Common use of Notice of Breach and Unauthorized Release Clause in Contracts

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District and provide as much information as possible directly to Hinsdale Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School District, Vendor will promptly inform Hinsdale Central School District of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District CRCS in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CRCS as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District CRCS for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District CRCS and provide as much information as possible directly to Hinsdale Central School District CRCS about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CRCS affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District CRCS harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictCRCS, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CRCS or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCRCS, Vendor will promptly inform Hinsdale Central School District CRCS of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District Fillmore CSD in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District Fillmore CSD as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District Fillmore CSD for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District Fillmore CSD and provide as much information as possible directly to Hinsdale Central School District Fillmore CSD about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within Fillmore CSD affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District Fillmore CSD harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictFillmore CSD, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District Fillmore CSD or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictFillmore CSD, Vendor will promptly inform Hinsdale Central School District Fillmore CSD of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within BELFAST CENTRAL SCHOOL DISTRICT affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a Vendor’s breach of this Agreement and unauthorized release of student dataProtected Data that Vendor’s becomes aware of, the Vendor shall: 1. Immediately notify Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT about the incident, including but not limited toincident as follows: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within BELFAST CENTRAL SCHOOL DISTRICT affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The c. Subject to the provisions of Section 4 (d) below, the Vendor shall indemnify and hold Hinsdale Central School District harmless defend BELFAST CENTRAL SCHOOL DISTRICT from any third party claims arising from its breach within the this Data Sharing and Confidentiality Agreement. d. The maximum aggregate liability of each party (including its parent entities, subsidiaries, affiliates, and each of their respective directors, officers, shareholders, employees, and assigns) to the other party, or any other person or entity, for all losses, fees, expenses, costs, damages, obligations, penalties, fines, liabilities, or claims under this Agreement confidentiality (all together, “Liability Claim(s)”) made, in any contract year, is the Annual Subscripton Fee paid by BELFAST CENTRAL SCHOOL DISTRICT which shall be counted against the annual cap of Contract year in which the Liability Claim is made (not when the liability causing event occurs or is alleged to occur). A Contract year is the 12 calendar month period starting on the effective date of this Agreement, and data security then each 12 calendar month period thereafter. Annual liability caps are not cumulative; at the end of a Contract year, that Contract year’s unused liability cap space shall be lost, and privacy standards provisionnot carried forward. In no event shall either party be liable to anyone for any indirect, punitive, special, exemplary, incidental or consequential damages (including loss of data, revenue profits, use or other economic advantage) arising out of or in any way connected to a violation by either party of its obligations in this Agreement, even if the party from which damages are being sought or such party has been previously advised of the possibility of such damages. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District or if otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District CRCS in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CRCS as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shallVendorshall: 1. Promptly reimburse Hinsdale Central School District CRCS for the full costs of such notificationnotification if the breach is a result of Vendor’s failure. c. Vendor will cooperate with Hinsdale Central School District CRCS and provide as much information as possible directly to Hinsdale Central School District CRCS about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CRCS affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District CRCS harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictCRCS, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CRCS or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCRCS, Vendor will promptly inform Hinsdale Central School District CRCS of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Xxxxxxx-Xxxxxxxx Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Xxxxxxx-Xxxxxxxx Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Xxxxxxx-Xxxxxxxx Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Xxxxxxx-Xxxxxxxx Central School District and provide as much information as possible directly to Hinsdale Xxxxxxx-Xxxxxxxx Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within Xxxxxxx-Xxxxxxxx Central School District affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Xxxxxxx-Xxxxxxxx Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Xxxxxxx-Xxxxxxxx Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Xxxxxxx-Xxxxxxxx Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Xxxxxxx-Xxxxxxxx Central School District, Vendor will promptly inform Hinsdale Xxxxxxx-Xxxxxxxx Central School District of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Newsela shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Newsela has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Newsela has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Newsela shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Newsela will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Newsela discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Newsela has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Newsela representatives who can assist affected individuals that may have additional questions. d. The Vendor Newsela shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Newsela acknowledges that upon initial notification from VendorNewsela, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Newsela contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Newsela agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Newsela directly or requests more information from Vendor Newsela regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Newsela will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a Vendor’s breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of legally required notification to a parent or eligible student, due to Vendors’ breach of this Agreement, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within BELFAST CENTRAL SCHOOL DISTRICT affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT harmless from any third party claims arising from its Vendor’s breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, Protected Data and/or Educational Records the Vendor Vendor/Contractor shall: 1. i. Immediately notify Hinsdale Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized unauthorized release, shall notify the District in the most expedient way possible and without unreasonable delay of the breach and unauthorized release of Protected Data/Educational Records. 