Personal Data Processing and Privacy Protection Clause Samples

Personal Data Processing and Privacy Protection. (a) Notwithstanding Section 7.11 hereof, following the date of Closing, the Group Companies shall and the Key Founder shall procure the Group Companies to obtain and procure their Service Providers to obtain all rights, licenses, permissions, and consents from data subjects (including patients and hospitals) required by all applicable Laws to Process Personal Data and other sensitive data to continue the business of any Group Company as presently conducted and as presently proposed to be conducted. The Group Companies shall and the Key Founder shall procure the Group Companies to ensure that following the date of Closing, all of the Group Companies will be entitled to continue Processing Personal Data and other sensitive data that have been in their possession or under their control prior to the date of Closing, in compliance with all applicable Laws. (b) The Group Companies shall, and the Key Founder shall procure the Group Companies to, (i) protect the privacy of the patients and protect Personal Data and other sensitive data from loss, theft, unauthorized access, misappropriation, modification, disclosure or other misuse, and (ii) comply with all applicable Laws and contractual obligations in all material aspects related to Personal Data protection, information security, network security and protection of the privacy of the patients. Any use of the Personal Data and other sensitive data by the Group Companies and their Service Providers shall be in compliance with all applicable Laws and contracts, to which any of such Group Companies is a party, in all material aspects. (c) The Group Companies shall (i) maintain a rigorous information security and privacy program that establishes reasonable and appropriate measures to protect the privacy, confidentiality, integrity and security of all Personal Data and other sensitive data against any Security Breach, (ii) maintain a well-documented information security and privacy policy that fully and accurately describes how the Group Companies Process Personal Data and other sensitive data, and (iii) use reasonable efforts to inform all employees, agents, contractors and consultants who Process Personal Data or other sensitive data for and on behalf of any the of Group Companies of the privacy and information security policies regarding the Processing of Personal Data and other sensitive data, and ensure their compliance in all material aspects with such policies. (d) If any of the Group Companies commissions a thi...