INFORMATION PRIVACY AND DATA SECURITY. Citizens takes seriously the privacy concerns of its insureds and others. The purpose of this Section is to properly address the protection, handling and proper disposal of any information the Firm has received from Citizens (“Citizens Confidential Information”). These requirements apply to all information assets, including, but not limited to paper, electronic and film data. The term “Citizens Confidential Information” does not include any information that:
INFORMATION PRIVACY AND DATA SECURITY. (a) The Business’s, the Company’s and its Subsidiaries’ practices concerning the creation, receipt, maintenance, transmission, use, disclosure, processing, protection, collection, analysis, retention, storage, privacy, security, breach, transfer, destruction, and disposal of Personal Information comply with, and have not violated, any (i) Contract, (ii) Privacy Laws, or (iii) written policy or privacy statement of the Company or its Subsidiaries.
INFORMATION PRIVACY AND DATA SECURITY. The Company Group’s practices concerning collection, use, analysis, retention, storage, protection, security, transfer, disclosure, and disposal of Personal Information comply in all material respects with, and have not, since January 1, 2017, violated in any material respect, any (a) Contract with a client, (b) Privacy Laws, or (c) written policy or privacy statement of the Company Group. The Company Group has posted to their website and each of their online sites and services, including all mobile applications, terms of use or service and a privacy policy that complies with Privacy Laws and that accurately reflects in all material respects the Company Group’s practices concerning the collection, use, and disclosure of Personal Information in such online sites, services, and mobile applications. The Company Group has commercially reasonable controls in place designed to address the information security risks and vulnerabilities of the Company Group in light of each member of the Company Group’s business, technology, information systems, and the sensitivity of the Personal Information processed by the Company Group.
INFORMATION PRIVACY AND DATA SECURITY. Citizens takes seriously the privacy concerns of its policyholders and others. The purpose of this Section is to properly address the protection, handling and proper disposal of any information the Firm has received from Citizens (“Citizens Confidential Information”). These requirements apply to all information assets, including, but not limited to paper, electronic and film data. The term “Citizens Confidential Information” does not include any information that: (a) is publicly available through no fault of Firm; or (b) Firm developed independently without relying in any way on Citizens Confidential Information. The privacy and data security requirements in this Section are in addition to those set forth in the Firm’s Contract for Legal Services with Citizens and any applicable state or federal law.
INFORMATION PRIVACY AND DATA SECURITY. (a) The Company Group has established an Information Security Program that is appropriately implemented and maintained, and there have been no material violations of such Information Security Program. The Company Group has (i) assessed and tested its Information Security Program on a no less than annual basis; and (ii) remediated all critical, high, and medium risks and vulnerabilities. The Information Security Program has proven sufficient and compliant with Data Protection Requirements in all material respects. The IT Systems currently used by the Company Group are in all material respects in good working condition, do not contain any malicious code or defect, and operate and perform as necessary for the operation of the Business. All Company Data will continue to be available for Processing by the Company Group following the Closing on substantially the same terms and conditions as existed immediately prior to the Closing. The Company Group has commercially reasonable controls in place designed to address the information security risks and vulnerabilities of the Company Group in light of the Business and the technology, information systems, and the sensitivity of the Personal Information processed by the Company Group.
INFORMATION PRIVACY AND DATA SECURITY. (a) Seller’s practices concerning collection, use, analysis, retention, storage, protection, security, transfer, disclosure and disposal of all data or information constituting the personal information of any natural person, including employees, that has been collected or otherwise obtained, including all such information subject to any applicable Legal Requirements respecting the privacy of financial, credit, or other information (“Privacy Laws”), comply with, and do not violate, any (i) of the terms of any Material Contract, (ii) applicable Privacy Laws or other Legal Requirements or (iii) written policy or privacy statement of Seller (with respect to sub-clause (iii), to the extent existing). All information systems used by Seller in the conduct of the Business are sufficient for the conduct of the Business as currently conducted and as presently proposed to be conducted. Seller uses reasonable means, taking into account the nature of personal information collected and processed by Seller, to protect the security and integrity of all information systems used by the Business.
INFORMATION PRIVACY AND DATA SECURITY. Each Group Company is and has for the past six (6) years been, in material compliance with: (i) all Applicable Privacy Laws; (ii) publicly facing Company privacy policies and statements, and (iii) contractual obligations relating to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, or transfer of Personal Information; ((i)-(iii) collectively, the “Privacy Requirements”). For the past six (6) years, the Group Companies have had in place policies relating to the security and privacy of Personal Information that materially comply with all Applicable Privacy Laws, and the Group Company has made such policies available to Buyer. Each Group Company has posted to its website and each of its online sites and services, including all mobile applications, terms of use or service and a privacy policy that materially complies with Applicable Privacy Laws and that reflects such Group Company’s practices concerning the collection, use, and disclosure of Personal Information in such online sites, services, and mobile applications. Each Group Company has entered into business associate agreements with business associates or subcontractors (as defined under HIPAA) when required by HIPAA and such agreements have been made available to Buyer. For the past six (6) years, each Group Company has, in accordance with Applicable Privacy Laws, maintained reasonable controls in place to detect data security incidents and to protect Personal Information against loss and against data security incidents, and other unauthorized access, use, modification, disclosure, or other misuse that would constitute a violation of Applicable Privacy Laws. For the past six (6) years, each Group Company has: (i) conducted vulnerability testing, risk assessments, and external audits of such Group Company’s systems and products (collectively, “Information Security Reviews”); (ii) timely corrected any material exceptions or critical or high vulnerabilities identified in such Information Security Reviews; (iii) made available true and accurate copies of third party Information Security Reviews; and (iv) timely installed critical and high-risk software security patches and other fixes to identified technical information security vulnerabilities. For the past six (6) years, each Group Company has provided its employees with regular training on privacy and data security matters as required by Privacy Requirements. Except as set ...
INFORMATION PRIVACY AND DATA SECURITY. (a) Each Company is in compliance and has at all times complied in all material respects with all applicable Privacy Laws governing the privacy, security, integrity, accuracy, creation, transmission, receipt, maintenance, use, disclosure, or other protection of Personal Information created, received, maintained, transmitted, or destroyed by such Company, all policies and procedures of such Company, all contractual obligations to which such Company is bound and all industry standards binding upon such Company (collectively, the “Privacy Requirements”).
INFORMATION PRIVACY AND DATA SECURITY. (a) The Seller is in compliance and has at all times complied in all respects with all applicable Privacy Laws governing the privacy, security, integrity, accuracy, creation, transmission, receipt, maintenance, use, disclosure, or other protection of Personal Information created, received, maintained, transmitted, or destroyed by the Seller, all policies and procedures of the Seller, all contractual obligations to which the Seller is bound and all industry standards binding upon the Seller (collectively, the “Privacy Requirements”).
INFORMATION PRIVACY AND DATA SECURITY. (i) The Company’s practices concerning collection, use, analysis, retention, storage, protection, security, transfer, disclosure and disposal of Personal Information comply with, and have not violated, any (i) Material Contract (ii) Privacy Laws, or (iii) public-facing written policy or privacy statement of the Company. The Company has posted to its websites and each of its online sites and the Airfox Mobile Wallet, terms of use or service and a privacy policy that complies in all material respects with Privacy Laws and that are consistent with, the Company’s practices concerning the collection, use, and disclosure of Personal Information; and
