Data and Data Security Sample Clauses

Data and Data Security. 7.1. Each party retains ownership of its Data. 7.2. Except as required by law, neither party must, and must ensure that its Personnel will not: A. use the Data belonging to the other party for any purpose other than the performance of its obligations under this Agreement; or B. sell, commercially exploit, let for hire, assign rights in or otherwise dispose of any Data. or C. Make the other party’s Data available to a third party including another government agency or body, other than an approved Subcontractor, and only to the extent required under this Agreement.
AutoNDA by SimpleDocs
Data and Data Security. (a) As between Licensor and Licensee, (i) Licensor is the owner of all Hilton Data and (ii) Licensee is the owner of all Licensee Data. Unless otherwise specified, to the extent that any data may fall within the definitions of both Hilton Data and Licensee Data, the use by a Party of such data shall be in accordance with the rights and restrictions applicable to data owned by such Party, without regard to the restrictions applicable to the same data to the extent owned by the other Party. (b) Subject to all terms and conditions herein, including this Section 14.2(b), Licensor grants to Licensee during the Term a limited, non-transferable right to use the Hilton Data: (i) to engage in the promotion of the Licensed Vacation Ownership Business and (ii) for research and analysis in furtherance of Licensee’s internal business purposes, in each case solely in connection with Licensee’s operation of the Licensed Vacation Ownership Business. Except as otherwise expressly set forth herein, Licensee shall not use the Hilton Data (including in aggregate form) for any purpose. Without limiting the generality of the foregoing, in no event shall Hilton Data (including in aggregate form) be disclosed, sold, assigned, leased or otherwise provided to third parties (including any Licensee Parties) by Licensee except as otherwise expressly permitted herein or with Licensor’s prior written consent. Notwithstanding the above rights, Licensor is not required to provide any Hilton Data to Licensee to the extent such provision would result in Licensor’s violation of any applicable Laws, Privacy Policies or Data Security Policies. (c) Licensee’s Systems and Licensee’s use of Hilton Data, whether acquired, obtained or developed prior to or after the Effective Date shall at all times comply with: (i) this Agreement, all applicable Laws, the Standards and Agreements and best practices in the industry; and (ii) Licensee’s own Privacy Policies and Data Security Policies. Licensee shall provide to Licensor all of its policies and procedures with respect to the Licensee Systems as of the Effective Date and will not materially change same without Licensor’s prior written consent. Licensee may not share or disclose Hilton Data to any third party vendor, or agent of Licensee without Licensor’s prior written consent. Licensee shall ensure that its third-party vendors that operate, host or otherwise have access to Licensee Systems or Hilton Data also comply with the above applicable Laws, the...
Data and Data Security. 7.1. Each party retains ownership of its Data. 7.2. Except as required by law, neither party must ensure that its Personnel will not: A. use the Data belonging to the other party for any purpose other than the performance of its obligations under this Agreement B. sell, commercially exploit, let for hire, assign rights in or otherwise dispose of any Data; or Each party must establish and maintain safeguards against the destruction, loss or alteration of either party’s Data in the possession or control of that party which are is consistent with and no less rigorous than those maintained by either party to secure its own data; and comply with all applicable laws and policies. In particular, the Parties will ensure the secure transmission and storage of data, at standards no less than those recommended by Cyber Security NSW.
Data and Data Security. (b) of the Existing Agreement is hereby deleted and replaced with the following: “Subject to all terms and conditions herein, including this Section 14.2(b), Licensor grants to Licensee during the Term a limited, nontransferable right to use the Hilton Data: (i) to engage in the promotion of the Licensed Vacation Ownership Business and (ii) for research and analysis in furtherance of Licensee’s internal business purposes, in each case solely in connection with Licensee’s operation of the Licensed Vacation Ownership Business. Except as otherwise expressly set forth herein, Licensee shall not use the Hilton Data (including in aggregate form) for any purpose. Without limiting the generality of the foregoing, in no event shall Hilton Data (including in aggregate form) be: (x) disclosed, sold, assigned, leased or otherwise provided to any Hilton Competitors or other third parties (including any non-Subsidiary Licensee Parties and Separate Operations) by Licensee, or (y) used by Licensee in the promotion or operation of any Separate Operation (including any Diamond Property or Bluegreen Property) unless and until such property has been converted to a Licensed Vacation Ownership Property in accordance with the terms of the Existing Agreement, in each case except as otherwise expressly permitted pursuant to the Existing Agreement or this Amendment or with Licensor’s prior written consent. Notwithstanding the above rights, Licensor is not required to provide any Hilton Data to Licensee to the extent such provision would result in Licensor’s violation of any applicable Laws, Privacy Policies or Data Security Policies.”
