Confidentiality and Data Protection We are a data controller for the information you provide to us including individual, identification and financial details, policy history and special category data (such as medical or criminal history). Details of our legal basis for processing your information, along with details of any third party recipient whom it may be necessary to share your personal data with in order to fulfil the contract, retention period for data held, security of your data, your rights under the UK General Data Protection Regulations (UK GDPR) including the right to complain can be found in our full ‘Privacy Notice’ attached to these terms of business and/or on our website at xxx.xxxxxxxxxxxxxxxx.xx.xx.
Confidentiality and Privacy The Training Provider must not, without the prior written approval of the Department, disclose (or permit the disclosure of) information regarding this VET Funding Contract (including details of the Funds being provided by the Department in respect of any individual) or any Confidential Information of the Department or the State, except: to the extent required under this VET Funding Contract; to the extent required by Law; to its solicitors, barristers and/or other professional advisors in order to obtain advice in relation to its rights under this VET Funding Contract, the Training Services or the Funds and provided such advisors are under a duty of confidentiality; to the extent necessary for the registration or recording of documents where required; and/or to the extent required in connection with legal proceedings, and then only to the extent strictly necessary for that purpose. The Training Provider acknowledges and agrees that: the Department may disclose or otherwise make available (whether to the public generally or to any particular person or group of persons) any and all information relating to the Training Provider and this VET Funding Contract (including Confidential Information of the Training Provider), including: course and qualification details; government subsidised fee information; details of the Funds paid; the contents of any surveys in which the Training Provider participates pursuant to Clause 4.5(j)(ii) or any employer surveys; any information that the Training Provider is required to publish on its website or otherwise make publicly available under this VET Funding Contract; details of any non-compliance by the Training Provider with this VET Funding Contract; any action taken by the Department under this VET Funding Contract; and findings and outcomes of any audits or reviews undertaken pursuant to this VET Funding Contract, as it considers reasonably appropriate to facilitate the proper operation of the Skills First Program, including as contemplated by Clause 12.3 of Schedule 1; the Department may disclose information referred to in paragraph (a), and any information regarding any suspected non-compliance by the Training Provider with this VET Funding Contract, for the purpose of satisfying its obligations under: the Freedom of Information Act 1982 (Vic); the Ombudsman Act 1973 (Vic); or the Audit Act 1994 (Vic); or the requirements of Parliamentary accountability or a Minister's obligations to fulfil their duties of office; and the Department may disclose information referred to in paragraph (a) or paragraph (b) to the counterparty to any Other VET Funding Arrangement, any regulator who has responsibility for issuing or monitoring compliance with the applicable registration referred to in Clause 4.1(a), or other government entity in any jurisdiction that has an interest in the regulation and funding of the VET sector. The Training Provider must take all steps and make all efforts to assist the Department in complying with any of the obligations referred to in Clause 13.2(b). The Training Provider acknowledges that it will be bound by the Information Privacy Principles and any applicable Code of Practice with respect to any act done or practice engaged in by the Training Provider under or in connection with this VET Funding Contract in the same way and to the same extent as the Department would have been bound had it been directly done or engaged in by the Department. The Training Provider must include a standard privacy notice in all enrolment forms, in accordance with the Victorian VET Student Statistical Collection Guidelines, which advises Eligible Individuals how their data may be supplied to and used by the Department and Commonwealth VET Student Loan agencies. The Training Provider must, in collecting any Personal Information for the purposes of this VET Funding Contract, ensure that it has obtained all necessary consents for: the Training Provider to collect, use, hold and disclose that Personal Information, including by disclosing it to the Department as contemplated by this VET Funding Contract (including by way of the submission of reports under Clause 12 of Schedule 1, for the purposes of complying with Record disclosure obligations under Clause 10 and in the course of any audit, review or investigation under Clause 11); and the Department to collect, use, hold and disclose that Personal Information for the purposes of this VET Funding Contract and its operation and management of the Skills First Program, in accordance with all applicable Laws, including the PDP Act, the Health Records Act and (if applicable to the Training Provider) the Privacy Act 1988 (Cth). The Training Provider must cooperate with, and provide any assistance requested by, the Department in relation to: resolving any complaint made to the Department alleging a breach of the PDP Act or the Health Records Act in relation to any Personal Information collected, used, held or disclosed by the Department that was provided to it by the Training Provider in connection with this VET Funding Contract; and providing access to or amendment of any record of Personal Information collected, used, held or disclosed in connection with this VET Funding Contract following a request from an individual made to the Department.
