Common use of Additional Requirements and Limitations Clause in Contracts

Additional Requirements and Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer's disclosure of Issuer PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuer PII to its personnel or allow its personnel access to Issuer PII except (A) for the Asset Representations Reviewer personnel who require Issuer PII to perform a Review, (B) with the prior written consent of the Issuer and the Servicer or (C) as required by applicable law. When permitted, the disclosure of or access to Issuer PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuer PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuer PII on the proper use and protection of Issuer PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuer PII with or to any third party without the prior written consent of the Issuer and the Servicer. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuer or Servicer or any individual about whom Issuer or Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide Issuer and Servicer with information regarding its and its representatives’ privacy and information security systems, policies and procedures as Issuer or Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network or systems.

Additional Requirements and Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer's ’s disclosure of Issuer Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuer Issuing Entity PII to its personnel or allow its personnel access to Issuer Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuer Issuing Entity PII to perform a Review, (B) with the prior written consent of the Issuer Issuing Entity and the Servicer or (C) as required by applicable law. When permitted, the disclosure of or access to Issuer Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuer Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuer Issuing Entity PII on the proper use and protection of Issuer Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuer Issuing Entity PII with or to any third party without the prior written consent of the Issuer Issuing Entity and the Servicer. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuer Issuing Entity or Servicer or any individual about whom Issuer Issuing Entity or Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide Issuer Issuing Entity and Servicer with information regarding its and its representatives’ privacy and information security systems, policies and procedures as Issuer Issuing Entity or Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network or systems.

Additional Requirements and Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer's disclosure of Issuer Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuer Issuing Entity PII to its personnel or allow its personnel access to Issuer Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuer Issuing Entity PII to perform a Review, (B) with the prior written consent of the Issuer Issuing Entity and the Servicer or (C) as required by applicable law. When permitted, the disclosure of or access to Issuer Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuer Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuer Issuing Entity PII on the proper use and protection of Issuer Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuer Issuing Entity PII with or to any third party without the prior written consent of the Issuer Issuing Entity and the Servicer. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuer Issuing Entity or Servicer or any individual about whom Issuer Issuing Entity or Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide Issuer Issuing Entity and Servicer with information regarding its and its representatives’ privacy and information security systems, policies and procedures as Issuer Issuing Entity or Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network or systems.

Additional Requirements and Limitations. In addition to the use and protection requirements described in Section 4.09(b), the Asset Representations Reviewer's disclosure of Issuer Issuing Entity PII is also subject to the following requirements: (i) The Asset Representations Reviewer will not disclose Issuer Issuing Entity PII to its personnel or allow its personnel access to Issuer Issuing Entity PII except (A) for the Asset Representations Reviewer personnel who require Issuer Issuing Entity PII to perform a Review, (B) with the prior written consent of the Issuer Issuing Entity[, the Grantor Trust] and the Servicer or (C) as required by applicable law. When permitted, the disclosure of or access to Issuer Issuing Entity PII will be limited to the specific information necessary for the individual to complete the assigned task. The Asset Representations Reviewer will inform personnel with access to Issuer Issuing Entity PII of the confidentiality requirements in this Agreement and train its personnel with access to Issuer Issuing Entity PII on the proper use and protection of Issuer Issuing Entity PII. (ii) The Asset Representations Reviewer will not sell, disclose, provide or exchange Issuer Issuing Entity PII with or to any third party without the prior written consent of the Issuer Issuing Entity[, the Grantor Trust] and the Servicer. (iii) The Asset Representations Reviewer agrees, represents and warrants that the Asset Representations Reviewer has, and will continue to have, adequate administrative, technical, and physical safeguards designed to: (a) to ensure the security and confidentiality of all PII; (b) to protect against any anticipated threats or hazards to the security or integrity of PII; and (c) to protect against unauthorized acquisition of, access to or use of PII which could result in a “breach” as that terms is defined under applicable Privacy Laws, or substantial harm to Issuer Issuing Entity[, the Grantor Trust] or Servicer or any individual about whom Issuer Issuing Entity[, the Grantor Trust] or Servicer has or collects financial and other information. (iv) The Asset Representations Reviewer agrees to provide Issuer Issuing Entity[, the Grantor Trust] and Servicer with information regarding its and its representatives’ privacy and information security systems, policies and procedures as Issuer Issuing Entity[, the Grantor Trust] or Servicer may reasonably request relating to its compliance with this Agreement and applicable Privacy Laws. The Asset Representations Reviewer agrees to provide training in the Privacy Laws and Asset Representations Reviewer’s information security policies to all Asset Representations Reviewer personnel whose duties pursuant to this Agreement could bring them in contact with PII. The Asset Representations Reviewer shall comply at all times with Servicer’s information security policies and procedures in connection with any access to or use of Servicer’s network or systems.