Payment Card Industry Standards. [Note: If using this Option, confirm that the services provided by Contractor do not violate or conflict with existing UT System or State of Texas contracts or agreements.] University is required to validate compliance on a periodic basis with applicable Payment Card Industry Data Security Standards (PCI DSS), including Payment Application Data Security Standards (PA DSS), promulgated by the Payment Card Industry Security Standards Council (PCI SSC). The compliance validation process requires University to undergo an assessment of (1) system components used to process, store or transmit cardholder data, and any other components that reside on the same network segment as those system components, as well as (2) related processes used to process, store or transmit cardholder data, (System Components in Scope). Some or all System Components in Scope have been outsourced to Contractor under this Agreement. Contractor will cause its agents and subcontractors to comply with all terms of this Section applicable to Contractor. Contractor will achieve and maintain compliance under the current versions of PCI DSS and PA DSS published on the PCI SSC website for service providers and payment applications. Contractor will provide to University (1) on or before the date this Agreement is signed by University, and (2) within ten (10) days after each anniversary of the date this Agreement is signed by University, a copy of Contractor’s annual attestation of compliance signed by a Qualified Security Assessor (QSA) as described on the PCI SSC website. If Contractor is unable to provide the required attestations of compliance, Contractor will permit University or University’s QSA to assess all System Components in Scope that are hosted or managed by Contractor or by Contractor’s agents or subcontractors. Contractor will create and maintain reasonably detailed, complete and accurate documentation describing the systems, processes, network segments, security controls, and dataflow used to receive, transmit, store and secure cardholder data. The documentation will conform to the most current version of PCI DSS. Contractor will, upon written request by University, make the documentation and the individuals responsible for implementing, maintaining and monitoring System Components in Scope available to (1) QSAs, forensic investigators, consultants and attorneys retained by University to facilitate the validation of University’s PCI DSS compliance, and (2) University’s information ...
Payment Card Industry Standards. [Note: If using this Option, contact OGC to confirm that the services provided by Contractor do not violate or conflict with existing UT System or State of Texas contracts or agreements.] University is required to validate compliance on a periodic basis with all applicable Payment Card Industry Data Security Standards (collectively, “PCI DSS”), including Payment Application Data Security Standards (collectively, “PA DSS”), promulgated by the Payment Card Industry Security Standards Council (“PCI SSC”). The compliance validation process requires University to undergo an assessment of (1) all system components used to process, store or transmit cardholder data, and any other components that reside on the same network segment as those system components, as well as (2) all related processes used to process, store or transmit cardholder data, (collectively, “System Components in Scope”). Some or all System Components in Scope have been outsourced to Contractor under this Agreement. Contractor will cause its agents and subcontractors to comply with all terms of this Section applicable to Contractor. Contractor will achieve and maintain compliance under the current versions of PCI DSS and PA DSS published on the PCI SSC website for service providers and payment applications. As evidence of compliance, Contractor will provide to University on or before the Effective Date and within ten (10) days after each anniversary of the Effective Date during the Term of this Agreement, a copy of Contractor’s annual attestation of compliance signed by a Qualified Security Assessor (“QSA”) as more particularly described on the PCI SSC website. If Contractor is unable to provide the required attestations of compliance, Contractor will permit University or University’s QSA to assess all System Components in Scope that are hosted or managed by Contractor or by Contractor’s agents or subcontractors. Contractor will create and maintain reasonably detailed, complete and accurate documentation describing the systems, processes, network segments, security controls, and dataflow used to receive, transmit, store and secure cardholder data. The documentation will conform to the most current version of PCI DSS. Contractor will, upon written request by University, make the documentation and the individuals responsible for implementing, maintaining and monitoring System Components in Scope available to (1) QSAs, forensic investigators, consultants and attorneys retained by University to faci...
Payment Card Industry Standards. [Note: If using this Option, confirm that the services provided by Contractor do not violate or conflict with existing UT System or State of Texas contracts or agreements.]
Payment Card Industry Standards. For purposes of this Section, PCI System Components means technology system and components used to process, store, or transmit payment card-related data, and any other components that reside on the same network segment as those system components, as well as (2) related processes used to process, store or transmit payment card data. Licensee will cause its agents and subcontractors to comply with all terms of this Section. Licensee will achieve and maintain compliance under the current versions of Payment Card Industry Data Security Standards and Payment Application Data Security Standards published on the Payment Card Industry Security Standards Council (PCI SSC) website for service providers and payment applications. Licensee will provide to University (1) on or immediately after this Agreement is signed by University, and (2) within ten (10) days after each anniversary of the date this Agreement is signed by University, a copy of Licensee’s annual attestation of compliance signed by a Qualified Security Assessor (QSA) as described on the PCI SSC website.
Payment Card Industry Standards. This Section 24 (Payment Card Industry Standards) governs required payment card security standards and procedures under this Contract.
Payment Card Industry Standards. Without limiting the foregoing or the provisions of Security Requirements, Supplier agrees to adhere to the Payment Card Industry (“PCI”) Data Security Standards, as they may be amended from time to time, for cardholder data, if any, in Supplier’s possession obtained as a result of Supplier’s performance of Services under this Agreement. Such PCI Data Security Standards can be found at xxx.xxxxxxxxxxxxxxxxxxxx.xxx. Supplier acknowledges and agrees that cardholder data may be used only in connection with the performance of its obligations under this Agreement. Supplier shall be solely responsible for and agrees to indemnify Xxx Automotive in accordance with the terms of this Agreement for any failures to comply with the PCI Data Security Standards or for any loss, theft or unauthorized use, access to or disclosure of any credit card, debit card, checking account, savings account or other financial information in Supplier’s possession or control.
Payment Card Industry Standards. Xxxxxxx.xxx complies with the Payment Card Industry Security Standard ("PCI Standard") in connection with its collection and processing of our customer's data and billing information. However, Customer is solely responsible for the security of any data and billing information Customer collects from Customer’s site from its clients and users. Xxxxxxx.xxx will not monitor Customer or client sites for compliance and therefore is not able to verify whether Customer’s site complies with the PCI Standards.
