Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
Disaster Recovery and Business Continuity Company has developed and implemented a contingency planning program to evaluate the effect of significant events that may adversely affect the customers, assets, or employees of Company and Company Bank. To Company’s Knowledge, such program ensures that Company can recover its mission critical functions, and complies in all material respects with the requirements of the FFIEC and the FDIC.
Use of Immobilization Programs Provided (i) the Bank has received a certified copy of a resolution of the Board specifically approving the maintenance of Portfolio Securities in an immobilization program operated by a bank which meets the requirements of Section 26(a)(1) of the 1940 Act, and (ii) for each year following such approval the Board has reviewed and approved the arrangement and has not delivered an Officer's Certificate to the Bank indicating that the Board has withdrawn its approval, the Bank shall enter into such immobilization program with such bank acting as a subcustodian hereunder.
DTC DIRECT REGISTRATION SYSTEM AND PROFILE MODIFICATION SYSTEM (a) Notwithstanding the provisions of Section 2.4 of the Deposit Agreement, the parties acknowledge that DTC’s Direct Registration System (“DRS”) and Profile Modification System (“Profile”) apply to the American Depositary Shares upon acceptance thereof to DRS by DTC. DRS is the system administered by DTC that facilitates interchange between registered holding of uncertificated securities and holding of security entitlements in those securities through DTC and a DTC participant. Profile is a required feature of DRS that allows a DTC participant, claiming to act on behalf of an Owner of American Depositary Shares, to direct the Depositary to register a transfer of those American Depositary Shares to DTC or its nominee and to deliver those American Depositary Shares to the DTC account of that DTC participant without receipt by the Depositary of prior authorization from the Owner to register that transfer.
USE OF THIRD PARTY SYSTEMS-LEVEL SOFTWARE State Street and the Fund acknowledge that in connection with the Data Access Services provided under this Addendum, the Fund will have access, through the Data Access Services, to Fund Data and to functions of State Street’s proprietary systems; provided, however that in no event will the Fund have direct access to any third party systems-level software that retrieves data for, stores data from, or otherwise supports the System.
California Accessibility Disclosure For purposes of Section 1938(a) of the California Civil Code, Landlord hereby discloses to Tenant, and Tenant hereby acknowledges, that the Project has not undergone inspection by a Certified Access Specialist (CASp). In addition, the following notice is hereby provided pursuant to Section 1938(e) of the California Civil Code: “A Certified Access Specialist (CASp) can inspect the subject premises and determine whether the subject premises comply with all of the applicable construction-related accessibility standards under state law. Although state law does not require a CASp inspection of the subject premises, the commercial property owner or lessor may not prohibit the lessee or tenant from obtaining a CASp inspection of the subject premises for the occupancy or potential occupancy of the lessee or tenant, if requested by the lessee or tenant. The parties shall mutually agree on the arrangements for the time and manner of the CASp inspection, the payment of the fee for the CASp inspection, and the cost of making any repairs necessary to correct violations of construction-related accessibility standards within the premises.” In furtherance of and in connection with such notice: (i) Tenant, having read such notice and understanding Tenant’s right to request and obtain a CASp inspection, hereby elects not to obtain such CASp inspection and forever waives its rights to obtain a CASp inspection with respect to the Premises, Building and/or Project to the extent permitted by Legal Requirements; and (ii) if the waiver set forth in clause (i) hereinabove is not enforceable pursuant to Legal Requirements, then Landlord and Tenant hereby agree as follows (which constitutes the mutual agreement of the parties as to the matters described in the last sentence of the foregoing notice): (A) Tenant shall have the one-time right to request for and obtain a CASp inspection, which request must be made, if at all, in a written notice delivered by Tenant to Landlord; (B) any CASp inspection timely requested by Tenant shall be conducted (1) at a time mutually agreed to by Landlord and Tenant, (2) in a professional manner by a CASp designated by Landlord and without any testing that would damage the Premises, Building or Project in any way, and (3) at Tenant’s sole cost and expense, including, without limitation, Tenant’s payment of the fee for such CASp inspection, the fee for any reports prepared by the CASp in connection with such CASp inspection (collectively, the “CASp Reports”) and all other costs and expenses in connection therewith; (C) the CASp Reports shall be delivered by the CASp simultaneously to Landlord and Tenant; (D) Tenant, at its sole cost and expense, shall be responsible for making any improvements, alterations, modifications and/or repairs to or within the Premises to correct violations of construction-related accessibility standards including, without limitation, any violations disclosed by such CASp inspection; and (E) if such CASp inspection identifies any improvements, alterations, modifications and/or repairs necessary to correct violations of construction-related accessibility standards relating to those items of the Building and Project located outside the Premises that are Landlord’s obligation to repair as set forth in this Lease, then Landlord shall perform such improvements, alterations, modifications and/or repairs as and to the extent required by Legal Requirements to correct such violations, and Tenant shall reimburse Landlord for the cost of such improvements, alterations, modifications and/or repairs within 10 business days after Tenant’s receipt of an invoice therefor from Landlord.
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Information Systems Acquisition Development and Maintenance a. Client Data – Client Data will only be used by State Street for the purposes specified in this Agreement.
System and Data Access Services a.System. Subject to the terms and conditions of this Addendum and solely for the purpose of providing access to Fund Data as set forth herein, State Street hereby agrees to provide the Fund, or certain third parties approved by State Street that serve as the Fund`s investment advisors, investment managers or fund accountants (the "Fund Accountants") or as the Fund`s independent auditors (the "Auditor"), with access to State Street`s Multicurrency HORIZONR Accounting System and the other information systems described in Attachment A (collectively, the "System") on a remote basis solely on the computer hardware, system software and telecommunication links described in Attachment B (the "Designated Configuration") or on any designated substitute or back-up equipment configuration consented to in writing by State Street, such consent not to be unreasonably withheld.
BUSINESS CONTINUITY/DISASTER RECOVERY In the event of equipment failure, work stoppage, governmental action, communication disruption or other impossibility of performance beyond State Street’s control, State Street shall take reasonable steps to minimize service interruptions. Specifically, State Street shall implement reasonable procedures to prevent the loss of data and to recover from service interruptions caused by equipment failure or other circumstances with resumption of all substantial elements of services in a timeframe sufficient to meet business requirements. State Street shall enter into and shall maintain in effect at all times during the term of this Agreement with appropriate parties one or more agreements making reasonable provision for (i) periodic back-up of the computer files and data with respect to the Trusts; and (ii) emergency use of electronic data processing equipment to provide services under this Agreement. State Street shall test the ability to recover to alternate data processing equipment in accordance with State Street program standards, and provide a high level summary of business continuity test results to the Trusts upon request. State Street will remedy any material deficiencies in accordance with State Street program standards. Upon reasonable advance notice, and at no cost to State Street, the Trusts retain the right to review State Street’s business continuity, crisis management, disaster recovery, and third-party vendor management processes and programs (including discussions with the relevant subject matter experts and an on-site review of the production facilities used) related to delivery of the service no more frequently than an annual basis. Upon reasonable request, the State Street also shall discuss with senior management of the Trusts any business continuity/disaster recovery plan of the State Street and/or provide a high-level presentation summarizing such plan.”
