No Reliance on Administrative Agent’s Customer Identification Program Each Lender acknowledges and agrees that neither such Lender, nor any of its Affiliates, participants or assignees, may rely on the Administrative Agent to carry out such Lender’s, Affiliate’s, participant’s or assignee’s customer identification program, or other obligations required or imposed under or pursuant to the USA Patriot Act or the regulations thereunder, including the regulations contained in 31 CFR 103.121 (as hereafter amended or replaced, the “CIP Regulations”), or any other Anti-Terrorism Law, including any programs involving any of the following items relating to or in connection with any of the Loan Parties, their Affiliates or their agents, the Loan Documents or the transactions hereunder or contemplated hereby: (i) any identity verification procedures, (ii) any recordkeeping, (iii) comparisons with government lists, (iv) customer notices or (v) other procedures required under the CIP Regulations or such other Laws.
Data Return and Destruction of Data (a) Protecting PII from unauthorized access and disclosure is of the utmost importance to the EA, and Contractor agrees that it is prohibited from retaining PII or continued access to PII or any copy, summary or extract of PII, on any storage medium (including, without limitation, in secure data centers and/or cloud-based facilities) whatsoever beyond the period of providing Services to the EA, unless such retention is either expressly authorized for a prescribed period by the Service Agreement or other written agreement between the Parties, or expressly requested by the EA for purposes of facilitating the transfer of PII to the EA or expressly required by law. As applicable, upon expiration or termination of the Service Agreement, Contractor shall transfer PII, in a format agreed to by the Parties to the EA.
(b) If applicable, once the transfer of PII has been accomplished in accordance with the EA’s written election to do so, Contractor agrees to return or destroy all PII when the purpose that necessitated its receipt by Contractor has been completed. Thereafter, with regard to all PII (including without limitation, all hard copies, archived copies, electronic versions, electronic imaging of hard copies) as well as any and all PII maintained on behalf of Contractor in a secure data center and/or cloud-based facilities that remain in the possession of Contractor or its Subcontractors, Contractor shall ensure that PII is securely deleted and/or destroyed in a manner that does not allow it to be retrieved or retrievable, read or reconstructed. Hard copy media must be shredded or destroyed such that PII cannot be read or otherwise reconstructed, and electronic media must be cleared, purged, or destroyed such that the PII cannot be retrieved. Only the destruction of paper PII, and not redaction, will satisfy the requirements for data destruction. Redaction is specifically excluded as a means of data destruction.
(c) Contractor shall provide the EA with a written certification of the secure deletion and/or destruction of PII held by the Contractor or Subcontractors.
(d) To the extent that Contractor and/or its subcontractors continue to be in possession of any de-identified data (i.e., data that has had all direct and indirect identifiers removed), they agree not to attempt to re-identify de-identified data and not to transfer de-identified data to any party.
Prevention or Delay of Performance by the Company or the Depositary Neither the Depositary nor the Company nor any of their respective directors, employees, agents or affiliates shall incur any liability to any Owner or Holder:
(i) if by reason of (A) any provision of any present or future law or regulation or other act of the government of the United States, any State of the United States or any other state or jurisdiction, or of any governmental or regulatory authority or stock exchange; (B) (in the case of the Depositary only) any provision, present or future, of the articles of association or similar document of the Company, or any provision of any securities issued or distributed by the Company, or any offering or distribution thereof; or (C) any event or circumstance, whether natural or caused by a person or persons, that is beyond the ability of the Depositary or the Company, as the case may be, to prevent or counteract by reasonable care or effort (including, but not limited to, earthquakes, floods, severe storms, fires, explosions, war, terrorism, civil unrest, labor disputes, criminal acts or outbreaks of infectious disease; interruptions or malfunctions of utility services, Internet or other communications lines or systems; unauthorized access to or attacks on computer systems or websites; or other failures or malfunctions of computer hardware or software or other systems or equipment), the Depositary or the Company is, directly or indirectly, prevented from, forbidden to or delayed in, or could be subject to any civil or criminal penalty on account of doing or performing and therefore does not do or perform, any act or thing that, by the terms of this Deposit Agreement or the Deposited Securities, it is provided shall be done or performed;
(ii) for any exercise of, or failure to exercise, any discretion provided for in this Deposit Agreement (including any determination by the Depositary to take, or not take, any action that this Deposit Agreement provides the Depositary may take);
(iii) for the inability of any Owner or Holder to benefit from any distribution, offering, right or other benefit that is made available to holders of Deposited Securities but is not, under the terms of this Deposit Agreement, made available to Owners or Holders; or
(iv) for any special, consequential or punitive damages for any breach of the terms of this Deposit Agreement. Where, by the terms of a distribution to which Section 4.1, 4.2 or 4.3 applies, or an offering to which Section 4.4 applies, or for any other reason, that distribution or offering may not be made available to Owners, and the Depositary may not dispose of that distribution or offering on behalf of Owners and make the net proceeds available to Owners, then the Depositary shall not make that distribution or offering available to Owners, and shall allow any rights, if applicable, to lapse.
