PCI Compliance Company shall not connect to or utilize any computer network or systems of the Aviation Authority, including, without limitation, for transmission of credit card payments. Company shall be solely responsible for providing and maintaining its own computer networks and systems and shall ensure its system ensure its system used to collect, process, store or transmit credit card or customer credit card and/or personal information is compliant with all applicable Payment Card Industry (“PCI”) Data Security Standard (“DSS”).
1. Company shall, within 5 days, notify the Aviation Authority of any security malfunction or breach, intrusion or unauthorized access to cardholder or other customer data, and shall comply with all then applicable PCI requirements.
2. Company, in addition to notifying the Aviation Authority and satisfying the PCI requirements, will immediately take the remedial actions available under the circumstances and provide the Aviation Authority with an explanation of the cause of the breach or intrusion and the proposed remediation plan. Company will notify the Aviation Authority promptly if it learns that it is no longer PCI DSS compliant and will immediately provide the Aviation Authority with a report on steps being taken to remediate the non-compliance status and provide evidence of compliance once PCI DSS compliance is achieved.
3. Company, its successor’s and assigns, will continue to comply with all provisions of this Agreement relating to accidents, incidents, damages and remedial requirements after the termination of this Agreement.
4. Company shall ensure strict compliance with PCI DSS for each credit card transaction and acknowledges responsibility for the security of cardholder data. Company will create and maintain reasonable detailed, complete and accurate documentation describing the systems, processes, network segments, security controls and dataflow used to receive, process transmit store and secure Customer’s cardholder data. Such documentation shall conform to the most current version of PCI DSS.
5. Company must maintain PCI Certification as a bankcard merchant at the Airport. Company is responsible, at Company’s own expense, to contract and pay for all quarterly, annual or other required assessments, remediation activities related to processes within Concessionaire’s control, analysis or certification processes necessary to maintain PCI certification as a bankcard merchant.
6. PCI DSS - Company shall make available on the Premises, within 24 hours upon request by the Aviation Authority, such documentation, policies, procedures, reports, logs, configuration standards and settings and all other documentation necessary for the Aviation Authority to validate Company’s compliance with PCI DSS as well as make available to the individuals responsible for implementing, maintaining and monitoring those system components and processes. Requested logs must be made available to the Aviation Authority in electronic format compatible with computers used by the Aviation Authority.
7. Evidence of PCI DSS Compliance – Company agrees to supply their PCI DSS compliance status and evidence of its most recent validation of compliance upon execution of the Contract. Company must supply to the Aviation Authority evidence of validation of compliance at least annually to be delivered along with the Annual Certification of Fees in accordance with Article 5.C. of this Agreement.
Compliance with Texas Privacy Laws and Regulations In performing their respective obligations under the Agreement, the LEA and the Provider shall comply with all Texas laws and regulations pertaining to LEA data privacy and confidentiality, including but not limited to the Texas Education Code Chapter 32, and Texas Government Code Chapter 560.
Compliance with Applicable Laws, Rules and Regulations The Dealer Manager represents to the Company that (a) it is a member of FINRA in good standing, and (b) it and its employees and representatives who will perform services hereunder have all required licenses and registrations to act under this Agreement. With respect to its participation and the participation by each Participating Dealer in the offer and sale of the Offered Shares (including, without limitation, any resales and transfers of Offered Shares), the Dealer Manager agrees, and, by virtue of entering into the Participating Dealer Agreement, each Participating Dealer shall have agreed, to comply with any applicable requirements of the Securities Act and the Exchange Act, applicable state securities or blue sky laws, and, specifically including, but not in any way limited to, NASD Conduct Rules 2340 and 2420, and FINRA Conduct Rules 2310, 5130 and 5141.
Compliance with Applicable Laws and Regulations (a) To the best of Borrower’s knowledge after due inquiry and investigation, each of the following is true:
(i) All Improvements and the use of the Mortgaged Property comply with all applicable statutes, rules and regulations, including all applicable statutes, rules and regulations pertaining to requirements for equal opportunity, anti-discrimination, fair housing, environmental protection, zoning and land use (“legal, non-conforming” status with respect to uses or structures will be considered to comply with zoning and land use requirements for the purposes of this representation).
(ii) The Improvements comply with applicable health, fire, and building codes.
(iii) There is no evidence of any illegal activities relating to controlled substances on the Mortgaged Property.
(b) Reserved.
Anti-Corruption Compliance (a) Neither the Company nor its Subsidiaries, nor any of their directors or officers, nor to the knowledge of the Company, any of the Company or its Subsidiaries’ respective employees, agents, Representatives or other Persons acting for or on behalf of the Company or any of its Subsidiaries has: (i) made any bribe, influence payment, kickback, payoff, benefits or any other type of payment (whether tangible or intangible) that would be unlawful under any applicable Anti-Bribery Laws; (ii) been in violation of any Anti-Bribery Laws, offered, paid, promised to pay, or authorized any payment or transfer of anything of value, directly or indirectly, to any person for the purpose of (A) influencing any act or decision of any Government Official in his or her official capacity, (B) inducing a Government Official to do or omit to do any act in relation to his or her lawful duty, (C) securing any improper advantage, (D) inducing a Government Official to influence or affect any act, decision or omission of any Governmental Authority, or (E) assisting the Company or any of its Subsidiaries, or any agent or any other Person acting for or on behalf of the Company or any of its Subsidiaries, in obtaining or retaining business for or with, or in directing business to, any Person; or (iii) accepted or received any contributions, payments, gifts, or expenditures that would be unlawful under any Anti-Bribery Laws.
(b) Each of the Company and its Subsidiaries, has instituted and maintains policies and procedures reasonably designed to ensure compliance with the Anti-Bribery Laws.
(c) As of the date hereof, there are no current or pending internal investigations, or, to the knowledge of the Company, any third-party investigations (including by any Governmental Authority), or internal or external audits that address any material allegations concerning possible material violations of the Anti-Bribery Laws related to the Company or any of the Company’s Subsidiaries.
