Common use of Handling of Personal Information Clause in Contracts

Handling of Personal Information. 37.1 ENTRUSTEE must handle and manage personal information (relating to a liver person and such as name, date of birth, and other description or number identifiable each individual, such as social security number) provided by ENTRUSTOR with the best care and in good faith. 37.2 When ENTRUSTEE entrusts, re-entrusts, or outsources the handling and management of such personal information to a third party, ENTRUSTEE must obtain written agreement of such third party to comply with the same obligations as specified in Article 37. 37.3 ENTRUSTEE is not allowed to act in the same manner as any one of the provisions specified in Articles 37.3 (1) and 37.3 (2); provided, however, ENTRUSTEE is allowed to act in the same manner as any one of Article 37.3(1) and (2) with ENTRUSTOR’s prior approval. (1) An act in which ENTRUSTEE provides such personal information to a third party (except the provision specified in Article 37.2) or lets such third party know such personal information. (2) An act in which ENTRUSTEE uses, duplicates, or revises such personal information beyond the scope of the purpose of the AGREEMENT. 37.4 When ENTRUSTEE handles such personal information, ENTRUSTEE must establish the management system of the person in charge and matters necessary for the safety management with respect to the inspection on the status of such personal information management and has to take necessary steps to prevent such personal information from leaking, losing, and damaging. 37.5 ENTRUSTOR can investigate whether ENTRUSTEE properly manages such personal information in ENTRUSTEE’s office so as to instruct ENTRUSTEE to take necessary measures. 37.6 ENTRUSTEE agrees that when the end, cancellation, or discontinuation of the ENTRUSTED PROJECT or the termination of the AGREEMENT occurs, ENTRUSTEE returns such personal information to ENTRUSTOR, deletes such personal information stored in a medium by a method that cannot be restored or unreadable, and destroys such medium. However, when ENTRUSTOR instructs, ENTRUSTEE has to follow such instruction. 37.7 When ENTRUSTEE recognizes leaking, losing, and damaging of such personal information or facts for any breach of the provisions specified in this Article 37 ENTRUSTEE must promptly take necessary measures to prevent those damages from expanding and report occurrences of those damages, state of those damages, restoration measures, and correspondence to an identified individual (a specific individual to be identified by such personal information) to ENTRUSTOR. 37.8 ENTRUSTEE must handle and manage personal information, which ENTRUSTEE collects or creates with respect to the ENTRUSTED PROJECT, with the best care and in good faith to preserve the confidentiality of personally identifiable information and according to all applicable rules, regulations and laws, including the Act on the Protection of Personal Information of Japan and the Health Insurance Portability and Accountability Act of the United States. 37.9 After the end of the ENTRUSTED PROJECT or after the completion of fulfillment or termination of the AGREEMENT, Articles 37.1, 37.3, and 37.7 must survive so that ENTRUSTEE is responsible for Articles 37.1, 37.3, and 37.7.

Handling of Personal Information. 37.1 ENTRUSTEE must handle and manage personal information (relating to a liver person and such as name, date of birth, and other description or number identifiable each individual, such as social security number) provided by ENTRUSTOR with the best care and in good faith. 37.2 When ENTRUSTEE entrusts, re-entrusts, or outsources the handling and management of such personal information to a third party, ENTRUSTEE must obtain written agreement of such third party to comply with the same obligations as specified in Article 37. 37.3 ENTRUSTEE is not allowed to act in the same manner as any one of the provisions specified in Articles 37.3 (1) and 37.3 (2); provided, however, ENTRUSTEE is allowed to act in the same manner as any one of Article 37.3(1) and (2) with ENTRUSTOR’s prior approval. (1) An act in which ENTRUSTEE provides such personal information to a third party (except the provision specified in Article 37.2) or lets such third party know such personal information. (2) An act in which ENTRUSTEE uses, duplicates, or revises such personal information beyond the scope of the purpose of the AGREEMENT. 37.4 When ENTRUSTEE handles such personal information, ENTRUSTEE must establish the management system of the person in charge and matters necessary for the safety management with respect to the inspection on the status of such personal information management and has to take necessary steps to prevent such personal information from leaking, losing, and damaging. 37.5 ENTRUSTOR can investigate whether ENTRUSTEE properly manages such personal information in ENTRUSTEE’s office so as to instruct ENTRUSTEE to take necessary measures. 37.6 ENTRUSTEE agrees that when the end, cancellation, or discontinuation of the ENTRUSTED PROJECT or the termination of the AGREEMENT occurs, ENTRUSTEE returns such personal information to ENTRUSTOR, deletes such personal information stored in a medium by a method that cannot be restored or unreadable, and destroys such medium. However, when ENTRUSTOR instructs, ENTRUSTEE has to follow such instruction. 