2ii. Notice shall be made to the District’s designated Data Protection Officer, currently: Xxxxx X. Xxxxxxxx-Xxxxxx, Assistant Superintendent/Data Protection Officer Office of Shared Accountability iii. Advise Hinsdale Central School the District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible studentstudent as a result of a breach, the Vendor shall: 1. Promptly shall promptly reimburse Hinsdale Central School the District for the full costs of such notification. c. Vendor Vendor/Contractor will cooperate with Hinsdale Central School the District and provide as much information as possible directly to Hinsdale Central School the District about the incident, including but not limited to: 1. i. The description of the incident; 2ii. The date of the incident; 3iii. The date Vendor Vendor/Contractor discovered or was informed of the incident; 4iv. A description of the types of Protected Data involved; 5. v. An estimate of the number of records affected; 6vi. The school schools within the District that are affected; 7vii. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8viii. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor Vendor/Contractor shall indemnify and hold Hinsdale Central School the District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provisionunauthorized release of Protected Data/Educational Records. e. Vendor Vendor/Contractor acknowledges that upon initial notification from Vendor, Hinsdale Central School the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School the District requests that it do so or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School the District, Vendor will promptly inform Hinsdale Central School the District of the same. f. Vendor/Contractor acknowledges and understands that they may be subject to certain penalties, including, but not limited to, a monetary fine, mandatory training regarding Federal and New York State law governing confidentiality of Protected Data or Educational Records, from an education agency for a fixed period up to five (5) years.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Socrative shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Socrative has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Socrative has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Socrative shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Socrative will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Socrative discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Socrative has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Socrative representatives who can assist affected individuals that may have additional questions. d. The Vendor Socrative shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Socrative acknowledges that upon initial notification from VendorSocrative, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Socrative contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Socrative agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Socrative directly or requests more information from Vendor Socrative regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Socrative will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District Fillmore CSD in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District Fillmore CSD as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District Fillmore CSD for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District Fillmore CSD and provide as much information as possible directly to Hinsdale Central School District Fillmore CSD about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within Fillmore CSD affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision.N/A e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictFillmore CSD, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District Fillmore CSD or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictFillmore CSD, Vendor will promptly inform Hinsdale Central School District Fillmore CSD of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Pivot Interactives SBC shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Pivot Interactives SBC has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Pivot Interactives SBC has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Pivot Interactives SBC shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Pivot Interactives SBC will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Pivot Interactives SBC discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Pivot Interactives SBC has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Pivot Interactives SBC representatives who can assist affected individuals that may have additional questions. d. The Vendor Pivot Interactives SBC shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Pivot Interactives SBC acknowledges that upon initial notification from VendorPivot Interactives SBC, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Pivot Interactives SBC contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Pivot Interactives SBC agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Pivot Interactives SBC directly or requests more information from Vendor Pivot Interactives SBC regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Pivot Interactives SBC will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately Upon confirmation of a breach, expeditiously notify Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT for the full out of pocket costs of such notification. c. Vendor will cooperate with Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within GENESEE VALLEY CENTRAL SCHOOL DISTRICT affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictGENESEE VALLEY CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictGENESEE VALLEY CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District GENESEE VALLEY CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District CRCS in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CRCS as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District CRCS for the full costs of such notification, only to the extent such actions are not already performed by the Vendor as part of its security breach response process. c. Vendor will cooperate with Hinsdale Central School District CRCS and provide as much information as possible directly to Hinsdale Central School District CRCS about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CRCS affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictCRCS, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CRCS or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCRCS, Vendor will promptly inform Hinsdale Central School District CRCS of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central The Enlarged City School District of Middletown in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central The Enlarged City School District of Middletown as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central The Enlarged City School District of Middletown for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central The Enlarged City School District of Middletown and provide as much information as possible directly to Hinsdale Central The Enlarged City School District of Middletown about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within The Enlarged City School District of Middletown affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. ci. The Vendor shall indemnify and hold Hinsdale Central The Enlarged City School District of Middletown harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. cii. