Appears in 3 contracts

Samples: Sale and Servicing Agreement (Triad Automobile Receivables Trust 2005-A), Sale and Servicing Agreement (Triad Financial Special Purpose LLC), Sale and Servicing Agreement (Triad Automobile Receivables Trust 2003-B)

Appears in 2 contracts

Samples: Sale and Servicing Agreement (Triad Automobile Receivables Trust 2006-A), Sale and Servicing Agreement (Triad Automobile Receivables Trust 2004-A)

NONPUBLIC PERSONAL INFORMATION. In Notwithstanding any provision herein to the ~~course of carrying out their duties under this Agreement~~contrary, the ~~Indenture Trustee~~Sub-Advisor hereto agrees on behalf of itself and its directors, ~~the Backup Servicer~~trustees, ~~the Issuer~~ managers, members, shareholders, officers, and ~~the Depositor shall develop or receive certain~~ employees (1) to treat confidentially and as proprietary information ~~regarding the "consumers" and "customers"~~ of the ~~Servicer~~Trust (a) all records and other information relative to the Fund’s prior, ~~including but not limited to "nonpublic personal information,"~~ present, or potential shareholders (and clients of said shareholders) and (b) any Nonpublic Personal Information, as ~~those terms are~~ defined ~~in Title V~~ under Section 248.3(t) of Regulation S-P (“Regulation S-P”), promulgated under the Xxxxx-Xxxxx-Xxxxxx Act (the “G-L-B Act”), and (2) except after prior notification to and approval in writing by the Trust, not to use such records and information for any purpose other than the performance of its responsibilities and duties hereunder, or as otherwise permitted by Regulation S-P or the G-L-B Act, and if in compliance therewith, the privacy ~~regulations~~ policies adopted ~~thereunder)~~by the Trust and communicated in writing to the Sub-Advisor. ~~Notwithstanding any~~ Such written approval shall not be unreasonably withheld by the Trust and may not be withheld where the Sub-Advisor may be exposed to civil or criminal contempt or other ~~provision~~ proceedings for failure to comply after being requested to divulge such information by duly constituted authorities. Further, all information and advice furnished by either party to the other shall be treated as confidential and shall not be disclosed to third parties except as required or permitted by law. Confidential information provided by one party to the other remains the property of the ~~Agreement, with respect~~ party providing the information. Each party will establish reasonable procedures to ~~nonpublic personal information about the customers and consumers of the Servicer, each of the Indenture Trustee, the Backup Servicer, the Issuer and the Depositor agrees as follows:~~ (i) ~~except as may be reasonably necessary in~~ protect the ~~ordinary course~~ integrity and security of ~~business to carry out the activities to be performed by the Indenture Trustee~~such information, ~~the Backup Servicer, the Issuer or the Depositor under this Agreement or as may be required by law or legal process, it will not disclose any such nonpublic personal information to any third party;~~ (ii) it will not use any such nonpublic personal information other than to carry out the purposes for which it was disclosed to the Indenture Trustee, the Backup Servicer, the Issuer or the Depositor, as applicable, unless such other use is expressly permitted by a written agreement executed by the Servicer or required by law or legal process; (iii) it shall restrict disclosure of the information solely to those of its employees with a need to know and will advise employees who receive the information of the obligation of confidentiality hereunder; and (iv) it will take all reasonable measures, including without limitation such measures as it takes to safeguard its own confidential information, to ensure the security and confidentiality of all such nonpublic personal information, to protect against any anticipated threats or hazards to the security or and integrity of ~~such nonpublic personal information and to~~ plan information; (iii) protect against unauthorized access to or use of such ~~nonpublic personal~~ information that could result in substantial harm or inconvenience to the other party or Client and (iv) ensure the proper disposal of information. ~~The Servicer~~ In the event of any unauthorized use or disclosure each party shall ~~have access (during normal business hours, upon~~ take all reasonable ~~prior notice)~~ actions to ~~review such books and records~~ protect against recurrence of the ~~Indenture Trustee, the Backup Servicer, Issuer~~ unauthorized use or disclosure and the Depositor as may be necessary to assess compliance with the requirements of this Section 12.15. All costs and expenses of such a review shall be borne solely by the Servicer, unless the results of such review indicate a breach of this Section 12.15 by the Indenture Trustee, the Backup Servicer, the Issuer or the Depositor. The Indenture Trustee, the Backup Servicer, the Issuer or the Depositor, as applicable, shall promptly notify the ~~Servicer if it receives any complaint~~ other party of that unauthorized use or notice concerning a violation of privacy rights or becomes aware of a breach of customer data security. Upon termination of this Agreement, the Indenture Trustee, the Backup Servicer, the Issuer and the Depositor shall return or destroy all nonpublic personal information, without retaining any copies of such documents and recordsdisclosure promptly.