Confidentiality and Publicity 26.1 All proprietary or confidential information (“Proprietary Information”) disclosed by either Party during the negotiations and the term of this Agreement will be protected by both Parties in accordance with the terms provided herein.
26.2 As used in this Agreement, the term “Proprietary Information” will mean written, recorded, machine readable or other information provided in tangible form to one Party by the other Party regarding the above referenced subject matter and which is marked proprietary or confidential with the appropriate owner corporation name, e.g., “Frontier Proprietary”. Information disclosed orally will not be considered proprietary unless such information is reduced to writing by the disclosing Party and a copy is delivered to the other Party within thirty (30) business days after such oral disclosure. The writing will also state the place, date and person(s) to whom disclosure was made.
26.3 Each Party agrees that it will not disclose any Proprietary Information of the other Party in whole or in part, including derivations, to any third party for a period of three (3) years from the date of disclosure unless the Parties agree to modify this Agreement to provide for a different nondisclosure period for specific materials. Neither Party will be liable for inadvertent or accidental disclosure of Proprietary Information of the other Party provided that:
26.3.1 each Party uses at least the same degree of care in safeguarding such Proprietary Information as it uses for its own proprietary information of like importance, and such degree of care will be reasonably calculated to prevent such inadvertent disclosure;
26.3.2 it limits access to such Proprietary Information to its employees and agents who are directly involved in the consideration of the Proprietary Information and informs its employees and agents who have access to such Proprietary Information of its duty not to disclose; and
26.3.3 upon discovery of any such inadvertent disclosure of Proprietary Information, it will endeavor to prevent any further inadvertent disclosure.
26.4 Information will not be deemed proprietary and the receiving Party will have no obligation with respect to any such information which:
26.4.1 is or becomes publicly known through no wrongful act, fault or negligence of the receiving Party; or
26.4.2 was known by the receiving Party or by any other affiliate or subsidiary of the receiving Party prior to disclosure, or is at any time developed by the receiving Party independently of any such disclosure; or
26.4.3 was disclosed to the receiving Party by a third party who was free of obligations of confidentiality to the disclosing Party; or
26.4.4 is disclosed or used by the receiving Party, not less than three (3) years following its initial disclosure or such other nondisclosure period as may be agreed in writing by the Parties; or
26.4.5 is approved for release by written authorization of the disclosing Party; or
26.4.6 is disclosed pursuant to a requirement or request of a governmental agency or disclosure is required by operation of law; or
26.4.7 is furnished to a third party by the disclosing Party without a similar restriction on the third party’s rights.
26.5 Since either Party may choose not to use or announce any services, products or marketing techniques relating to these discussions or information gained or exchanged during the discussions, both Parties acknowledge that one is not responsible or liable for any business decisions made by the other in reliance upon any disclosures made during any meeting between the Parties or in reliance on any results of the discussions. The furnishing of Proprietary Information to one Party by the other Party will not obligate either Party to enter into any further agreement or negotiation with the other.
26.6 Nothing contained in this Agreement will be construed as granting to one Party a license, either express or implied, under any patent, copyright, or trademark, now or hereafter owned, obtained, controlled, or which is or may be licensable by the other Party.
26.7 All publicity regarding this Agreement and its Attachments is subject to the Parties’ prior written consent.
26.8 Unless otherwise agreed upon, neither Party will publish or use the other Party’s name, language, pictures, or symbols from which the other Party’s name may be reasonably inferred or implied in any advertising, promotion, or any other publicity matter relating directly or indirectly to this Agreement.
CONFIDENTIALITY AND PRIVACY POLICIES AND LAWS The Contractor shall comply to the extent applicable with all State and Authorized User policies regarding compliance with various confidentiality and privacy laws, rules and regulations, including but not limited to the IRS Publication 1075, Family Educational Rights and Privacy Act (FERPA), the Health Insurance and Portability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Contractor shall cooperate in executing a written confidentiality agreement under FERPA and/or a Business Associate Agreement (HIPAA/HITECH) or other contractual provisions upon request by the State or any Authorized User.