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central The Enlarged City School DistrictDistrict of Middletown, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central The Enlarged City School District of Middletown or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central The Enlarged City School DistrictDistrict of Middletown, Vendor will promptly inform Hinsdale Central The Enlarged City School District of Middletown of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Xxxxxxx-Xxxxxxxx Central School District in the most expedient way possible and without unreasonable delay, ,but no more than seven (7) calendar days calendardays after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Xxxxxxx-Xxxxxxxx Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Xxxxxxx-Xxxxxxxx Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Xxxxxxx-Xxxxxxxx Central School District and provide as much information as possible directly to Hinsdale Xxxxxxx-Xxxxxxxx Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within Xxxxxxx-Xxxxxxxx Central School District affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Xxxxxxx-Xxxxxxxx Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Xxxxxxx-Xxxxxxxx Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Xxxxxxx-Xxxxxxxx Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Xxxxxxx-Xxxxxxxx Central School District, Vendor will promptly inform Hinsdale Xxxxxxx-Xxxxxxxx Central School District of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Peardeck shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Peardeck has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Peardeck has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Peardeck shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Peardeck will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Peardeck discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Peardeck has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Peardeck representatives who can assist affected individuals that may have additional questions. d. The Vendor Peardeck shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Peardeck acknowledges that upon initial notification from VendorPeardeck, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Peardeck contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Peardeck agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Peardeck directly or requests more information from Vendor Peardeck regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Peardeck will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District Xxxxxx XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictXXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictXXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District XXXXXXX XXXXXXXX CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Kodable shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Kodable has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Kodable has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Kodable shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Kodable will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Kodable discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Kodable has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Kodable representatives who can assist affected individuals that may have additional questions. d. The Vendor Kodable shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Kodable acknowledges that upon initial notification from VendorKodable, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Kodable contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Kodable agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Kodable directly or requests more information from Vendor Kodable regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Kodable will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and that results in an unauthorized release of student data, the Vendor shall: 1. Immediately notify Notify Hinsdale Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise To the extent available, advise Hinsdale Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District and provide as much information as possible directly to Hinsdale Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within of the Data Sharing and Confidentiality Agreement confidentiality and confidentiality, data security and privacy standards provisionand provisions contained herein. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School District, Vendor will promptly inform Hinsdale Central School District of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor American Reading Company shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor American Reading Company has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor American Reading Company has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor American Reading Company shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor American Reading Company will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor American Reading Company discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor American Reading Company has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor American Reading Company representatives who can assist affected individuals that may have additional questions. d. The Vendor American Reading Company shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor American Reading Company acknowledges that upon initial notification from VendorAmerican Reading Company, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor American Reading Company contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor American Reading Company agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor American Reading Company directly or requests more information from Vendor American Reading Company regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor American Reading Company will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Xxxxxxx-Xxxxxxxx Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Xxxxxx Xxxxxxx-Xxxxxxxx Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Xxxxxxx-Xxxxxxxx Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Xxxxxxx-Xxxxxxxx