Duties of Custodian with Respect to the Books of Account and Calculation of Net Asset Value and Net Income The Custodian shall cooperate with and supply necessary information to the entity or entities appointed by the applicable Board to keep the books of account of each Portfolio and/or compute the net asset value per Share of the outstanding Shares or, if directed in writing to do so by a Fund on behalf of a Portfolio, shall itself keep such books of account and/or compute such net asset value per Share. If so directed, the Custodian shall also calculate daily the net income of the Portfolio as described in the Prospectus and shall advise the Fund and the Transfer Agent daily of the total amounts of such net income and, if instructed in writing by an officer of the Fund to do so, shall advise the Transfer Agent periodically of the division of such net income among its various components. Each Fund acknowledges and agrees that, with respect to investments maintained with the Underlying Transfer Agent, the Underlying Transfer Agent is the sole source of information on the number of shares of a fund held by it on behalf of a Portfolio and that the Custodian has the right to rely on holdings information furnished by the Underlying Transfer Agent to the Custodian in performing its duties under this Agreement, including without limitation, the duties set forth in this Section 10 and in Section 11 hereof; provided, however, that the Custodian shall be obligated to reconcile information as to purchases and sales of Underlying Shares contained in trade instructions and confirmations received by the Custodian and to report promptly any discrepancies to the Underlying Transfer Agent. The calculations of the net asset value per Share and the daily income of each Portfolio shall be made at the time or times described from time to time in the Prospectus. Each Fund acknowledges that, in keeping the books of account of the Portfolio and/or making the calculations described herein with respect to Portfolio property released and delivered pursuant to Section 2.2(14), or purchased pursuant to Section 2.6(7) hereof, the Custodian is authorized and instructed to rely upon information provided to it by the Fund, the Fund’s counterparty(ies), or the agents of either of them.
Delegated Identity Theft Prevention Duties Terms in quotation marks in this Section shall have the meaning such terms are assigned in the Identity Theft Red Flag Rules under 16 CFR §681.2 issued by the Federal Trade Commission in November 2007, and replaced by 17 CFR Part 248 issued by the Securities and Exchange Commission on April 10, 2013 (in each case pursuant to the Fair and Accurate Credit Transactions Act of 2003 (the “FACT Act”)), as may be amended from time to time, and the implementing regulations (collectively, the “Rules”). In general, the term “Delegated Identity Theft Prevention Duties” encompasses the functions necessary to fulfill obligations that are imposed upon the Trust and the Fund by the Rules and that relate to information maintained or transactions processed by the Transfer Agent (collectively, the “Identity Theft Prevention Obligations”). Notwithstanding anything to the contrary herein or elsewhere, the Delegated Identity Theft Prevention Duties shall not include any identity theft prevention function related to an obligation of the Trust that is performed by any entity that is neither directly nor indirectly owned by FMR LLC (an “Unaffiliated Intermediary”) pursuant to a provision of a Selling Dealer Agreement, Bank Agency Agreement, or any other agreement between Fidelity Distributors Company LLC or any other entity directly or indirectly owned by FMR LLC and the Unaffiliated Intermediary. Where applicable, the Trust has appointed FIIOC to implement its written IDTPP, which is reasonably designed to comply with the Rules. The IDTPP includes the Delegated Identity Theft Prevention Duties and reflects the Fund’s practices for detecting, preventing and mitigating identity theft for covered accounts. Where applicable the Fund shall exercise appropriate oversight of FIIOC’s IDTPP activities through the Fund’s Program Officer (as that is defined in the IDTPP) or his/her delegates.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Fronting Fee and Documentary and Processing Charges Payable to L/C Issuer The Borrower shall pay directly to the L/C Issuer for its own account a fronting fee with respect to each Letter of Credit, at the rate per annum specified in the Fee Letter, computed on the daily amount available to be drawn under such Letter of Credit on a quarterly basis in arrears. Such fronting fee shall be due and payable on the tenth Business Day after the end of each March, June, September and December in respect of the most recently-ended quarterly period (or portion thereof, in the case of the first payment), commencing with the first such date to occur after the issuance of such Letter of Credit, on the Letter of Credit Expiration Date and thereafter on demand. For purposes of computing the daily amount available to be drawn under any Letter of Credit, the amount of such Letter of Credit shall be determined in accordance with Section 1.06. In addition, the Borrower shall pay directly to the L/C Issuer for its own account the customary issuance, presentation, amendment and other processing fees, and other standard costs and charges, of the L/C Issuer relating to letters of credit as from time to time in effect. Such customary fees and standard costs and charges are due and payable on demand and are nonrefundable.
Anti-Money Laundering and Identity Theft Prevention Related Duties Subject to the terms and conditions set forth herein, the Trust hereby delegates to the Transfer Agent the Delegated Anti-Money Laundering Duties and, where applicable, the Delegated Identity Theft Prevention Duties that are set forth in the Trust’s Anti-Money Laundering (“AML”) Program and Identity Theft Prevention Program (“IDTPP”) as described below. The Transfer Agent agrees to perform the Delegated Anti-Money Laundering Duties and the Delegated Identity Theft Prevention Duties, with respect to ownership of shares in the Fund for which the Transfer Agent maintains the applicable information subject to and in accordance with the terms and conditions of the Contract.
Data Protection Impact Assessment and Prior Consultation Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.
Certification of Funds; Budget and Fiscal Provisions; Termination in the Event of Non-Appropriation This Agreement is subject to the budget and fiscal provisions of the City’s Charter. Charges will accrue only after prior written authorization certified by the Controller, and the amount of City’s obligation hereunder shall not at any time exceed the amount certified for the purpose and period stated in such advance authorization. This Agreement will terminate without penalty, liability or expense of any kind to City at the end of any fiscal year if funds are not appropriated for the next succeeding fiscal year. If funds are appropriated for a portion of the fiscal year, this Agreement will terminate, without penalty, liability or expense of any kind at the end of the term for which funds are appropriated. City has no obligation to make appropriations for this Agreement in lieu of appropriations for new or other agreements. City budget decisions are subject to the discretion of the Mayor and the Board of Supervisors. Contractor’s assumption of risk of possible non-appropriation is part of the consideration for this Agreement. THIS SECTION CONTROLS AGAINST ANY AND ALL OTHER PROVISIONS OF THIS AGREEMENT.