Confidentiality and Publication 7.1 Except as provided herein, each party shall maintain in confidence during the term of this Agreement and for seven (7) years thereafter, and shall not use for any [*] Certain information on this page has been omitted and filed separately with the Commission. Confidential treatment has been requested with respect to the omitted portions. purpose or disclose to any third party, any Technology or other information disclosed by the other party in writing and marked "Confidential" or that is disclosed orally and confirmed in writing as confidential within forty-five (45) days following such disclosure (collectively, 'CONFIDENTIAL INFORMATION'), except to the extent that any such Confidential Information -
(a) is at the time of being so provided or after that time through no fault of the party to whom it was so provided becomes public knowledge; or
(b) was lawfully available on a non-confidential basis to the party to whom it was so provided before that time; or
(c) can be shown by the party to whom it was so provided to have been independently produced by that party without any use of such confidential information provided to it by the other party; or
(d) is made available to the party to whom it was so provided otherwise than in breach of an obligation of confidentiality owed to the other party.
7.2 The results of the Project may be made public by either party (or, in the case of ICRT, by ICRF) except to the extent that -
(a) publication would include any Confidential Information of the other party; or
(b) publication would prejudice the obtaining of patent protection for an invention constituting Project Technology, or the commercial exploitation of any unpatented or unpatentable Project Technology which remains unpublished.
7.3 To allow time for review of any proposed disclosure of any subject matter which may be precluded from being made public under clause 7.2, each of ICRT and Introgen shall provide to the other -
(a) a copy of any manuscript disclosing any results of the Project not less than 45 days notice before submitting the manuscript for publication; and
(b) a copy of any slides to be used in an oral presentation disclosing any results of the Project together with an outline of the presentation not less than 20 working days before making any such oral presentation.
7.4 The party receiving any such material pursuant to clause 7.3 shall promptly and in any event prior to the proposed date of submission for publication review the proposed disclosure and notify the other party in writing of its conclusions, failing which the other party shall be free to make the proposed disclosure.
7.5 If in the reasonable opinion of the party receiving the material the proposed disclosure does not include subject matter which is precluded from being made public under clause 7.2, it shall promptly notify the other party which shall thereupon be free to make the proposed disclosure.
7.6 If in the reasonable opinion of either party -
(a) the proposed disclosure includes subject matter which is precluded from being made public under clause 7.2 and which is patentable, neither party shall publish or otherwise disclose the material in question for a period of three months from the date on which the relevant material was received by the party in question and, if a patent application is made within that period of three months, for a further period as agreed but in any event not exceeding a total of 18 months from that date (including such period of three months), following which the other party shall be free to make the proposed disclosure; or
(b) the proposed disclosure includes unpatented (or unpatentable) Project Technology which that party wishes to maintain as unpublished and which
(c) the proposed disclosure includes Confidential Information of the reviewing party, the disclosing party shall remove such Confidential Information prior to such disclosure.
7.7 Notwithstanding the foregoing provisions of this clause 7 above, the receiving party may use or disclose Confidential Information of the disclosing party
(a) to the extent necessary to exercise its rights hereunder (including providing such information to bona fide licensees or prospective licensees as contemplated by this Agreement or otherwise and to potential investors or partners on reasonable terms of confidentiality) or to fulfil its obligations and/or duties hereunder;
(b) in filing for, prosecuting or maintaining any proprietary rights, prosecuting or defending litigation; and
(c) in complying with applicable governmental regulations and/or submitting information to tax or other governmental authorities; or as otherwise required by law; provided that if the receiving party is required by law to make any public disclosures of Confidential Information of the disclosing party then, to the extent it may legally do so, it shall give reasonable advance notice to the disclosing party of such disclosure and shall use its reasonable efforts to secure confidential treatment of
Confidentiality and Ownership The Executive acknowledges and agrees that the Confidential Information (as defined in Paragraph 5(A) below) is the property of the Corporation, its subsidiaries and affiliates. Accordingly, the Executive agrees as follows:
Confidentiality and Proprietary Information 9.1 For the purposes of this Agreement, Confidential Information (“Confidential Information”) means confidential or proprietary technical or business information given by one Party (the “Discloser”) to the other (the “Recipient”). All information which is disclosed by one Party to the other in connection with this Agreement, during negotiations and the term of this Agreement will not be deemed Confidential Information to the Discloser and subject to this Section 9, unless the confidentiality of the information is confirmed in writing by the Discloser prior to disclosure. The Recipient agrees (i) to use Confidential Information only for the purpose of performing under this Agreement, (ii) to hold it in confidence and disclose it to no one other than its employees having a need to know for the purpose of performing under this Agreement, and (iii) to safeguard it from unauthorized use or disclosure using at least the same degree of care with which the Recipient safeguards its own Confidential Information. If the Recipient wishes to disclose the Discloser's Confidential Information to a third-party agent or consultant, such disclosure must be agreed to in writing by the Discloser, and the agent or consultant must have executed a written agreement of nondisclosures and nonuse comparable in scope to the terms of this section.
