Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.
Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and its respective Subsidiaries may presently have and, after the Effective Time, may gain access to or possession of confidential or proprietary Information of, or personal Information relating to, Third Parties: (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or the other Party’s Subsidiaries, on the other hand, prior to the Effective Time or (ii) that, as between the two parties, was originally collected by the other Party or the other Party’s Subsidiaries and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause its Subsidiaries and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary Information of, or personal Information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or the other Party’s Subsidiaries, on the one hand, and such Third Parties, on the other hand.
Applicability of Data Privacy Protections In the event that Personal Information will be Processed by Supplier in connection with the performance under this Agreement (including any SOW), then and only then shall the provisions of this Section ‘Data Protection and Privacy’ be applicable. For the avoidance of doubt, the data security requirements contained in section ‘Information Security’ shall apply regardless of whether Personal Information is Processed under this Agreement or any SOW. All Personal Information obtained from or on behalf of DXC or in connection with performance pursuant to this Agreement shall be Processed and protected pursuant to this Section ‘Data Protection and Privacy’, the Section ‘Information Security’ and any other Sections of this Agreement that address Personal Information.
Customer Data 5.1 The Customer shall own all rights, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data. 5.2 The Supplier shall follow its archiving procedures for Customer Data as set out in its Back-Up Policy available at XxxxxXXX.xxx or such other website address as may be notified to the Customer as such document may be amended by the Supplier in its sole discretion from time to time the current version of which is set out at Schedule 3 of this Agreement. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier in accordance with the archiving procedure described in its Back-Up Policy. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up). 5.3 The Supplier shall, in providing the Services, comply with its Privacy and Security Policy as such document may be amended from time to time by the Supplier in its sole discretion. 5.4 If the Supplier processes any personal data on the Customer’s behalf when performing its obligations under this agreement, the parties record their intention that the Customer shall be the data controller and the Supplier shall be a data processor and in any such case: (a) the Customer shall ensure that the Customer is entitled to transfer the relevant personal data to the Supplier so that the Supplier may lawfully use, process and transfer the personal data in accordance with this agreement on the Customer's behalf; (b) the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation; (c) the Supplier shall process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by the Customer from time to time; and (d) each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage. 5.5 The Supplier and the Customer shall comply with their respective obligations as set out in Schedule 4 of this Agreement
Standard of Care/Limitations of Liability (a) Subject to the terms of this Section 10, PFPC Trust shall be liable to the Funds (or any person or entity claiming through the Funds) for damages only to the extent caused by PFPC Trust’s own intentional misconduct, bad faith, negligence or reckless disregard of its duties under this Agreement (“Standard of Care”). (b) Notwithstanding anything in this Agreement to the contrary (other than as specifically provided in Section 12(h)(ii)(B)(4) and Section 12(h)(iii)(A) of this Agreement), the Funds shall be responsible for all filings, tax returns and reports on any transactions undertaken pursuant to this Agreement, or in respect of the Property or any collections undertaken pursuant to this Agreement, which may be requested by any relevant authority. In addition, the Funds shall be responsible for the payment of all taxes and similar items (including without limitation penalties and interest related thereto). (c) PFPC Trust shall not be liable for damages (including without limitation damages caused by delays, failure, errors, interruption or loss of data) occurring directly or indirectly by reason of circumstances beyond its reasonable control, including without limitation: acts of God; action or inaction of civil or military authority; national emergencies; public enemy; war; terrorism; riot; fire; flood; catastrophe; sabotage; epidemics; labor disputes; civil commotion; interruption, loss or malfunction of utilities, transportation, computer or communications capabilities; insurrection; elements of nature; non-performance by a third party; failure of the mails; or functions or malfunctions of the internet, firewalls, encryption systems or security devices caused by any of the above. Should an event beyond PFPC Trust’s reasonable control occur, PFPC Trust will follow applicable procedures in its disaster recovery and business continuity plan and use commercially reasonable efforts to mitigate and minimize any service interruptions to the Funds. (d) PFPC Trust shall not be under any duty or obligation to inquire into and shall not be liable for the validity or invalidity, authority or lack thereof, or truthfulness or accuracy or lack thereof, of any instruction, direction, notice, instrument or other information which PFPC Trust reasonably believes to be genuine. PFPC Trust shall not be liable for any damages