Data and Data Security. 7.1 NCR Voyix has implemented reasonable and appropriate security policies and procedures designed to protect the security of Company Data and Customer Data in NCR Voyix’s possession, and to prevent the unauthorized access, use, storage, and disposal of such data. Such policies and procedures include: (a) maintaining an appropriate level of physical security controls over its data center including, but not limited to, appropriate alarm systems, fire suppression, and access controls (including off-hour controls); (b) periodically testing its systems for security breach vulnerabilities; and (c) using commercially reasonable efforts to protect its systems from unauthorized access, including the use of firewalls and, where appropriate, data encryption technologies. Company Data and Customer Data may be subject to regulations and examination by auditors and regulatory agencies. NCR Voyix will use reasonable efforts to prevent the disclosure of Company Data and Customer Data to third parties and its employees who do not have a need to know, but may disclose it to the extent compelled by process of law, provided that Company is given notice (unless providing such notice is prohibited by law). Notwithstanding the foregoing, Company acknowledges that NCR Voyix cannot guarantee that unauthorized third parties will never be able to defeat these measures or use Company Data and Customer Data for improper purposes. 7.2 Company Data and Customer Data will remain Company’s property. Company is responsible for the content of Company Data and Customer Data and for its compliance with any Privacy Laws, regulations (including without limitation Payment Card Industry standards), or other legal duties applicable to its possession, transmission, processing, or use of Company Data and Customer Data, including providing appropriate notifications and communications to, and managing any complaints from, Data Subjects. NCR Voyix will take steps designed to ensure that the Company Data and Customer Data it collects is used for its intended purpose. 7.3 Company grants NCR Voyix a perpetual, non-exclusive, irrevocable, sub-licensable, transferrable license to use Company Data and Customer Data: (a) to provide the NCR Voyix Product and the Platform as well as related products, software, materials and services under this Agreement or another agreement between Company and NCR Voyix; (b) for product and service enhancements, as well as research and development purposes; and (c) after it ha...
Data and Data Security. In the Course Portal, Agency will have access to certain information about Enrolled Agency Clients, which may include: names and addresses, phone number, date of birth, gender, marital and education status, veteran and disabled status, number and dependents living in the household, income information, race and ethnicity information, home purchase steps completed, first time homebuyer and first generation homebuyer status, and Course information (collectively, the “Enrolled Agency Client Information”). Agency shall at all times provide industry DocuSign Envelope ID: 29AC90C7-19F8-4798-B006-279A30CF74C4 standard security measures to ensure that all Enrolled Agency Client Information that is accessed or accessible by Agency is maintained and used (a) in compliance with applicable law, (b) only in connection with uses specified immediately below, and (c) in a manner that prevents the unauthorized disclosure of, unauthorized use of, unauthorized access to, misappropriation of, loss of, or alteration of any Enrolled Agency Client Information while it is directly or indirectly in the possession or control of Agency. Such security measures shall include, without limitation, taking those steps Agency would take to protect the confidentiality of its own most valuable confidential information and implementing and maintaining appropriate administrative, technical and physical safeguards to protect against reasonably anticipated threats or hazards to the privacy, security, integrity and/or confidentiality of Enrolled Agency Client Information. Agency shall notify Framework immediately of any known or suspected security breaches or holes. As between Framework and Agency, Framework shall be the owner of the Enrolled Agency Client Information. The Enrolled Agency Client Information may only be used by Agency (i) to make contact with the subject Enrolled Agency Clients in direct connection with the counseling services being provided to them by Agency, and (ii) for the preparation and filing of any reports required by applicable law. Agency shall never use, or enable another person or organization to use, any of the Enrolled Agency Client Information for any commercial purpose, including without limitation, for marketing, surveys, reviews, outreach, evaluations, or sales of products or services. Upon the termination of this Agreement, Agency shall maintain or dispose of the Enrolled Agency Client Information in its possession or control in compliance with applicable law and...
Data and Data Security 
AutoNDA by SimpleDocs