9.2 The Recipient may make copies of Confidential Information only as reasonably necessary to perform its obligations under this Agreement. All such copies will be subject to the same restrictions and protections as the original and will bear the same copyright and proprietary rights notices as are contained on the original.
9.3 The Recipient agrees to return all Confidential Information in tangible form received from the Discloser, including any copies made by the Recipient, within thirty (30) days after a written request is delivered to the Recipient, or to destroy all such Confidential Information if directed to do so by Discloser except for Confidential Information that the Recipient reasonably requires to perform its obligations under this Agreement; the Recipient shall certify destruction by written letter to the Discloser. If either Party loses or makes an unauthorized disclosure of the Party’s Confidential Information, it will notify such other Party immediately and use its best efforts to retrieve the lost or wrongfully disclosed information.
9.4 The Recipient shall have no obligation to safeguard Confidential Information: (i) which was in the possession of the Recipient free of restriction prior to its receipt from the Discloser; (ii) after it becomes publicly known or available through no breach of this Agreement by the Recipient; (iii) after it is rightfully acquired by the Recipient free of restrictions on its discloser; (iv) after it is independently developed by personnel of the Recipient to whom the Discloser's Confidential Information had not been previously disclosed. In addition, either Party will have the right to disclose Confidential Information to any mediator, arbitrator, state or federal regulatory body, or a court in the conduct of any mediation, arbitration or approval of this Agreement, as long as, in the absence of an applicable protective order, the Discloser has been previously notified by the Recipient in time sufficient for the Recipient to undertake all lawful measures to avoid disclosing such confidential information and for Discloser to have reasonable time to seek or negotiate a protective order before or with any applicable mediator, arbitrator, state or regulatory body or a court.
9.5 The Parties recognize that an individual End User may simultaneously seek to become or be a customer of both Parties. Nothing in this Agreement is intended to limit the ability of either Party to use customer specific information lawfully obtained from End Users or sources other than the Discloser.
9.6 Each Party’s obligations to safeguard Confidential Information disclosed prior to expiration or termination of this Agreement will survive such expiration or termination.
9.7 No license is hereby granted under any patent, trademark, or copyright, nor is any such license implied solely by virtue or the disclosure of any Confidential Information.
9.8 Each Party agrees that the Discloser may be irreparably injured by a disclosure in breach of this Agreement by the Recipient or its representatives and the Discloser will be entitled to seek equitable relief, including injunctive relief and specific performance, in the event of any breach or threatened breach of the confidentiality provisions of this Agreement. Such remedies will not be deemed to be the exclusive remedies for a breach of this Agreement, but will be in addition to all other remedies available at law or in equity.
