CONFIDENTIALITY AND PRIVACY POLICIES AND LAWS The Contractor shall comply to the extent applicable with all State and Authorized User policies regarding compliance with various confidentiality and privacy laws, rules and regulations, including but not limited to the IRS Publication 1075, Family Educational Rights and Privacy Act (FERPA), the Health Insurance and Portability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Contractor shall cooperate in executing a written confidentiality agreement under FERPA and/or a Business Associate Agreement (HIPAA/HITECH) or other contractual provisions upon request by the State or any Authorized User.
Confidentiality and Privacy The Training Provider must not, without the prior written approval of the Department, disclose (or permit the disclosure of) information regarding this VET Funding Contract (including details of the Funds being provided by the Department in respect of any individual) or any Confidential Information of the Department or the State, except: to the extent required under this VET Funding Contract; to the extent required by Law; to its solicitors, barristers and/or other professional advisors in order to obtain advice in relation to its rights under this VET Funding Contract, the Training Services or the Funds and provided such advisors are under a duty of confidentiality; to the extent necessary for the registration or recording of documents where required; and/or to the extent required in connection with legal proceedings, and then only to the extent strictly necessary for that purpose. The Training Provider acknowledges and agrees that: the Department may disclose or otherwise make available (whether to the public generally or to any particular person or group of persons) any and all information relating to the Training Provider and this VET Funding Contract (including Confidential Information of the Training Provider), including: course and qualification details; government subsidised fee information; details of the Funds paid; the contents of any surveys in which the Training Provider participates pursuant to Clause 4.5(j)(ii) or any employer surveys; any information that the Training Provider is required to publish on its website or otherwise make publicly available under this VET Funding Contract; details of any non-compliance by the Training Provider with this VET Funding Contract; any action taken by the Department under this VET Funding Contract; and findings and outcomes of any audits or reviews undertaken pursuant to this VET Funding Contract, as it considers reasonably appropriate to facilitate the proper operation of the Skills First Program, including as contemplated by Clause 12.3 of Schedule 1; the Department may disclose information referred to in paragraph (a), and any information regarding any suspected non-compliance by the Training Provider with this VET Funding Contract, for the purpose of satisfying its obligations under: the Freedom of Information Act 1982 (Vic); the Ombudsman Act 1973 (Vic); or the Audit Act 1994 (Vic); or the requirements of Parliamentary accountability or a Minister's obligations to fulfil their duties of office; and the Department may disclose information referred to in paragraph (a) or paragraph (b) to the counterparty to any Other VET Funding Arrangement, any regulator who has responsibility for issuing or monitoring compliance with the applicable registration referred to in Clause 4.1(a), or other government entity in any jurisdiction that has an interest in the regulation and funding of the VET sector. The Training Provider must take all steps and make all efforts to assist the Department in complying with any of the obligations referred to in Clause 13.2(b). The Training Provider acknowledges that it will be bound by the Information Privacy Principles and any applicable Code of Practice with respect to any act done or practice engaged in by the Training Provider under or in connection with this VET Funding Contract in the same way and to the same extent as the Department would have been bound had it been directly done or engaged in by the Department. The Training Provider must include a standard privacy notice in all enrolment forms, in accordance with the Victorian VET Student Statistical Collection Guidelines, which advises Eligible Individuals how their data may be supplied to and used by the Department and Commonwealth VET Student Loan agencies. The Training Provider must, in collecting any Personal Information for the purposes of this VET Funding Contract, ensure that it has obtained all necessary consents for: the Training Provider to collect, use, hold and disclose that Personal Information, including by disclosing it to the Department as contemplated by this VET Funding Contract (including by way of the submission of reports under Clause 12 of Schedule 1, for the purposes of complying with Record disclosure obligations under Clause 10 and in the course of any audit, review or investigation under Clause 11); and the Department to collect, use, hold and disclose that Personal Information for the purposes of this VET Funding Contract and its operation and management of the Skills First Program, in accordance with all applicable Laws, including the PDP Act, the Health Records Act and (if applicable to the Training Provider) the Privacy Act 1988 (Cth). The Training Provider must cooperate with, and provide any assistance requested by, the Department in relation to: resolving any complaint made to the Department alleging a breach of the PDP Act or the Health Records Act in relation to any Personal Information collected, used, held or disclosed by the Department that was provided to it by the Training Provider in connection with this VET Funding Contract; and providing access to or amendment of any record of Personal Information collected, used, held or disclosed in connection with this VET Funding Contract following a request from an individual made to the Department.
