Information Systems (a) The MA Organization must:
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
DTC DIRECT REGISTRATION SYSTEM AND PROFILE MODIFICATION SYSTEM (a) Notwithstanding the provisions of Section 2.4 of the Deposit Agreement, the parties acknowledge that DTC’s Direct Registration System (“DRS”) and Profile Modification System (“Profile”) apply to the American Depositary Shares upon acceptance thereof to DRS by DTC. DRS is the system administered by DTC that facilitates interchange between registered holding of uncertificated securities and holding of security entitlements in those securities through DTC and a DTC participant. Profile is a required feature of DRS that allows a DTC participant, claiming to act on behalf of an Owner of American Depositary Shares, to direct the Depositary to register a transfer of those American Depositary Shares to DTC or its nominee and to deliver those American Depositary Shares to the DTC account of that DTC participant without receipt by the Depositary of prior authorization from the Owner to register that transfer.
Information Services The Custodian may rely upon information received from issuers of Securities or agents of such issuers, information received from Subcustodians or depositories, information from data reporting services that provide detail on corporate actions and other securities information, and other commercially reasonable industry sources; and, provided the Custodian has acted in accordance with the standard of care set forth in Section 6 (a), the Custodian shall have no liability as a result of relying upon such information sources, including but not limited to errors in any such information.
Confidentiality/Protection of Customer Information The Company shall keep confidential and shall not divulge to any party, without the Purchaser's prior written consent, the price paid by the Purchaser for the Mortgage Loans, except to the extent that it is reasonable and necessary for the Company to do so in working with legal counsel, auditors, taxing authorities or other governmental agencies. Each party agrees that it shall comply with all applicable laws and regulations regarding the privacy or security of Customer Information and shall maintain appropriate administrative, technical and physical safeguards to protect the security, confidentiality and integrity of Customer Information, including maintaining security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, 66 Fed. Reg. 8616 (the "Interagency Guidelines"). For purposes of this Section, the term "Customer Information" shall have the meaning assigned to it in the Interagency Guidelines.
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Security and Safeguarding Information (a) Confidential Information that contains Non-Public Personal Information about customers is subject to the protections created by the Xxxxx-Xxxxx-Xxxxxx Act of 1999 (the “Act”) and under the standards for safeguarding Confidential Information, 16 CFR Part 314 (2002) adopted by Federal Trade Commission (“FTC”) (the “Safeguards Rule”). Additionally, state specific laws may regulate how certain confidential or personal information is safeguarded. The parties agree with respect to the Non-Public Personal Information to take all appropriate measures in accordance with the Act, and any state specific laws, as are necessary to protect the security of the Non-Public Personal Information and to specifically assure there is no disclosure of the Non-Public Personal Information other than as authorized under the Act, and any state specific laws, and this Agreement. With respect to Confidential Information, including Non-Public Personal Information and Personally Identifiable Financial Information as applicable, each of the parties agrees that:
Security Services In performing the Services, the Agent shall properly comply at all times with, and perform all of, the Security Procedures.
Security System Landlord shall not be obligated to provide or maintain any security patrol or security system. Landlord shall not be responsible for the quality of any such patrol or system which may be provided hereunder or for damage or injury to Tenant, its employees, invitees or others due to the failure, action or inaction of such patrol or system.
Business Continuity Plan The Warrant Agent shall maintain plans for business continuity, disaster recovery, and backup capabilities and facilities designed to ensure the Warrant Agent’s continued performance of its obligations under this Agreement, including, without limitation, loss of production, loss of systems, loss of equipment, failure of carriers and the failure of the Warrant Agent’s or its supplier’s equipment, computer systems or business systems (“Business Continuity Plan”). Such Business Continuity Plan shall include, but shall not be limited to, testing, accountability and corrective actions designed to be promptly implemented, if necessary. In addition, in the event that the Warrant Agent has knowledge of an incident affecting the integrity or availability of such Business Continuity Plan, then the Warrant Agent shall, as promptly as practicable, but no later than twenty-four (24) hours (or sooner to the extent required by applicable law or regulation) after the Warrant Agent becomes aware of such incident, notify the Company in writing of such incident and provide the Company with updates, as deemed appropriate by the Warrant Agent under the circumstances, with respect to the status of all related remediation efforts in connection with such incident. The Warrant Agent represents that, as of the date of this Agreement, such Business Continuity Plan is active and functioning normally in all material respects.