Confidentiality and Data Security (a) The Custodian agrees to keep confidential, and to cause its employees and agents to keep confidential, all records of the Funds and information relating to the Funds, including without limitation information as to their respective shareholders and their respective portfolio holdings, unless the release of such records or information is made (i) in connection with the services provided under this Agreement, (ii) at the written direction of the applicable Fund or otherwise consented to, in writing, by the respective Funds, (iii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Custodian has determined, on the advice of counsel, that it is required to comply, or (iv) where the Custodian has determined, on the advice of counsel, that the failure to release such information would expose the Custodian to civil or criminal contempt proceedings; provided in the case of clause (iii) or (iv) the Custodian provides the applicable Fund written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Section 10(a), or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement. Notwithstanding the foregoing but subject to Section 10(d), (1) the Custodian may use information regarding the Funds in connection with certain functions performed on a centralized basis by the Custodian, its affiliates or its or their service providers (including audit, accounting, risk, legal, compliance, sales, administration, product communication, relationship management, compilation and analysis of customer-related data and storage) and disclose such information to its affiliates and to its or their service providers who are subject to the confidentiality obligations hereunder with respect to such information, but only for the purpose of servicing the Funds in connection with the relationship contemplated by this Agreement or providing additional services to the Funds, and (2) the Custodian may aggregate Fund or Portfolio data with similar data of other customers of the Custodian (“Aggregated Data”) and may use Aggregated Data so long as such Aggregated Data represents such a sufficiently large sample that no Fund or Portfolio data can be identified either directly or by inference or implication.
(b) Each Fund agrees to keep confidential all information obtained hereunder relating to the Custodian’s business (it being understood, however, that the existence and the terms of this Agreement are required to be publicly disclosed by the Funds), unless the release of such records or information is (i) necessary to facilitate the receipt of services provided under this Agreement, (ii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Fund has determined, on the advice of counsel, that it is required to comply, or (iii) where the Fund has determined, on the advice of counsel, that the failure to release such information would expose the Fund to civil or criminal contempt proceedings; provided in the case of clause (ii) or (iii) the Fund provides the Custodian written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Agreement, or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement.
(c) Notwithstanding any provision herein to the contrary, each party hereto agrees that any Nonpublic Personal Information, as defined under Section 248.3(t) of Regulation S-P (“Regulation S-P”), promulgated under the Xxxxx-Xxxxx-Xxxxxx Act (the “GLB Act”), disclosed or otherwise made accessible by a party hereunder is for the specific purpose of permitting the other party to perform its duties as set forth in this Agreement. Each party agrees that, with respect to such information, it will comply with Regulation S-P and the GLB Act and that it will not disclose any Nonpublic Personal Information received in connection with this Agreement to any other party, except to the extent necessary to carry out the services set forth in this Agreement or as otherwise permitted by Regulation S-P or the GLB Act.
(d) Without limiting the generality of Section 10(a) hereof, the Custodian acknowledges and agrees that the Funds are prohibited by law from making selective public disclosure of information regarding portfolio holdings, that disclosure of any and all such information to the Custodian hereunder is made strictly under the conditions of confidentiality set forth in Section 10(a) hereof and solely for the purposes of the performance of custodial services hereunder, that any unauthorized disclosure or misuse of such information (including by the Custodian or any of its employees or agents, or any trading on the basis of such information by anyone in receipt of such information) may constitute a criminal offense of trading on or tipping of material inside information regarding publicly traded securities, that access to any and all such information regarding portfolio holdings of the Funds shall be restricted to those persons needing such information in the course of the performance of duties hereunder, and that the Custodian shall apprise all such persons having access of the obligation hereunder and under applicable law to prevent unauthorized disclosure of such confidential information.
(e) The parties acknowledge and agree that any breach of Section 10(a) hereof would cause not only financial damage, but irreparable harm to the other party, for which money damages will not provide an adequate remedy. Accordingly, in the event of a breach of Section 10(a) hereof, the non-breaching party shall (in addition to all other rights and remedies it may have pursuant to this Agreement, including without limitation Section 8(g) hereof, and at law and in equity) be entitled to an injunction, without the necessity of posting any bond or surety, to restrain disclosure or misuse, in whole or in part, of any information in violation of Section 10(a) hereof.