Related to Data and Data Security

  • Privacy and Data Security (a) In the prior three (3) years, the Company and its Subsidiaries have been in compliance with Privacy Laws, and in all material respects with (i) Contracts (or portions thereof) between the Company or its Subsidiaries and other Persons relating to Personal Data and (ii) applicable written policies, public statements and other public representations relating to the Processing of Personal Data, inclusive of all disclosures required by applicable Privacy Laws (“Privacy and Data Security Policies,” and together with Privacy Laws and such Contracts, “Privacy Commitments”). The execution, delivery and performance by the Company of this Agreement to which the Company is or will be a party, and the consummation of the transactions contemplated hereby or thereby, are not reasonably expected to, directly or indirectly, result in a violation of any Privacy Commitments that would be materially adverse to the Company and its Subsidiaries, taken as a whole. (b) In the prior three (3) years, the Privacy and Data Security Policies have at all times been maintained and made available to individuals in accordance with reasonable industry practices and as required by Privacy Laws, are accurate and complete and are not misleading or deceptive (including by omission). The practices of the Company or its Subsidiaries with respect to the Processing of Personal Data conform in all material respects to the Privacy and Data Security Policies that govern such Personal Data. (c) There is (and in the prior three years there has been) no material Legal Proceeding pending or, to the Company’s knowledge, threatened against or involving the Company or its Subsidiaries initiated by any Person (including (i) the Federal Trade Commission, any state attorney general or similar state official, (ii) any other Governmental authority, foreign or domestic or (iii) any regulatory or self-regulatory entity) alleging that any Processing of Personal Data by or on behalf of the Company or its Subsidiaries is or was in violation of any Privacy Commitments. To the Company’s Knowledge, there are no facts, circumstances or conditions that would reasonably be expected to form the basis for any proceeding for any potential violation of any Privacy Commitments. (d) In the prior three (3) years, (i) there has been no unauthorized access to, or unauthorized use, disclosure, or Processing of Personal Data in the possession or control of the Company or its Subsidiaries or any of its contractors with regard to any Personal Data obtained from or on behalf of the Company or its Subsidiaries (“Security Incident”), (ii) there have been no unauthorized intrusions or breaches of security into any Company IT Systems, and (iii) none of the Company or any of its Subsidiaries has notified or been required to notify any Person of any (A) loss, theft or damage of, or (B) other unauthorized or unlawful access to, or use, disclosure or other Processing of, Personal Data, except, in each case of clauses (i), (ii), and (iii), as would not have a Company Material Adverse Effect. Each of the Company and its Subsidiaries has implemented commercially reasonable administrative, physical and technical safeguards, and ensures that its contractors processing Personal Data take such safeguards to protect the confidentiality, integrity and security of Personal Data against any Security Incident, including taking all reasonable steps to safeguard and back up Personal Data. (e) Each of the Company and its Subsidiaries owns or has a license or other right to use the Company IT Systems as necessary to operate the business of each the Company or its Subsidiaries as currently conducted. All Company IT Systems are (i) free from any defect, bug, virus or programming, design or documentation error and (ii) in sufficiently good working condition to effectively perform all information technology operations necessary for the operation of businesses of the Company and its Subsidiaries (except for ordinary wear and tear), except in each case of clauses (i) and (ii), as is not and would not reasonably be expected to be, individually or in the aggregate, material to the Company and its Subsidiaries, taken as a whole. In the prior three years, there have not been any material failures, breakdowns or continued substandard performance of any Company IT Systems that have caused a material failure or disruption of the Company IT Systems other than routine failures or disruptions that have been remediated in the Ordinary Course of Business. In the past three (3) years, there have been no (except to the extent completely remediated), and to the Company’s Knowledge, there are no material security deficiencies or vulnerabilities in the Company IT Systems.

