Confidential Information and Use of Data. The manner in which the Company treats confidential information of the User shall be governed by the Information Privacy Polic ies and Procedures of The Depository Trust & Clearing Corporation and Subsidiaries (the “DTCC Privacy Policy”), which may be found at xxx.xxxx.xxx, and which should be regularly reviewed by Users for updates made by the Company in connection with changes in Applicable Law. Some Records may contain sensitive information about natural persons such as their tax ID numbers, driver’s license or state or federal ID card numbers, or financ ial account numbers (collectively, “Non-Public Personal Information” or “NPI”). Company represents and warrants that (i) its treatment of User-provided NPI is in compliance w ith Applicable Law with respect to privacy and data security, and (ii) it has implemented and currently maintains a comprehensive written information security program, inc luding administrative, technical, and physical safeguards compliant with Applicable Law (“Security Program”) designed to (a) safeguard the security and confidentiality of User-provided NPI; (b) protect against any anticipated threats or hazards to the security or integrity of User-provided NPI; (c) protect against unauthorized access to, destruction, modification, disclosure, or use of User-provided NPI; (d) address computer and network security; (e) address physical security; (f) address business continuity and disaster recovery; (g) address Company’s response to unauthorized access to, disclosure of, or breach in the security of User-provided NPI in Company’s possession (“Security Incident”); and (h) provide for the secure destruction and disposal of User-provided NPI. The Security Program will be updated as required by Applicable Law. Company shall require its contractors who provide services on behalf of Company and who may have access to User-provided NPI (“Contractors”) to develop, implement, and maintain a written Security Program. At the User’s request, but in no event more frequently than once per year, Company agrees to certify in writing to User its compliance with the terms of this Section. Company shall, upon the User’s request, dispose of all Records, electronic or otherwise (including all backup records and other copies) containing any User-provided NPI that Company possesses or controls by destroying them pursuant to Company’s written policy governing records destruction, and in a manner that renders the Records unreadable and undecipherable by an...
Confidential Information and Use of Data. The manner in which the Company treats confidential information of the User shall be governed by the Information Privacy Policies and Procedures of The Depository Trust & Clearing Corporation and Subsidiaries, which may be found at xxx.xxxx.xxx. Notwithstanding the immediately preceding sentence, Users acknowledge and agree that nothing shall prevent the Company (or its affiliates) from releasing or disclosing aggregated data and other information sourced from data supplied to the Company by Users in connection with their use of the System, including by selling such aggregated data and other information; provided, however, that in no event shall the release or disclosure of such aggregated data and other information identify the economic terms of any specific transaction supplied to the Company by any User. By way of providing examples, but not by way of limitation, Users acknowledge and agree that the Company may use data supplied by Users to create products and services (i) containing benchmarking and other aggregated information and analysis that may contain anonymous data or (ii) that may identify a User or groups of Users by size, market share, degree of use of a service or other similar aggregated indicator.
Confidential Information and Use of Data
