Common use of Destruction of Information Clause in Contracts

Destruction of Information. Within thirty (30) days after Utility’s written demand, ESE shall (and shall cause its Third-Party Representatives to) cease to access and Process Confidential Customer Utility Information and shall at the Utility’s option: (A) return such Confidential Customer Utility Information to Utility in such manner, format, and timeframe as reasonably requested by Utility or, if not so directed by Utility, (B) shred, permanently erase and delete, degauss or otherwise modify so as to make unreadable, unreconstructible and indecipherable (“Destroy”) all copies of all Confidential Customer Utility Information (including any and all extracts, compilations, studies, or other documents based upon, derived from, or containing Confidential Customer Utility Information) that has come into ESE’s or its Third-Party Representatives’ possession, including Destroying Confidential Customer Utility Information from all systems, records, archives, and backups of ESE and its Third-Party Representatives, and all subsequent access, use, and Processing of the Confidential Customer Utility Information by ESE and its Third-Party Representatives shall cease provided any items required to be maintained by governmental administrative rule or law or necessary for legitimate business or legal needs will not be destroyed until permitted and will remain subject to confidentiality during the retention period. A Utility making a written demand of an ESE for the return or destruction of Confidential Customer Utility Information will specify the reason for the demand. ESE agrees that upon a customer revocation of consent, ESE warrants that it will no longer access through Utility Confidential Customer Utility Information and that it will Destroy any Confidential Customer Utility Information in its or its Third-Party Representative’s possession. Notwithstanding the foregoing, ESE and its Third-Party Representatives shall not be obligated to erase Confidential Customer Utility Information contained in an archived computer system backup maintained in accordance with their respective security or disaster recovery procedures, provided that ESE and its Third-Party

Destruction of Information. Within thirty (30) days after Utility’s written demand, ESE shall (and shall cause its Third Third-Party Representatives to) cease to access and Process Confidential Customer Utility Information and shall at the Utility’s option: (A) return such Confidential Customer Utility Information to Utility in such manner, format, and timeframe as reasonably requested by Utility or, if not so directed by Utility, (B) shred, permanently erase and delete, degauss or otherwise modify so as to make unreadable, unreconstructible and indecipherable (“Destroy”) all copies of all Confidential Customer Utility Information (including any and all extracts, compilations, studies, or other documents based upon, derived from, or containing Confidential Customer Utility Information) that has come into ESE’s or its Third Third-Party Representatives’ possession, including destroying Destroying Confidential Customer Utility Information from all systems, records, archives, and backups of ESE and its Third Third-Party Representatives, and all subsequent access, use, and Processing of the Confidential Customer Utility Information by ESE and its Third-Third Third- Party Representatives shall cease provided any items required to be maintained by governmental administrative rule or law or necessary for legitimate business or legal needs will not be destroyed until permitted and will remain subject to confidentiality during the retention period. A Utility making a written demand of an ESE for the return or destruction of Confidential Customer Utility Information will specify the reason for the demand. ESE agrees that upon a customer revocation of consent, ESE warrants that it will no longer access through Utility Confidential Customer Utility Information and that it will Destroy any Confidential Customer Utility Information in its or its Third-Party Representative’s possession. Notwithstanding the foregoing, ESE and its Third Third-Party Representatives shall not be obligated to erase Confidential Customer Utility Information contained in an archived computer system backup maintained in accordance with their respective security or disaster recovery procedures, provided that ESE and its Third Third-PartyParty Representatives shall: (1) not have experienced an actual Data Security Incident;, (2) not permitmaintain Data Security Protections to limit access to or recovery of Confidential Utility Information from such computer backup system and; (3) keep all such Confidential Utility Information confidential in accordance with this AddendumAgreement. ESE shall, upon request, certify to Utility that the destruction by ESE and its Third Third-Party Representatives required by this Section has occurred by (A) having a duly authorized officer of ESE complete, execute, and deliver to Utility a certification and (B) obtaining substantially similar certifications from its Third Third-Party Representatives and maintaining them on file. Compliance with this Section 8 shall not relieve ESE from compliance with the other provisions of this AddendumAgreement. The written demand to destroy Destroy or return Confidential Utility Information pursuant to this Section may occur if the ESE has been decertified pursuant to the UBP or UBP DERS UBP, the Utility has been notified of a potential or actual Data Security Incident and Utility has a reasonable belief of potential ongoing harm or the Confidential Utility Information has been held for a period in excess of its retention period. The obligations under this Section shall survive any expiration of termination of this AddendumAgreement. Subject to applicable federal, state and local laws, rules, regulations and orders, at ESE’s written demand and termination of electronic exchange of data with Utility, Utility will Destroy or return, at ESE’s option, Confidential ESE Information.