  • Data Security The Provider agrees to utilize administrative, physical, and technical safeguards designed to protect Student Data from unauthorized access, disclosure, acquisition, destruction, use, or modification. The Provider shall adhere to any applicable law relating to data security. The provider shall implement an adequate Cybersecurity Framework based on one of the nationally recognized standards set forth set forth in Exhibit “F”. Exclusions, variations, or exemptions to the identified Cybersecurity Framework must be detailed in an attachment to Exhibit “H”. Additionally, Provider may choose to further detail its security programs and measures that augment or are in addition to the Cybersecurity Framework in Exhibit “F”. Provider shall provide, in the Standard Schedule to the DPA, contact information of an employee who XXX may contact if there are any data security concerns or questions.

  • Data Privacy and Security Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds' shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer's reasonable requests for information concerning Bank's information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank's discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the points included in the questionnaire). Customer acknowledges that certain information provided by Bank, including internal policies and procedures, may be proprietary to Bank, and agrees to protect the confidentiality of all such materials it receives from Bank. Bank agrees to resolve promptly any applicable control deficiencies that come to its attention that do not meet the standards established by federal and state privacy and data security laws, rules, regulations, and/or generally accepted industry standards related to Bank's information security program. Bank shall: (i) promptly notify Customer of any confirmed unauthorized access to personal information or other confidential information of Customer ("Breach of Security"); (ii) promptly furnish to Customer appropriate details of such Breach of Security and assist Customer in assessing the Breach of Security to the extent it is not privileged information or part of an investigation; (iii) reasonably cooperate with Customer in any litigation and investigation of third parties reasonably deemed necessary by Customer to protect its proprietary and other rights; (iv) use reasonable precautions to prevent a recurrence of a Breach of Security; and (v) take all reasonable and appropriate action to mitigate any potential harm related to a Breach of Security, including any reasonable steps requested by Customer that are practicable for Bank to implement. Nothing in the immediately preceding sentence shall obligate Bank to provide Customer with information regarding any of Bank's other customers or clients that are affected by a Breach of Security, nor shall the immediately preceding sentence limit Bank's ability to take any actions that Bank believes are appropriate to remediate any Breach of Security unless such actions would prejudice or otherwise limit Customer's ability to bring its own claims or actions against third parties related to the Breach of Security. If Bank discovers or becomes aware of a suspected data or security breach that may involve an improper access, use, disclosure, or alteration of personal information or other confidential information of Customer, Bank shall, except to the extent prohibited by Applicable Law or directed otherwise by a governmental authority not to do so, promptly notify Customer that it is investigating a potential breach and keep Customer informed as reasonably practicable of material developments relating to the investigation until Bank either confirms that such a breach has occurred (in which case the first sentence of this paragraph will apply) or confirms that no data or security breach involving personal information or other confidential information of Customer has occurred. For these purposes, "personal information" shall mean (i) an individual's name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver's license number, (c) state identification card number, (d) debit or credit card number, (e) financial account 22 number, (f) passport number, or (g) personal identification number or password that would permit access to a person's account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual's account. This provision will survive termination or expiration of the Agreement for so long as Bank or any Subcustodian continues to possess or have access to personal information related to Customer. Notwithstanding the foregoing "personal information" shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.

  • Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.

  • Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!