Confidentiality; Access to Information (a) Each Preferred Member (other than the FRBNY which is bound by that certain Nondisclosure Agreement by and among AIG and the FRBNY and dated as of September 25, 2008 (the “Nondisclosure Agreement”) or any Permitted Transferee of the FRBNY and any Observers who executed a joinder to the Nondisclosure Agreement or who are otherwise bound thereto), and any Observer not otherwise bound by the Nondisclosure Agreement, agrees to keep confidential, and not to disclose to any Person, any matter relating to the Company or any of its Affiliates, or their respective affairs (other than disclosure to such Preferred Member’s advisors responsible for matters relating to the Company and who reasonably need to know such information in order to perform such responsibilities (each such Person being hereinafter referred to as an “Authorized Representative”)); provided, however, that such Preferred Member or any of its Authorized Representatives may make such disclosure, subject to applicable Law, to the extent that (i) the information being disclosed is in connection with such Preferred Member’s tax returns or concerns the tax structure or tax treatment of the Company or its transactions, (ii) such disclosure is to any officer, director, shareholder or partner of such Preferred Member, (iii) the information being disclosed is otherwise generally available to the public, (iv) such disclosure is requested by any governmental body, agency, official or authority having jurisdiction over such Preferred Member, (v) such disclosure, based upon the advice of legal counsel of such Preferred Member or Authorized Representative, is otherwise required by applicable Law or statute or (vi) such disclosure is made to any Permitted Transferee or Third Party in connection with any proposed Transfer of Securities, which Permitted Transferee or Third Party is subject to a confidentiality agreement for the benefit of the Company with terms no less protective than this Section 7.05(a). Prior to making any disclosure described in clause (iv) or (v) of this Section 7.05(a), a Preferred Member (other than the FRBNY or any Permitted Transferee thereof) shall notify the Board of Managers of such disclosure and of such advice of counsel. Each Preferred Member (other than the FRBNY or any Permitted Transferee thereof) shall use all reasonable efforts to cause each of its Authorized Representatives to comply with the obligations of such Preferred Member under this Section 7.05(a). In connection with any disclosure described in clause (iv) or (v) above, the disclosing Preferred Member shall cooperate with the Company in seeking any protective order or other appropriate arrangement as the Board of Managers may request.
(b) Each of the AIG Member and the Company hereby agrees to provide, or cause to be provided, to the Comptroller General of the United States (the “Comptroller General”), upon request, access to information, data, schedules, books, accounts, financial records, reports, files, electronic communications, or other papers, things or property that relate to assistance provided by the FRBNY pursuant to any action taken by the Board of Governors of the Federal Reserve System (the “Board of Governors”) under section 13(3) of the Federal Reserve Act (12 U.S.C. § 343), to the extent required by, and in accordance with the provisions of, 31 U.S.C. § 714(d)(3) (as added by section 801 of the Helping Families Save Their Homes Act of 2009, Pub. L. No. 111-22 (the “Helping Families Act”)). The parties hereby acknowledge that the Helping Families Act provides that, subject to certain exceptions enumerated in 31 U.S.C. § 714(c)(4) (as amended), an officer or an employee of the U.S. Government Accountability Office (the “GAO”) (including the Comptroller General) may not disclose to any person outside the GAO information obtained in audits or examinations conducted under 31 U.S.C. § 714(e) (as amended) and maintained as confidential by the Board of Governors or a Federal Reserve bank (including the FRBNY).
Compliance with Privacy Laws NCPS represents and warrants that its collection, access, use, storage, disposal and disclosure of Personal Data does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations. Without limiting the foregoing, NCPS shall implement administrative, physical and technical safeguards to protect Personal Data that are no less rigorous than accepted industry, and shall ensure that all such safeguards, including the manner in which Personal Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Escrow Agreement. NCPS shall use and disclose Personal Data solely and exclusively for the purposes for which the Personal Data, or access to it, is provided pursuant to the terms and conditions of this Escrow Agreement, and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Personal Data for NCPS’s own purposes or for the benefit of any party other than Issuer. For purposes of this section, “Personal Data” shall mean information provided to NCPS by or at the direction of the Issuer, or to which access was provided to NCPS by or at the direction of the Issuer, in the course of NCPS’s performance under this Escrow Agreement that: (i) identifies or can be used to identify an individual (also known as a “data subject”) (including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers); or (ii) can be used to authenticate an individual (including, without limitation, employee identification numbers, government-issued identification numbers, passwords or PINs, financial account numbers, credit report information, biometric or health data, answers to security questions and other personal identifiers), including the identifying information on individuals described in Section 12.
Compliance with Data Privacy Laws The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Confidentiality and Data Protection We are a data controller for the information you provide to us including individual, identification and financial details, policy history and special category data (such as medical or criminal history). Details of our legal basis for processing your information, along with details of any third party recipient whom it may be necessary to share your personal data with in order to fulfil the contract, retention period for data held, security of your data, your rights under the UK General Data Protection Regulations (UK GDPR) including the right to complain can be found in our full ‘Privacy Notice’ attached to these terms of business and/or on our website at xxx.xxxxxxxxxxxxxxxx.xx.xx.