37.7 When ENTRUSTEE recognizes leaking, losing, and damaging of such personal information or facts for any breach of the provisions specified in this Article 37 ENTRUSTEE must promptly take necessary measures to prevent those damages from expanding and report occurrences of those damages, state of those damages, restoration measures, and correspondence to an identified individual (a specific individual to be identified by such personal information) to ENTRUSTOR. 37.8 ENTRUSTEE Either Party must handle and manage personal information, which ENTRUSTEE the Party collects or creates with respect to the ENTRUSTED PROJECT, with the best care and in good faith to preserve the confidentiality of personally identifiable information and according to all applicable rules, regulations and laws, including the Act on the Protection of Personal Information of Japan and the Health Insurance Portability and Accountability Act of the United States. 37.9 After the end of the ENTRUSTED PROJECT or after the completion of fulfillment or termination of the AGREEMENT, Articles 37.1, 37.3, and 37.7 must survive so that ENTRUSTEE is responsible for Articles 37.1, 37.3, and 37.7.

Handling of Personal Information. 37.1 ENTRUSTEE must 33.1 Each PARTY shall handle and manage personal information (relating to a liver person and living individual such as name, date of birth, and other description or number identifiable each individual, such as social security number) provided by ENTRUSTOR the other PARTY (“PERSONAL INFORMATION”) with the best care and in good faith. 37.2 33.2 When ENTRUSTEE entrusts, re-entrustsa PARTY entrust, or outsources the handling and management of such personal information PERSONAL INFORMATION to a third party, ENTRUSTEE must the PARTY shall obtain a written agreement of such third party to comply with the same obligations as specified in Article 3733. 37.3 ENTRUSTEE is 33.3 Each PARTY shall not be allowed to act in the same manner as any one of the provisions specified in Articles 37.3 (1) and 37.3 (2); provided, however, ENTRUSTEE is allowed to act in the same manner as any one of Article 37.3(133.3(1) and (2) with ENTRUSTORwithout the other PARTY’s prior approval. (1) An act in which ENTRUSTEE each PARTY provides such personal information PERSONAL INFORMATION to a third party (except the provision specified in Article 37.2) or lets such third party know such personal informationPERSONAL INFORMATION. (2) An act in which ENTRUSTEE each PARTY uses, duplicates, or revises such personal information PERSONAL INFORMATION beyond the scope of the purpose of the AGREEMENT. 37.4 When ENTRUSTEE handles such personal information33.4 In handling PERSONAL INFORMATION, ENTRUSTEE must each PARTY shall establish the management system of the a person in charge and matters necessary for the safety management with respect to the inspection on the status of such personal information management management, and has to take necessary steps to prevent such personal information from leakingthe leakage, losing, and damagingloss or damage of PERSONAL INFORMATION. 37.5 ENTRUSTOR can 33.5 Each PARTY may investigate whether ENTRUSTEE the other PARTY properly manages such personal information PERSONAL INFORMATION in ENTRUSTEEthe other PARTY’s office so as to instruct ENTRUSTEE the other PARTY to take necessary measures. 37.6 ENTRUSTEE 33.6 Each PARTY agrees that when the endRESEARCH PROJECT is completed, cancellationcancelled, or discontinuation of the ENTRUSTED PROJECT discontinued or the termination of the AGREEMENT occursis terminated, ENTRUSTEE returns such personal information receiving PARTY shall return PERSONAL INFORMATION to ENTRUSTORdisclosing PARTY, deletes such personal information delete PERSONAL INFORMATION stored in a medium by a method that cannot be restored or unreadable, and destroys destroy such medium. However; provided, however, that when ENTRUSTOR instructsdisclosing PARTY give an instruction to receiving PARTY, ENTRUSTEE has to receiving PARTY shall follow such instruction. 37.7 33.7 When ENTRUSTEE either PARTY recognizes leakingleakage, losing, and damaging loss or damage of such personal information PERSONAL INFORMATION or facts for any breach of the provisions specified in this Article 37 ENTRUSTEE must 33, such PARTY shall promptly take necessary measures to prevent those damages from expanding and report occurrences of those damages, state of those damages, restoration measures, and correspondence to an identified individual (a specific individual to be identified by such personal information) to ENTRUSTORthe other PARTY. 37.8 ENTRUSTEE must 33.8 Each PARTY shall handle and manage personal information, which ENTRUSTEE collects information collected or creates created by itself with respect to the ENTRUSTED RESEARCH PROJECT, with the best care and in good faith to preserve the confidentiality of personally identifiable information and according to all applicable rules, regulations and laws, including the Act on the Protection of Personal Information of Japan and the Health Insurance Portability and Accountability Act of the United States. 37.9 33.9 After the end final date of the ENTRUSTED PROJECT or after the completion of fulfillment or termination of the AGREEMENTRESEARCH PROJECT, Articles 37.133.1, 37.333.3, and 37.7 must 33.7 shall survive so that ENTRUSTEE each PARTY is responsible for Articles 37.133.1, 37.333.3, and 37.733.7.

