Data Security A. Identity Access Management. BNY Mellon will implement reasonable and industry recognized user access rules for users accessing Customer Data based on the need to know and the principle of least privilege, and including user ID and password requirements, session timeout and re-authentication requirements, unsuccessful login attempt limits, privileged access limits and multifactor authentication or equivalent safeguard where risk factors indicate that single factor authentication is inadequate.
Not a Security None of the Notes shall be deemed to be a security within the meaning of the Securities Act of 1933 or the Securities Exchange Act of 1934.
Cyber Security; Data Protection The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Portfolio Security Portfolio Security will mean any security owned by the Fund.
Cyber Security Except as disclosed in the Registration Statement and the Prospectus, (x)(i) to the knowledge of the Company, there has been no security breach or other compromise of or relating to any information technology and computer systems, networks, hardware, software, data, or equipment owned by the Company or its subsidiaries or of any data of the Company’s, the Operating Partnership’s or the Subsidiaries’ respective customers, employees, suppliers, vendors that they maintain or that, to their knowledge, any third party maintains on their behalf (collectively, “IT Systems and Data”) that had, or would reasonably be expected to have had, individually or in the aggregate, a Material Adverse Effect, and (ii) the Company, the Operating Partnership and the Subsidiaries have not received any written notice of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to their IT Systems and Data that had, or would reasonably be expected to have had, a Material Adverse Effect; (y) the Company, the Operating Partnership and the Subsidiaries are presently in compliance with all applicable laws or statutes and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the protection of IT Systems and Data from a security breach or unauthorized use, access, misappropriation, modification or other compromise, except as would not, in the case of this clause (y), individually or in the aggregate, have a Material Adverse Effect; and (z) the Company, the Operating Partnership and the Subsidiaries have implemented commercially reasonable backup and disaster recovery technology.
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Cybersecurity (i)(x) There has been no security breach or other compromise of or relating to any of the Company’s or any Subsidiary’s information technology and computer systems, networks, hardware, software, data (including the data of its respective customers, employees, suppliers, vendors and any third party data maintained by or on behalf of it), equipment or technology (collectively, “IT Systems and Data”) and (y) the Company and the Subsidiaries have not been notified of, and has no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to its IT Systems and Data; (ii) the Company and the Subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification, except as would not, individually or in the aggregate, have a Material Adverse Effect; (iii) the Company and the Subsidiaries have implemented and maintained commercially reasonable safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and Data; and (iv) the Company and the Subsidiaries have implemented backup and disaster recovery technology consistent with industry standards and practices.
Quebec Security To the extent that any Canadian Credit Party now or in the future is required to grant security pursuant to the laws of the Province of Quebec, each Agent (other than the Collateral Agent) and Lender acting for itself and on behalf of all present and future Affiliates of such Agent or Lender that are or become a Lender Counterparty, hereby irrevocably authorizes and appoints the Collateral Agent to act as the holder of an irrevocable power of attorney (fondé de pouvoir) (within the meaning of Article 2692 of the Civil Code of Quebec) in order to hold any hypothec granted under the laws of the Province of Quebec as security for any debenture, bond or other title of indebtedness that may be issued by any Canadian Credit Party and to exercise such rights and duties as are conferred upon a fondé de pouvoir under the relevant deed of hypothec and applicable laws (with the power to delegate any such rights or duties). Moreover, in respect of any pledge by any such Canadian Credit Party of any such debenture, bond or other title of indebtedness as security in respect of any Obligations, the Collateral Agent shall also be authorized to hold such debenture, bond or other title of indebtedness as agent, mandatary, custodian and pledgee for the benefit of the Agents, the Lenders and the Lender Counterparties, the whole notwithstanding the provisions of Section 32 of the An Act respecting the Special Powers of Legal Persons (Quebec). The execution prior to the date hereof by the Collateral Agent of any deed of hypothec or other security documents made pursuant to the laws of the Province of Quebec, is hereby ratified and confirmed. Any person who becomes a Lender, Issuing Bank, an Agent or a Lender Counterparty shall be deemed to have consented to and ratified the foregoing appointment of each of the Collateral Agent as fondé de pouvoir, agent, mandatary and custodian on behalf of all Agents, Issuing Banks, Lenders and the Lender Counterparties, including such person. For greater certainty, the Collateral Agent, when acting as the holder of an irrevocable power of attorney (fondé de pouvoir), shall have the same rights, powers, immunities, indemnities and exclusions from liability as are prescribed in favour of the Collateral Agent in this Agreement, which shall apply mutatis mutandis. In the event of the resignation and appointment of a successor Collateral Agent, such successor of the Collateral Agent shall also act as the holder of an irrevocable power of attorney (fondé de pouvoir), and as agent, mandatary and custodian for the purposes set forth above. Without limiting the foregoing, none of such Lenders shall have or be deemed to have a fiduciary relationship with any Lender. The Lenders are not partners or co-venturers, and no Lender shall be liable for the acts or omissions of, or (except as otherwise set forth herein in case of the Administrative Agent) authorized to act for, any other Lender.
Security Notwithstanding anything herein to the contrary, except for Section 27, to the extent requested by Indemnitee and approved by the Board, the Company may at any time and from time to time provide security to Indemnitee for the Company’s obligations hereunder through an irrevocable bank line of credit, funded trust or other collateral. Any such security, once provided to Indemnitee, may not be revoked or released without the prior written consent of Indemnitee.
Restricted Global Security to Regulation S Global Security If a holder of a beneficial interest in a Restricted Global Security deposited with or on behalf of DTC wishes at any time to exchange its interest in such Restricted Global Security for an interest in a Regulation S Global Security, or to transfer its interest in such Restricted Global Security to a Person who wishes to take delivery thereof in the form of an interest in a Regulation S Global Security, such holder, provided such holder is not a U.S. person, may, subject to the rules and procedures of DTC, exchange or cause the exchange of such interest for an equivalent beneficial interest in the Regulation S Global Security. Upon receipt by the Trustee, as Certificate Registrar, of (I) instructions from DTC directing the Trustee, as Certificate Registrar, to be credited a beneficial interest in a Regulation S Global Security in an amount equal to the beneficial interest in such Restricted Global Security to be exchanged but not less than the minimum denomination applicable to such holder’s Certificates held through a Regulation S Global Security, (II) a written order given in accordance with DTC’s procedures containing information regarding the participant account of DTC and, in the case of a transfer pursuant to and in accordance with Regulation S, the Euroclear or Clearstream account to be credited with such increase and (III) a certificate in the form of Exhibit N-1 hereto given by the holder of such beneficial interest stating that the exchange or transfer of such interest has been made in compliance with the transfer restrictions applicable to the Global Securities, including that the holder is not a U.S. person, and pursuant to and in accordance with Regulation S, the Trustee, as Certificate Registrar, shall reduce the principal amount of the Restricted Global Security and increase the principal amount of the Regulation S Global Security by the aggregate principal amount of the beneficial interest in the Restricted Global Security to be exchanged, and shall instruct Euroclear or Clearstream, as applicable, concurrently with such reduction, to credit or cause to be credited to the account of the Person specified in such instructions a beneficial interest in the Regulation S Global Security equal to the reduction in the principal amount of the Restricted Global Security.