Data Protection and Confidentiality 9.5.1 The Tenant’s personal data, which will be processed in the execution of this Agreement will be handled in accordance with the General Data Protection Regulation (EU) 2016/679. Further details regarding this processing activity is set out in the associated Privacy Notice, which can be found at: xxxxx://xxx.xxxxxxx.xxx/privacy-policy
Access to Information; Confidentiality (a) Upon reasonable advance written notice, subject to applicable logistical restrictions or limitations as a result of COVID-19 or any COVID-19 Measures and solely for purposes of furthering the Merger Transactions, the Company shall, and shall cause each of its Subsidiaries to, afford to Parent, Merger Sub and their respective representatives reasonable access during normal business hours during the period from the date of this Agreement until the earlier of the Effective Time or the valid termination of this Agreement pursuant to Article VII, to all their respective properties, assets, books, contracts, commitments, personnel and records and, during such period, the Company shall, and shall cause each of its Subsidiaries to, furnish promptly to Parent: (i) a copy of each report, schedule, registration statement and other document filed or received by it during such period pursuant to the requirements of federal or state securities Laws and (ii) all other information concerning its business, properties and personnel as Parent or Merger Sub may reasonably request (including Tax Returns filed and those in preparation and the workpapers of its auditors). Nothing herein (including, for the avoidance of doubt, this Section 5.2(a) and Section 5.2(b)) shall require the Company or any of its Subsidiaries to provide such access or information to the extent that such action (A) would reasonably be expected to result in a waiver of attorney-client privilege, work product doctrine or similar privilege, (B) specifically relates to the evaluation, deliberation or minutes of the Company Board (or any committee or subcommittee thereof) related to the Merger Transactions, the strategic and financial alternatives process leading thereto, or any information or materials provided to the Company Board (or any committee or subcommittee thereof) in connection therewith or (C) would reasonably be expected to violate any applicable Law or any confidentiality obligation owing to a third party so long as the Company shall promptly notify Parent of any such confidentiality obligations or access restrictions and use commercially reasonable efforts to obtain the consent of such third party to provide such information and otherwise provide such access to Parent, if requested and (b) generally describe the type of information that cannot be disclosed to Parent (to the extent not prohibited by law or the underlying document). No investigation pursuant to this Section 5.2 shall affect any representation or warranty in this Agreement of any party hereto or any condition to the obligations of the parties hereto. All requests for access pursuant to this Section 5.2 must be directed to the Chief Financial Officer of the Company or another person designated in writing by the Company. Notwithstanding anything herein to the contrary, Parent and Merger Sub shall not, and shall cause their respective representatives not to, contact any partner, licensor, licensee, customer or supplier of the Company in connection with the Offer, the Merger or any of the other Merger Transactions without the Company’s prior written consent (such consent not to be unreasonably withheld, conditioned or delayed), and Parent and Merger Sub acknowledge and agree that any such contact shall be arranged by and with a representative of the Company participating.
(b) To the extent Parent requests further information or investigation of the basis of any potential violations of Law, including Customs & Trade Laws, and Anti-Bribery Laws, the Company shall, and shall cause its Subsidiaries to, cooperate with such request and make available any personnel or experts engaged by the Company or its Subsidiaries necessary to accommodate such request.
(c) The Company shall (i) notify Parent in writing as promptly as reasonably practicable after learning of any Legal Proceeding by any Person initiated against the Company or any of its Subsidiaries or, to the Knowledge of the Company, threatened against the Company, any of its Subsidiaries or any of their respective representatives in their capacity as such (a “New Litigation Claim”); (ii) notify Parent of ongoing material developments in any New Litigation Claim and any Legal Proceeding that was existing prior to the date hereof and (iii) consult in good faith with Parent regarding the conduct of the defense of any New Litigation Claim and any Legal Proceeding that was existing prior to the date hereof. With respect to any New Litigation Claim against the Company or its directors or officers relating to this Agreement or the Merger Transactions, the Company shall consult with Parent and give Parent the opportunity to participate in the defense and settlement of any such litigation, and no such settlement shall be agreed to without Parent’s prior written consent (such consent not to be unreasonably withheld, delayed or
Compliance with Illinois Privacy Laws In performing its obligations under the Agreement, the Provider shall comply with all Illinois laws and regulations pertaining to student data privacy, confidentiality, and maintenance, including but not limited to the Illinois School Student Records Act ("ISSRA"), 105 ILCS 10/, Mental Health and Developmental Disabilities Confidentiality Act ("MHDDCA"), 740 ILCS 110/, Student Online Personal Protection Act ("SOPPA"), 105 ILCS 85/, Identity Protection Act ("IPA"), 5 ILCS 179/, and Personal Information Protection Act ("PIPA"), 815 ILCS 530/, and Local Records Act (“LRA”), 50 ILCS 205/.
Confidentiality of Protected Data (a) Vendor acknowledges that the Protected Data it receives pursuant to the Master Agreement originates from the District and that this Protected Data belongs to and is owned by the District.
(b) Vendor will maintain the confidentiality of the Protected Data it receives in accordance with federal and state law (including but not limited to Section 2-d) and the District’s policy on data security and privacy. The District will provide Vendor with a copy of its policy on data security and privacy upon request.