Destruction of Information. Within thirty (30) days after Utility’s written demand, ESE NYSERDA shall (and shall cause its Third-Party Representatives to) cease to access and Process Confidential Customer Utility Information and shall at the Utility’s option: (A) return such Confidential Customer Utility Information to Utility in such manner, format, and timeframe as reasonably requested by Utility or, if not so directed by Utility, (B) shred, permanently erase and delete, degauss or otherwise modify so as to make unreadable, unreconstructible and indecipherable (“Destroy”) all copies of all Confidential Customer Utility Information (including any and all extracts, compilations, studies, or other documents based upon, derived from, or containing Confidential Customer Utility Information) that has come into ESENYSERDA’s or its Third-Party Representatives’ possession, including Destroying Confidential Customer Utility Information from all systems, records, archives, and backups of ESE NYSERDA and its Third-Party Representatives, and all subsequent access, use, and Processing of the Confidential Customer Utility Information by ESE NYSERDA and its Third-Party Representatives shall cease provided any items required to be maintained by governmental administrative rule or law or necessary for legitimate business or legal needs will not be destroyed until permitted and will remain subject to confidentiality during the retention period. A Utility making a written demand of an ESE for the return or destruction of Confidential Customer Utility Information will specify the reason for the demand. ESE NYSERDA agrees that upon a customer revocation of consent, ESE warrants NYSERDA and its Representatives warrant that it will no longer access through Utility Confidential Customer Utility Information and that it will Destroy any Confidential Customer Utility Information in its or its Third-Party Representative’s possession. Notwithstanding the foregoing, ESE NYSERDA and its Third-Party Representatives shall not be obligated to erase Confidential Customer Utility Information contained in an archived computer system backup maintained in accordance with their respective security or disaster recovery procedures, provided that ESE NYSERDA and its Third-PartyParty Representatives shall: (1) not have experienced an actual Data Security Incident;

Destruction of Information. Within thirty (30) days after Utility’s written demand, ESE NYPA shall (and shall cause its Third-Party Representatives to) cease to access and Process Confidential Customer Utility Information and shall at the Utility’s option: (A) return such Confidential Customer Utility Information to Utility in such manner, format, and timeframe as reasonably requested by Utility or, if not so directed by Utility, (B) shred, permanently erase and delete, degauss or otherwise modify so as to make unreadable, unreconstructible and indecipherable (“Destroy”) all copies of all Confidential Customer Utility Information (including any and all extracts, compilations, studies, or other documents based upon, derived from, or containing Confidential Customer Utility Information) that has come into ESENYPA’s or its Third-Party Representatives’ possession, including Destroying Confidential Customer Utility Information from all systems, records, archives, and backups of ESE NYPA and its Third- a. Upon NYPA’s written demand and termination of electronic exchange of data with Utility, Utility shall at NYPA’s option: (A) return such Confidential NYPA Information to NYPA in such manner, format, and timeframe as reasonably requested by NYPA or, if not so directed by NYPA, (B) Destroy all copies of all Confidential NYPA Information (including any and all extracts, compilations, studies, or other documents based upon, derived from, or containing Confidential NYPA Information) that has come into Utility’s(ies’) or its Third- Party Representatives’ possession, including Destroying Confidential NYPA Information from all systems, records, archives, and backups of Utility and its Third-Party Representatives, and all subsequent access, use, and Processing of the Confidential Customer Utility NYPA Information by ESE Utility and its Third-Party Representatives shall cease cease, provided any items required to be maintained to meet reporting requirements as set forth by federal, state, and/or local laws, regulations, rules, NY state policies, or executive directives, by governmental administrative rule or law or necessary for legitimate business or legal needs will not be destroyed until permitted and will remain subject to confidentiality during the retention period. A Upon request, Utility making a written demand of an ESE for shall certify to NYPA that the return or destruction of Confidential Customer by Utility Information will specify the reason for the demand. ESE agrees that upon a customer revocation of consent, ESE warrants that it will no longer access through Utility Confidential Customer Utility Information and that it will Destroy any Confidential Customer Utility Information in its or its Third-Party Representative’s possession. Notwithstanding the foregoing, ESE and and/or its Third-Party Representatives shall not be obligated required by this Section has occurred by (A) having a duly authorized officer of Utility complete, execute, and deliver to erase Confidential Customer Utility Information contained in an archived computer system backup maintained in accordance with their respective security or disaster recovery procedures, provided that ESE NYPA a certification and (B) obtaining substantially similar certifications from its Third-PartyParty Representatives and maintaining them on file. Compliance with this Section 8a shall not relieve Utility from compliance with the other provisions of this Agreement. The written demand to Destroy or return Confidential NYPA Information pursuant to this Section may occur if NYPA has been notified of a potential or actual Data Security Incident, or has a reasonable belief of potential ongoing harm, or the Confidential NYPA Information has been held for a period in excess of its retention period. The obligations under this Section shall survive any expiration of termination of this Agreement.