Handling of Personal Information. 37.1 ENTRUSTEE must 40.1 COLLABORATOR shall handle and manage personal information (relating to a liver living person and such as name, date of birth, and other description or number identifiable each individual, such as social security number) provided by ENTRUSTOR JOGMEC with the best care and in good faith. 37.2 40.2 When ENTRUSTEE entrusts, re-COLLABORATOR entrusts, or outsources the handling and management of such personal information to a third party, ENTRUSTEE must COLLABORATOR shall obtain written agreement of such third party to comply with the same obligations as specified in Article 3740. 37.3 ENTRUSTEE 40.3 COLLABORATOR is not allowed to act in the same manner as any one of the provisions specified in Articles 37.3 40.3 (1) and 37.3 40.3 (2); provided, however, ENTRUSTEE COLLABORATOR is allowed to act in the same manner as any one of Article 37.3(140.3(1) and (2) with ENTRUSTORJOGMEC’s prior approval. (1) An act in which ENTRUSTEE COLLABORATOR provides such personal information to a third party (except the provision specified in Article 37.240.2) or lets such third party know such personal information. (2) An act in which ENTRUSTEE COLLABORATOR uses, duplicates, or revises such personal information beyond the scope of the purpose of the AGREEMENT. 37.4 40.4 When ENTRUSTEE COLLABORATOR handles such personal information, ENTRUSTEE must COLLABORATOR shall establish the management system of the person in charge and matters necessary for the safety management with respect to the inspection on the status of such personal information management and has to take necessary steps to prevent such personal information from leaking, losing, and damaging. 37.5 ENTRUSTOR 40.5 JOGMEC can investigate whether ENTRUSTEE COLLABORATOR properly manages such personal information in ENTRUSTEECOLLABORATOR’s office so as to instruct ENTRUSTEE COLLABORATOR to take necessary measures. 37.6 ENTRUSTEE 40.6 COLLABORATOR agrees that when the end, cancellation, or discontinuation of the ENTRUSTED RESEARCH PROJECT or the termination of the AGREEMENT occurs, ENTRUSTEE COLLABORATOR returns such personal information to ENTRUSTORJOGMEC, deletes such personal information stored in a medium by a method that cannot be restored or unreadable, and destroys such medium. However, when ENTRUSTOR JOGMEC instructs, ENTRUSTEE COLLABORATOR has to follow such instruction. 37.7 40.7 When ENTRUSTEE COLLABORATOR recognizes leaking, losing, and damaging of such personal information or facts for any breach of the provisions specified in this Article 37 ENTRUSTEE must 40, COLLABORATOR shall promptly take necessary measures to prevent those damages from expanding and report occurrences of those damages, state of those damages, restoration measures, and correspondence to an identified individual (a specific individual to be identified by such personal information) to ENTRUSTORJOGMEC. 37.8 ENTRUSTEE must handle and manage personal information, which ENTRUSTEE collects or creates with respect to the ENTRUSTED PROJECT, with the best care and in good faith to preserve the confidentiality of personally identifiable information and according to all applicable rules, regulations and laws, including the Act on the Protection of Personal Information of Japan and the Health Insurance Portability and Accountability Act of the United States. 37.9 After the end of the ENTRUSTED PROJECT or after the completion of fulfillment or termination of the AGREEMENT, Articles 37.1, 37.3, and 37.7 must survive so that ENTRUSTEE is responsible for Articles 37.1, 37.3, and 37.7.