Data Protection and Cybersecurity. (a) For the purposes of this Section 6.24, the terms “controller,” “data subject,” “personal data,” “personal data breach,” “processor,” “processing” (and its cognates), and “special categories of personal data” shall have the meaning given to them in the GDPR.
Data Protection and Cybersecurity. (a) For the purposes of this Section 6.23 and Section 10.3, the terms “personal data breach” and “processing” (and its cognates) shall have the meaning given to them in the GDPR.
Data Protection and Cybersecurity. Administrator, by and through its affiliated companies, shall maintain and implement an information security program reasonably designed to safeguard the personal information of the Funds’ shareholders that Administrator receives, stores, maintains or processes in connection with the provision of services under this Agreement. The program will include written policies and procedures, systems and training relating to identity theft, fraud, data protection, business continuity and disruptions of service.
Data Protection and Cybersecurity. Adviser, by and through its affiliated companies, shall maintain and implement an information security program reasonably designed to safeguard the personal information of the Funds’ shareholders that Adviser receives, stores, maintains or processes in connection with the provision of services under this Agreement. The program will include written policies and procedures, systems and training relating to identity theft, fraud, data protection, business continuity and disruptions of service.
Data Protection and Cybersecurity. Transfer Agent, by and through its affiliated companies, shall maintain and implement an information security program reasonably designed to safeguard the personal information of the Funds’ shareholders that Transfer Agent receives, stores, maintains or processes in connection with the provision of services under this Agreement. The program will include written policies and procedures, systems and training relating to identity theft, fraud, data protection, business continuity and disruptions of service.
Data Protection and Cybersecurity. For the purposes of this Section 3.17, the terms “personal data,” “personal data breach,” “process” (and its derivatives) and “supervisory authority” shall have the meaning given to them in the GDPR. Except as would not reasonably be expected to have, individually or in the aggregate, an Aspen Material Adverse Effect: (a) Aspen and each of its Subsidiaries have complied with all applicable requirements of the Data Protection Laws; (b) Aspen and each of its Subsidiaries have implemented appropriate technical and organizational measures to keep personal data processed by or on behalf of Aspen and its Subsidiaries confidential in accordance with Applicable Law (including, for the avoidance of doubt, Data Protection Laws) and to protect such personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, as monitored through regular penetration tests and vulnerability assessments (including by remediating any and all identified vulnerabilities); and (c) neither Aspen nor any of its Subsidiaries has (i) suffered any personal data breach; (ii) received any written notice, request or other communication from any supervisory authority or any regulatory authority relating to a breach or alleged breach of their obligations under Data Protection Laws; or (iii) received any written claim or complaint from any data subject or other person claiming a right to compensation for failure to respond to any of their data subject rights requests or alleging any breach of Data Protection Laws.
Data Protection and Cybersecurity. For the purposes of this Section 4.15, the terms “personal data,” “personal data breach,” “process” (and its derivatives) and “supervisory authority” shall have the meaning given to them in the GDPR. Except as would not reasonably be expected to have, individually or in the aggregate, an Exxxxxx Material Adverse Effect: (a) the Exxxxxx Contributed Subsidiaries and, in respect of the Echo Business, Exxxxxx and each of its other Subsidiaries have complied with all applicable requirements of the Data Protection Laws; (b) each Exxxxxx Contributed Subsidiary and, in respect of the Echo Business, Exxxxxx and each of its other Subsidiaries have implemented reasonably appropriate technical and organizational measures to keep personal data processed by or on behalf of Exxxxxx and its Subsidiaries in respect of the Echo Business confidential in accordance with Applicable Law (including, for the avoidance of doubt, Data Protection Laws) and to protect such personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, as monitored through regular penetration tests and vulnerability assessments (including by remediating any and all identified vulnerabilities); and (c) none of the Exxxxxx Contributed Subsidiaries nor, in respect of the Echo Business, Exxxxxx nor each of its other Subsidiaries has (i) suffered any personal data breach; (ii) received any written notice, request or other communication from any supervisory authority or any regulatory authority relating to a breach or alleged breach of their obligations under Data Protection Laws; or (iii) received any written claim or complaint from any data subject or other person claiming a right to compensation for failure to respond to any of their data subject rights requests or alleging any breach of Data Protection Laws.
Data Protection and Cybersecurity. (a) Except as would not, individually or in the aggregate, have a Company Material Adverse Effect, (i) the Company and its Subsidiaries, and the Processing by them or, to the Company’s Knowledge, on their behalf of any Personal Information are, and since January 1, 2017 have been, in compliance with (A) all applicable Privacy Laws and, to the extent applicable, PCI DSS, (B) all applicable contractual obligations and (C) all policies of the Company and its Subsidiaries relating to Personal Information; (ii) there has been no unauthorized access to or breach, misuse or theft of any Personal Information Processed by the Company or any of its Subsidiaries, and, to the Company’s Knowledge, there has been no unauthorized access to, or breach, misuse or theft of any Personal Information Processed by Third Parties on behalf the Company or any of its Subsidiaries; (iii) each online site and mobile application of the Company and its Subsidiaries has posted terms of use and a privacy policy that materially comply with all applicable Privacy Laws and accurately reflects the Company’s and its Subsidiaries’ practices concerning the Processing of Personal Information collected by or through such site or mobile application; (iv) no disclosure of any data breach or network security breach, or any unauthorized access to, misuse of or theft of any Personal Information, has been or should have been made by the Company and its Subsidiaries under any applicable Privacy Law, to any Governmental Entity or affected Person; (v) each of the Company and its Subsidiaries, as applicable, has entered into a Business Associate Agreement with the applicable third party (to the extent required by, and in conformity with, HIPAA) in each instance where (A) the Company or such Subsidiary acts as a business associate (as defined in 45 C.F.R. § 160.103) to that third party, (B) that third party creates, receives, maintains or transmits protected health information (as defined in 45 C.F.R. § 160.103) from or on behalf of the Company or such Subsidiary or (C) that third party otherwise acts as a business associate to the Company or such Subsidiary, and each of the Company and its Subsidiaries has at all times been since January 1, 2017 in material compliance with any Business Associate Agreements to which it is a party; and (vi) the execution of this Agreement and the consummation of the transactions contemplated by this Agreement comply with all applicable Privacy Laws and contractual obligation...
Data Protection and Cybersecurity. (a) For the purposes of this Section 5.23, the terms “personal data”, “personal data breach”, “process” (and its cognates) and “supervisory authority” shall have the meanings given to them in applicable Data Protection Laws.
Data Protection and Cybersecurity. For the purposes of this Section 3.18, the terms “processing” (and its cognates) and “sell” shall have the meaning given to them in the CCPA.
