Common use of Data Security/Personal Cardholder Information Clause in Contracts

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services, or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer or the applicable Card Brand, except as expressly authorized in writing by the Cardholder, or as required by Applicable Law. a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will: (a) ensure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer in accordance with Applicable Law, rules, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods such as SSL or 3-D Secure; install and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and Card Transactions (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processes.

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services, services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer or the applicable Card Brand, except as expressly authorized in writing by the Cardholder, or as required by Applicable Lawlaw. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will: will (a) ensure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer in accordance with Applicable Lawapplicable federal and state laws, rules, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods such as SSL or 3-D Secure; install and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and Card Transactions transaction (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processes.

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services, services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer or the applicable Card Brand, except as expressly authorized in writing by the Cardholder, or as required by Applicable Lawlaw. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will: will (a) ensure insure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer in accordance with Applicable Lawapplicable federal and state laws, rules, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods such as SSL or 3-D Secure; install and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and Card Transactions transaction (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processes.

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services, services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer Bank or the applicable Card BrandAssociation, except as expressly authorized in writing by the Cardholder, or as required by Applicable Lawlaw. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will: will (a) ensure insure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer Bank in accordance with Applicable Lawapplicable federal and state laws, rules, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods such as SSL or 3-D Secure; install and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and Card Transactions transaction (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processes.

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services, services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer Peoples Trust or the applicable Card BrandPayment Network, except as expressly authorized in writing by the Cardholder, or as required by Applicable Lawlaw. aA) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will: will (a) ensure insure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer in accordance with Applicable LawData Privacy Requirements and applicable Laws. Merchant must promptly report the use of any third parties, rulesdefined as any entity that is not a member of a Payment Network but has a direct relationship with a Merchant, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods which has access to cardholder data and performs such services such as SSL or 3-D Secure; install gateway, fraud scrubbing, loyalty programs, etc. Bank is required by Payment Network regulations to register the third party with Payment Network and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and ensure that the third party is documented compliant with the Payment Card Transactions (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processesIndustry requirements.