Compliance with Data Privacy Laws The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Privacy Laws NCPS represents and warrants that its collection, access, use, storage, disposal and disclosure of Personal Data does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations. Without limiting the foregoing, NCPS shall implement administrative, physical and technical safeguards to protect Personal Data that are no less rigorous than accepted industry, and shall ensure that all such safeguards, including the manner in which Personal Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Escrow Agreement. NCPS shall use and disclose Personal Data solely and exclusively for the purposes for which the Personal Data, or access to it, is provided pursuant to the terms and conditions of this Escrow Agreement, and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Personal Data for NCPS’s own purposes or for the benefit of any party other than Issuer. For purposes of this section, “Personal Data” shall mean information provided to NCPS by or at the direction of the Issuer, or to which access was provided to NCPS by or at the direction of the Issuer, in the course of NCPS’s performance under this Escrow Agreement that: (i) identifies or can be used to identify an individual (also known as a “data subject”) (including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers); or (ii) can be used to authenticate an individual (including, without limitation, employee identification numbers, government-issued identification numbers, passwords or PINs, financial account numbers, credit report information, biometric or health data, answers to security questions and other personal identifiers), including the identifying information on individuals described in Section 12.
Compliance with Illinois Privacy Laws In performing its obligations under the Agreement, the Provider shall comply with all Illinois laws and regulations pertaining to student data privacy, confidentiality, and maintenance, including but not limited to the Illinois School Student Records Act ("ISSRA"), 105 ILCS 10/, Mental Health and Developmental Disabilities Confidentiality Act ("MHDDCA"), 740 ILCS 110/, Student Online Personal Protection Act ("SOPPA"), 105 ILCS 85/, Identity Protection Act ("IPA"), 5 ILCS 179/, and Personal Information Protection Act ("PIPA"), 815 ILCS 530/, and Local Records Act (“LRA”), 50 ILCS 205/.
Compliance with Texas Privacy Laws and Regulations In performing their respective obligations under the Agreement, the LEA and the Provider shall comply with all Texas laws and regulations pertaining to LEA data privacy and confidentiality, including but not limited to the Texas Education Code Chapter 32, and Texas Government Code Chapter 560.
Compliance with Privacy Code The Corporation acknowledges that the Warrant Agent may, in the course of providing services hereunder, collect or receive financial and other personal information about such parties and/or their representatives, as individuals, or about other individuals related to the subject matter hereof, and use such information for the following purposes:
(a) to provide the services required under this Indenture and other services that may be requested from time to time;
(b) to help the Warrant Agent manage its servicing relationships with such individuals;
(c) to meet the Warrant Agent’s legal and regulatory requirements; and
(d) if Social Insurance Numbers are collected by the Warrant Agent, to perform tax reporting and to assist in verification of an individual’s identity for security purposes. The Corporation acknowledges and agrees that the Warrant Agent may receive, collect, use and disclose personal information provided to it or acquired by it in the course of its acting as agent hereunder for the purposes described above and, generally, in the manner and on the terms described in its privacy code, which the Warrant Agent shall make available on its website or upon request, including revisions thereto. Further, the Corporation agrees that it shall not provide or cause to be provided to the Warrant Agent any personal information relating to an individual who is not a party to this Indenture unless the Corporation has assured itself that such individual understands and has consented to the aforementioned uses and disclosures.
Compliance with Data Protection Laws 2.1 bookinglab shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data.
2.2 The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.
Compliance with Safeguarding Customer Information Requirements The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616, and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Seller information regarding the implementation of such security measures upon the reasonable request of the Seller.
Compliance with Statutes, Regulations, Etc The Borrower will, and will cause each Subsidiary to, comply with all applicable laws, rules, regulations and orders applicable to it or its property, including all governmental approvals or authorizations required to conduct its business, and to maintain all such governmental approvals or authorizations in full force and effect, in each case except where the failure to do so could not reasonably be expected to have a Material Adverse Effect.
Compliance with Health Care Laws Each of the Company and its Subsidiaries is, and at all times has been, in compliance in all material respects with all applicable Health Care Laws, and has not engaged in activities which are, as applicable, cause for false claims liability, civil penalties, or mandatory or permissive exclusion from Medicare, Medicaid, or any other state or federal health care program. For purposes of this Agreement, “Health Care Laws” means: (i) the Federal Food, Drug, and Cosmetic Act (21 U.S.C. §§ 301 et seq.), the Public Health Service Act (42 U.S.C. §§ 201 et seq.), and the regulations promulgated thereunder; (ii) all applicable federal, state, local and all applicable foreign health care related fraud and abuse laws, including, without limitation, the U.S. Anti-Kickback Statute (42 U.S.C. Section 1320a-7b(b)), the U.S. Physician Payment Sunshine Act (42 U.S.C. § 1320a-7h), the U.S. Civil False Claims Act (31 U.S.C. Section 3729 et seq.), the criminal False Claims Law (42 U.S.C. § 1320a-7b(a)), all criminal laws relating to health care fraud and abuse, including but not limited to 18 U.S.C. Sections 286 and 287, and the health care fraud criminal provisions under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) (42 U.S.C. Section 1320d et seq.), the exclusion laws (42 U.S.C. § 1320a-7), the civil monetary penalties law (42 U.S.C. § 1320a-7a), HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act (42 U.S.C. Section 17921 et seq.), and the regulations promulgated pursuant to such statutes; (iii) Medicare (Title XVIII of the Social Security Act); (iv) Medicaid (Title XIX of the Social Security Act); (v) the Controlled Substances Act (21 U.S.C. §§ 801 et seq.) and the regulations promulgated thereunder; and (vi) any and all other applicable health care laws and regulations. Neither the Company nor, to the knowledge of the Company, any subsidiary has received notice of any claim, action, suit, proceeding, hearing, enforcement, investigation, arbitration or other action from any court or arbitrator or governmental or regulatory authority or third party alleging that any product operation or activity is in material violation of any Health Care Laws, and, to the Company’s knowledge, no such claim, action, suit, proceeding, hearing, enforcement, investigation, arbitration or other action is threatened. Neither the Company nor, to the knowledge of the Company, any subsidiary is a party to or has any ongoing reporting obligations pursuant to any corporate integrity agreements, deferred prosecution agreements, monitoring agreements, consent decrees, settlement orders, plans of correction or similar agreements with or imposed by any governmental or regulatory authority. Additionally, neither the Company, its Subsidiaries nor any of its respective employees, officers or directors has been excluded, suspended or debarred from participation in any U.S. federal health care program or human clinical research or, to the knowledge of the Company, is subject to a governmental inquiry, investigation, proceeding, or other similar action that could reasonably be expected to result in debarment, suspension, or exclusion.
DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.