(f) The Custodian will implement and maintain a written information security program (the “Security Program”) that contains appropriate security measures designed to safeguard confidential records and information of the Funds consistent with applicable statutes, laws, rules and regulations, and definitive and binding guidance or interpretations by applicable authorities of any of the foregoing from time to time, including without limitation the personal information of the Funds’ shareholders, employees, trustees, directors and/or officers that the Custodian receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), plus (a) social security number, (b) driver’s license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account with the Custodian. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
(g) The Security Program shall have administrative, technical and physical safeguards, appropriate to the type of information concerned, designed: (i) to maintain the security and confidentiality of records and information of the Funds; (ii) to protect against anticipated threats or hazards to the security or integrity of such records and information; and (iii) to protect against unauthorized access to or use of such records and information. The Custodian shall develop, implement and maintain, at its sole expense, a system or methodology to audit for compliance with the requirements of the preceding sentence that is consistent with the SOC controls framework. Such safeguards will include, but shall not be limited to, virus protection, password protection and encryption of data in transmission at a minimum standard of AES 256. The Custodian will provide the Fund, at least annually, with the most recent SOC reports of its systems and methodologies prepared by an independent third party, and will provide executive summaries of its most recent penetration and ethical hack testing of its internet-facing environment relevant to the systems used to provide services under this Agreement (in the form generally provided by the Custodian to other similarly situated customers of services similar to the services provided under this Agreement), as conducted by a qualified, independent third party selected by the Custodian. The Custodian shall maintain books and records sufficient to demonstrate its compliance with the terms of this Section 10(g).
(h) Upon reasonable notice to the Custodian, the Custodian will arrange for its relevant subject matter experts to meet with the relevant subject matter experts of the Funds once annually and at such other times as the Funds may reasonably request to review the Custodian’s security controls and any deficiencies identified in the SSAE-18 audit reports, and for the Custodian to review with the Funds the penetration testing results and provide such additional information concerning the penetration tests as the Custodian determines to be prudent. At such meeting, the Funds may view the Custodian’s security-related policies and procedures; however, no documentation may be copied, shared, transmitted or removed from the Custodian’s premises, except as mutually agreed. In the event that the Funds identify any control deficiencies, the Custodian will discuss such findings with the Funds and will use reasonable efforts to develop a mutually agreeable remediation plan. All nonpublic documentation and information disclosed to the Funds in accordance with this Section 10(h) shall be deemed proprietary and confidential information of the Custodian. The Funds shall not disclose such documentation or information to any third party (except to the extent permitted, necessary or required pursuant to Section 10(b)) or use it for any purpose other than evaluating the Custodian’s security controls, except that the Funds may disclose the Custodian’s SSAE-18 summary to the Funds’ external auditors provided that such external auditors are required to maintain the confidentiality of the summary and any related information.
(i) In the event of any actual or reasonably suspected, based on Custodian’s experience, breach of security of its systems resulting in the actual, probable or reasonably suspected unauthorized access to or acquisition, use, loss, destruction, compromise or disclosure of any of the confidential records or information of a Fund (each, a “Security Breach”), upon learning of the Security Breach, the Custodian shall notify such Fund as promptly as reasonably possible of the relevant facts related to such Security Breach then known to the Custodian, and of additional relevant facts promptly after they become known to the Custodian, in the manner provided in Section 12 hereof and also by sending notice to xxxxxxxxxxxxx@xxxxxxxxx.xxx and/or such other electronic mail address or addresses as a Fund may specify by written notice to the Custodian. The Custodian shall at its sole cost: (i) promptly investigate such Security Breach; (ii) resolve or mitigate the vulnerability that facilitated the Security Breach to the extent possible; (iii) restore any lost or damaged data using generally accepted data restoration techniques; and (iv) conduct a root cause analysis to provide the Fund with a summary of the findings and actions taken to prevent recurrence of such Security Breach. If a Security Breach occurs with respect to personal information in the possession or under the control of the Custodian or any of its affiliates, subsidiaries, agents or employees the Custodian shall be responsible for each Fund’s reasonable costs associated with responding to such Security Breach, including, but not limited to, the costs of notifying affected individuals and taking any remedial action required by applicable statutes, laws, rules and regulations and any such other remedial action that the Custodian reasonably deems necessary (with due regard for industry standards, if any).
(j) If the Custodian uses any subsidiary or affiliate or, pursuant to Section 2.6(a), agent to perform the duties assigned to the Custodian by this Agreement, such subsidiary, affiliate or agent shall have appropriate controls in place to meet the objectives of this Section 10, and the Custodian shall exercise oversight over each such subsidiary, affiliate or agent to ensure ongoing compliance with the objectives of this Section 10. The Custodian will require each Foreign Sub-Custodian that it engages to provide services under this Agreement to establish and maintain reasonably designed safeguards and controls against the unauthorized access to and use of Fund data and information.