Appears in 1 contract

Samples: Investment Sub Advisory Agreement (Trust for Professional Managers)

NONPUBLIC PERSONAL INFORMATION. In the course of carrying out their duties under this Agreement, the Indenture Trustee, the Backup Servicer, the Issuer and the Depositor shall develop or receive certain information regarding the "consumers" and "customers" of the Servicer, including but not limited to "nonpublic personal information," (as those terms are defined in Title V of the Xxxxx-Xxxxx-Xxxxxx Act and the privacy regulations adopted thereunder). Notwithstanding any other provision of ~~the~~ this Agreement, to the extent Nonpublic Personal Information is, either intentionally or unintentionally, disclosed to or obtained by Company in connection with ~~respect~~ the matters contemplated by this Agreement, Company covenants to ~~nonpublic personal~~ keep such Nonpublic Personal Information strictly confidential and shall use and process such Nonpublic Personal Information solely for the purposes of carrying out its obligations under, and as expressly set forth in, this Agreement or as otherwise expressly directed in writing by DTCC and not for any other purposes. Company shall maintain an effective information ~~about~~ security program and take appropriate administrative, technical and physical measures to secure and protect such Nonpublic Personal Information against unauthorized, unlawful or accidental access, disclosure, transfer, destruction, loss or alteration as more particularly described in Section 5(f) hereof. Company shall, upon the ~~customers~~ reasonable request of DTCC, (i) provide DTCC with information regarding its privacy/data protection practices, (ii) provide DTCC with information relating to those of its business locations from which Services under the Agreement are performed regarding the results of any audits or tests performed which relate to the security of Nonpublic Personal Information, and ~~consumers~~ (iii) shall allow DTCC reasonable access to audit compliance by Company with this provision as more particularly described in Section 15 hereof. Without limiting the generality of the ~~Servicer~~foregoing, on or before the date this Agreement is executed and annually within one (1) month of each anniversary of such date occurring thereafter during the term of this Agreement, or at more frequent times if required by DTCC's vendor management program requirements, DTCC shall be entitled to require Company to provide DTCC with one or more of the ~~Indenture Trustee~~following items, ~~the Backup Servicer, the Issuer~~ which must be provided in English and ~~the Depositor agrees as follows~~at Company's expense: (i) ~~except~~ a current report by an independent third party audit firm acceptable to DTCC (with respect to the scope of the audit performed and otherwise) that describes Company's control policies and procedures, including, without limitation, its security and compliance programs, that have been initiated and are then functioning at all locations from which Company shall be performing the Services, which report must contain statements on the operating effectiveness of those policies and procedures with respect to the Services (unless otherwise specified by DTCC, a Type II SAS 70 Report, as ~~may be reasonably necessary~~ described in the ~~ordinary course~~ then current Statement of ~~business to carry out~~ Auditing Standard 70 of the ~~activities to~~ American Institute of Certified Public Accounts and a BS7799 certification shall be performed by the Indenture Trustee, the Backup Servicer, the Issuer or the Depositor under this Agreement or as may be required by law or legal process, it will not disclose any such nonpublic personal information to any third party; acceptable types of audit reports), (ii) it will not use any such nonpublic personal information other than to carry out the purposes for which it was disclosed to the Indenture Trustee, the Backup Servicer, the Issuer or the Depositor, as applicable, unless such other use is expressly permitted by a ~~written agreement executed by the Servicer or required by law or legal process;~~ SysTrust report, (iii) ~~it shall restrict disclosure of the information solely to those of its employees with~~ a ~~need to know and will advise employees who receive the information of the obligation of confidentiality hereunder; and~~ TrueSecure certification, (iv) it will take all reasonable measures, including without limitation such measures as it takes to safeguard its own confidential information, to ensure the security and confidentiality of all such nonpublic personal information, to protect against anticipated threats or hazards to the security or integrity of such nonpublic personal a completed DTCC-provided survey regarding information ~~and to protect against unauthorized access to or use of such nonpublic personal information. The Servicer shall have access~~ protection practices, (~~during normal business hours, upon reasonable prior notice~~v) to review such books and records of the Indenture Trustee, the Backup Servicer, Issuer and the Depositor as may be necessary to assess compliance with the requirements of this Section 12.15. All costs and expenses of such a review ~~shall be borne solely~~ of Company's policies, practices and procedures for access controls and information protection controls, (vi) a review of Company's control testing results and remediation priorities, and (vii) a completed information security questionnaire provided by the Servicer, unless the results of such review indicate a breach of this Section 12.15 by the Indenture Trustee, the Backup Servicer, the Issuer or the Depositor. The Indenture Trustee, the Backup Servicer, the Issuer or the Depositor, as applicable, shall promptly notify the Servicer if it receives any complaint or notice concerning a violation of privacy rights or becomes aware of a breach of customer data security. Upon termination of this Agreement, the Indenture Trustee, the Backup Servicer, the Issuer and the Depositor shall return or destroy all nonpublic personal information, without retaining any copies of such documents and recordsDTCC.