the Issuing Entity and the Grantor Trust. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuing Entity, the Grantor Trust or Servicer or any individual about whom the Issuing Entity, the Grantor Trust or the Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide the Sponsor, the Issuing Entity, the Servicer and the Grantor Trust with information regarding its and its representatives’ privacy and information security systems, policies and procedures as the Sponsor, the Issuing Entity, the Grantor Trust or the Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network, systems or data.

Additional Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer’s disclosure of Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuing Entity PII to its personnel or allow its personnel access to Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuing Entity PII to perform an Asset Representations Review, (B) with the prior written consent of the [Issuing Entity and the Grantor Trust Entity[Grantor Trust] or (C) as required by Applicable Law. When permitted, the disclosure of or access to Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuing Entity PII on the proper use and protection of Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuing Entity PII with or to any third party without the prior written consent of the [Issuing Entity and the Grantor Entity][Grantor Trust]. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuing Entity[, the Grantor Trust Trust] or Servicer or any individual about whom the Issuing EntityEntity [, the Grantor Trust Trust] or the Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide the Sponsor, the Issuing Entity, the Servicer [and the Grantor Trust Trust] with information regarding its and its representatives’ privacy and information security systems, policies and procedures as the Sponsor, the Issuing Entity[, the Grantor Trust Trust] or the Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network, systems or data.

Additional Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer’s disclosure of Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuing Entity PII to its personnel or allow its personnel access to Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuing Entity PII to perform an Asset Representations Review, (B) with the prior written consent of the Issuing Entity [and the Grantor Trust Trust] or (C) as required by Applicable Law. When permitted, the disclosure of or access to Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuing Entity PII on the proper use and protection of Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuing Entity PII with or to any third party without the prior written consent of the Issuing Entity [and the Grantor Trust]. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuing Entity[, the Grantor Trust Trust] or Servicer or any individual about whom the Issuing Entity[, the Grantor Trust Trust] or the Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide the Sponsor, the Issuing Entity, the Servicer [and the Grantor Trust Trust] with information regarding its and its representatives’ privacy and information security systems, policies and procedures as the Sponsor, the Issuing Entity[, the Grantor Trust Trust] or the Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network, systems or data.