Confidentiality; Access to Information (a) Each Preferred Member (other than the FRBNY which is bound by that certain Nondisclosure Agreement by and among AIG and the FRBNY and dated as of September 25, 2008 (the “Nondisclosure Agreement”) or any Permitted Transferee of the FRBNY and any Observers who executed a joinder to the Nondisclosure Agreement or who are otherwise bound thereto), and any Observer not otherwise bound by the Nondisclosure Agreement, agrees to keep confidential, and not to disclose to any Person, any matter relating to the Company or any of its Affiliates, or their respective affairs (other than disclosure to such Preferred Member’s advisors responsible for matters relating to the Company and who reasonably need to know such information in order to perform such responsibilities (each such Person being hereinafter referred to as an “Authorized Representative”)); provided, however, that such Preferred Member or any of its Authorized Representatives may make such disclosure, subject to applicable Law, to the extent that (i) the information being disclosed is in connection with such Preferred Member’s tax returns or concerns the tax structure or tax treatment of the Company or its transactions, (ii) such disclosure is to any officer, director, shareholder or partner of such Preferred Member, (iii) the information being disclosed is otherwise generally available to the public, (iv) such disclosure is requested by any governmental body, agency, official or authority having jurisdiction over such Preferred Member, (v) such disclosure, based upon the advice of legal counsel of such Preferred Member or Authorized Representative, is otherwise required by applicable Law or statute or (vi) such disclosure is made to any Permitted Transferee or Third Party in connection with any proposed Transfer of Securities, which Permitted Transferee or Third Party is subject to a confidentiality agreement for the benefit of the Company with terms no less protective than this Section 7.05(a). Prior to making any disclosure described in clause (iv) or (v) of this Section 7.05(a), a Preferred Member (other than the FRBNY or any Permitted Transferee thereof) shall notify the Board of Managers of such disclosure and of such advice of counsel. Each Preferred Member (other than the FRBNY or any Permitted Transferee thereof) shall use all reasonable efforts to cause each of its Authorized Representatives to comply with the obligations of such Preferred Member under this Section 7.05(a). In connection with any disclosure described in clause (iv) or (v) above, the disclosing Preferred Member shall cooperate with the Company in seeking any protective order or other appropriate arrangement as the Board of Managers may request.
(b) Each of the AIG Member and the Company hereby agrees to provide, or cause to be provided, to the Comptroller General of the United States (the “Comptroller General”), upon request, access to information, data, schedules, books, accounts, financial records, reports, files, electronic communications, or other papers, things or property that relate to assistance provided by the FRBNY pursuant to any action taken by the Board of Governors of the Federal Reserve System (the “Board of Governors”) under section 13(3) of the Federal Reserve Act (12 U.S.C. § 343), to the extent required by, and in accordance with the provisions of, 31 U.S.C. § 714(d)(3) (as added by section 801 of the Helping Families Save Their Homes Act of 2009, Pub. L. No. 111-22 (the “Helping Families Act”)). The parties hereby acknowledge that the Helping Families Act provides that, subject to certain exceptions enumerated in 31 U.S.C. § 714(c)(4) (as amended), an officer or an employee of the U.S. Government Accountability Office (the “GAO”) (including the Comptroller General) may not disclose to any person outside the GAO information obtained in audits or examinations conducted under 31 U.S.C. § 714(e) (as amended) and maintained as confidential by the Board of Governors or a Federal Reserve bank (including the FRBNY).
Confidentiality and Security Section 1: Service Provider agrees that all of its employees, contractors, subcontractors, or associates will comply with all state and federal law and with TJJD policies regarding maintaining the confidentiality of TJJD youth, including, but not limited to, maintaining confidentiality of student records and identifying information.
Section 2: Service Provider agrees that all information regarding TJJD and/or its youth that is gathered, produced, or otherwise derived from this contract shall remain confidential and subject to release only by permission of TJJD.
Section 3: Service Provider’s employees, contractors, subcontractors, or associates who visit any TJJD facility will comply with that facility's security regulations.
Section 4: Identifying pictures, appearances, films, or reports of TJJD youth may not be disclosed by Service Provider without the written consent of TJJD, of the youth and, if under age 18, of the youth’s parent, guardian, or managing conservator.