Central School District and provide as much information as possible directly to Hinsdale Xxxxxxx-Xxxxxxxx Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within Xxxxxxx-Xxxxxxxx Central School District affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Xxxxxxx-Xxxxxxxx Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Xxxxxxx-Xxxxxxxx Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Xxxxxxx-Xxxxxxxx Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Xxxxxxx-Xxxxxxxx Central School District, Vendor will promptly inform Hinsdale Xxxxxxx-Xxxxxxxx Central School District of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Agriculture Experience Tracker shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Agriculture Experience Tracker has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Agriculture Experience Tracker has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Agriculture Experience Tracker shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Agriculture Experience Tracker will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Agriculture Experience Tracker discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Agriculture Experience Tracker has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Agriculture Experience Tracker representatives who can assist affected individuals that may have additional questions. d. The Vendor Agriculture Experience Tracker shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Agriculture Experience Tracker acknowledges that upon initial notification from VendorAgriculture Experience Tracker, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Agriculture Experience Tracker contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Agriculture Experience Tracker agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Agriculture Experience Tracker directly or requests more information from Vendor Agriculture Experience Tracker regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Agriculture Experience Tracker will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Gimkit shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor Gimkit has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Gimkit has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Gimkit shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Gimkit will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Gimkit discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Gimkit has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Gimkit representatives who can assist affected individuals that may have additional questions. d. The Vendor Gimkit shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Gimkit acknowledges that upon initial notification from VendorGimkit, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Gimkit contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Gimkit agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Gimkit directly or requests more information from Vendor Gimkit regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Gimkit will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor Edpuzzle shall: 1. Immediately notify Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no butno more than seven (7) calendar days after Vendor daysafter Edpuzzle has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Vendor Edpuzzle has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor Edpuzzle shall: 1. Promptly reimburse Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Vendor Edpuzzle will cooperate with Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor Edpuzzle discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What the Vendor Edpuzzle has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor Edpuzzle representatives who can assist affected individuals that may have additional questions. d. The Vendor Edpuzzle shall indemnify and hold Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor Edpuzzle acknowledges that upon initial notification from VendorEdpuzzle, Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Vendor Edpuzzle contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor Edpuzzle agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Vendor Edpuzzle directly or requests more information from Vendor Edpuzzle regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictCATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, Vendor Edpuzzle will promptly inform Hinsdale Central School District CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. : • Immediately notify Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. • Advise Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT as to the nature of the breach and steps Vendor has taken to minimize said breach. b. . • In the case of required notification to a parent or eligible student, the Vendor shall: 1. : • Promptly reimburse Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT for the full costs of such notification. c. . • Vendor will cooperate with Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT and provide as much information as possible directly to Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT about the incident, including but not limited to: 1. : • The description of the incident; 2. ; • The date of the incident; 3. ; • The date Vendor discovered or was informed of the incident; 4. ; • A description of the types of Protected Data involved; 5. ; • An estimate of the number of records affected; 6. ; • The school schools within BELFAST CENTRAL SCHOOL DISTRICT affected; 7. ; • What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. and • The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. . • The Vendor shall indemnify and hold Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. . • Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School DistrictBELFAST CENTRAL SCHOOL DISTRICT, Vendor will promptly inform Hinsdale Central School District BELFAST CENTRAL SCHOOL DISTRICT of the same.

Notice of Breach and Unauthorized Release. a. In the event of a breach of this Agreement and an unauthorized release of student dataStudent Data, the Vendor shall: 1. Immediately notify Hinsdale Central Notify School District in the most expedient way possible and without unreasonable delaywithin a reasonable time, but no more than seven (7) calendar days days, after Vendor has discovered or been informed of the breach or authorized unauthorized release. 2. Advise Hinsdale Central School District as to the nature of the breach unauthorized release and steps Vendor has taken to minimize said breachunauthorized release. b. In the case of required notification to a parent or eligible studentstudent of an unauthorized release of Student Data, the Vendor shall: 1. Promptly shall reimburse Hinsdale Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District and provide as much certain information as possible directly to Hinsdale Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Student Data involved; 5. An estimate of the number of records affected; 6. The school affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Student Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School District, Vendor will promptly inform Hinsdale Central School District of the same.