that are caused by actions or omissions taken by PFPC Trust in accordance with Written Instructions or the reasonable advice of counsel. PFPC Trust shall not be liable for any damages arising out of any action or omission to act by any prior service provider of the Funds or for any failure to discover any such error or omission. PFPC Trust shall not have responsibility for any anti-money laundering requirements to which the Funds are subject under applicable laws or regulations or under the Subscription Documents with any Portfolio Fund in which the Funds have invested. (e) PFPC Trust shall have no liability for any action by the Funds or by any of the Portfolio Funds that prevents or limits the redemption or other liquidation of the Property (including without limitation any action taken by any Portfolio Fund to suspend or curtail redemptions or to make distributions in kind, including distributions of illiquid investments). (f) Neither PFPC Trust nor its affiliates shall be liable for any consequential, incidental, exemplary, punitive, special or indirect damages, whether or not the likelihood of such damages was known by PFPC Trust or its affiliates. (g) No party may assert a cause of action against PFPC Trust or any of its Affiliates that allegedly occurred more than 24 months immediately prior to the discovery of such cause of action. (h) Each party shall have a duty to reasonably mitigate damages for which the other party may become responsible. (i) This Section 10 shall survive termination of this Agreement.
DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.
Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Customer Indemnity The Transfer Agent shall not be responsible for, and the Customer shall indemnify and hold the Transfer Agent harmless from and against, any and all claims, losses, damages, costs, charges, payments, expenses, liability and, court costs, fees and expenses of attorneys, expert witnesses, and other professionals reasonably acceptable to Customer arising out of or attributable to: (a) All actions of the Transfer Agent or its agents or subcontractors required to be taken pursuant to this Agreement, provided such actions are taken in good faith and without negligence or willful misconduct; (b) The Customer’s bad faith, negligence or willful misconduct or the material breach of any representation or warranty of the Customer hereunder; (c) The reliance or use by the Transfer Agent or its agents or subcontractors of information, records and documents which (i) are received by the Transfer Agent or its agents or subcontractors and furnished to it by or on behalf of the Customer, and (ii) have been prepared and /or maintained by the Customer or any other person or firm on behalf of the Customer; (d) The reliance or use by the Transfer Agent or its agents or subcontractors of any paper or document reasonably believed to be genuine and to have been signed by the proper person or persons including Shareholders; (e) The reliance on, or the carrying out by the Transfer Agent or its agents or subcontractors of any instructions or requests of the Customer’s representatives, provided such actions are taken in good faith and without negligence or willful misconduct; and (f) The offer or sale of Shares in violation of any federal or state securities laws requiring that such shares be registered or in violation of any stop order or other determination or ruling by any federal or state agency with respect to the offer or sale of such Shares.
Privacy of Customer Information Company Customer Information in the possession of the Agent, other than information independently obtained by the Agent and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of the Companies. Except in accordance with this Section 10.10, the Agent shall not use any Company Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, Customers, or disclose any Company Customer Information to any Person, including any of the Agent’s employees, agents or contractors or any third party not affiliated with the Agent. The Agent may use or disclose Company Customer Information only to the extent necessary (i) for examination and audit of the Agent’s activities, books and records by the Agent’s regulatory authorities, (ii) to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges or (iii) to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors), and for no other purpose; provided that the Agent may also use and disclose the Company Customer Information as expressly permitted by the relevant Company in writing, to the extent that such express permission is in accordance with the Privacy Requirements. The Agent shall take commercially reasonable steps to ensure that each Person to which the Agent intends to disclose Company Customer Information, before any such disclosure of information, agrees to keep confidential any such Company Customer Information and to use or disclose such Company Customer Information only to the extent necessary to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges, or to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations, under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors). The Agent agrees to maintain an Information Security Program and to assess, manage and control risks relating to the security and confidentiality of Company Customer Information pursuant to such program in the same manner as the Agent does so in respect of their own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 CFR Parts 30, 208, 211, 225, 263, 308, 364, 568 and 570. Without limiting the scope of the foregoing sentence, the Agent shall use at least the same physical and other security measures to protect all Company Customer Information in the Agent’s possession or control as the Agent uses for their own customers’ confidential and proprietary information.
