Safeguards To the extent the Asset Representations Reviewer receives Personally Identifiable Information in the performance of services under this Agreement, the Asset Representations Reviewer represents and warrants that it has, and will continue to have adequate administrative, technical, and physical safeguards: (i) to ensure the security and confidentiality of Personally Identifiable Information; (ii) to protect against any anticipated threats or hazards to the security or integrity of Personally Identifiable Information; and (iii) to protect against unauthorized acquisition of, access to or use of Personally Identifiable Information which could result in a “breach” as that term is defined under applicable Privacy Laws.
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Data Protection The Administrator shall implement and maintain a comprehensive written information security program that contains appropriate security measures to safeguard the personal information of the Trust’s shareholders, employees, directors and/or officers that the Administrator receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver’s license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and members of its Group may presently have and, following the Effective Time, may gain access to or possession of confidential or proprietary information of, or personal information relating to, Third Parties (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or members of such Party’s Group, on the other hand, prior to the Effective Time; or (ii) that, as between the two Parties, was originally collected by the other Party or members of such Party’s Group and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause the members of its Group and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary information of, or personal information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or members of the other Party’s Group, on the one hand, and such Third Parties, on the other hand.
Environment, Health, and Safety (i) The Seller, and its predecessors and Affiliates has complied with all Environmental, Health, and Safety Laws, and no action, suit, proceeding, hearing, investigation, charge, complaint, claim, demand, or notice has been filed or commenced against any of them alleging any failure so to comply. Without limiting the generality of the preceding sentence, each of the Seller, and its predecessors and Affiliates has obtained and been in compliance with all of the terms and conditions of all permits, licenses, and other authorizations which are required under, and has complied with all other limitations, restrictions, conditions, standards, prohibitions, requirements, obligations, schedules, and timetables which are contained in, all Environmental, Health, and Safety Laws.
Privacy and Data Protection The Company and its subsidiaries have operated their business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company and its subsidiaries have been and are in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business; the Company and its subsidiaries have been and are in compliance in all material respects with internal policies and procedures designed to ensure compliance with the Health Care Laws that govern privacy and data security and take, and have taken reasonably appropriate steps designed to assure compliance in all material respects with such policies and procedures. The Company and its subsidiaries have taken reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company and its subsidiaries (the “Company IT Assets”) are adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company and its subsidiaries as now operated and as currently proposed to be conducted as described in the Registration Statement, the General Disclosure Package and the Prospectus. The Company and its subsidiaries have used reasonable efforts to establish, and have established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company and its subsidiaries. The Company and its subsidiaries have not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents would not, individually or in the aggregate, be material to the Company or any of its subsidiaries; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party. The Company and its subsidiaries have not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.
Whistleblower Protections and Trade Secrets Notwithstanding anything to the contrary contained herein, nothing in this Agreement prohibits Executive from reporting possible violations of federal law or regulation to any United States governmental agency or entity in accordance with the provisions of and rules promulgated under Section 21F of the Securities Exchange Act of 1934 or Section 806 of the Xxxxxxxx-Xxxxx Act of 2002, or any other whistleblower protection provisions of state or federal law or regulation (including the right to receive an award for information provided to any such government agencies). Furthermore, in accordance with 18 U.S.C. § 1833, notwithstanding anything to the contrary in this Agreement: (i) Executive shall not be in breach of this Agreement, and shall not be held criminally or civilly liable under any federal or state trade secret law (x) for the disclosure of a trade secret that is made in confidence to a federal, state, or local government official or to an attorney solely for the purpose of reporting or investigating a suspected violation of law, or (y) for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal; and (ii) if Executive files a lawsuit for retaliation by the Company for reporting a suspected violation of law, Executive may disclose the trade secret to Executive’s attorney, and may use the trade secret information in the court proceeding, if Executive files any document containing the trade secret under seal, and does not disclose the trade secret, except pursuant to court order.
Confidentiality/Protection of Customer Information The Company shall keep confidential and shall not divulge to any party, without the Purchaser's prior written consent, the price paid by the Purchaser for the Mortgage Loans, except to the extent that it is reasonable and necessary for the Company to do so in working with legal counsel, auditors, taxing authorities or other governmental agencies. Each party agrees that it shall comply with all applicable laws and regulations regarding the privacy or security of Customer Information and shall maintain appropriate administrative, technical and physical safeguards to protect the security, confidentiality and integrity of Customer Information, including maintaining security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, 66 Fed. Reg. 8616 (the "Interagency Guidelines"). For purposes of this Section, the term "Customer Information" shall have the meaning assigned to it in the Interagency Guidelines.
Whistleblower Protection Notwithstanding anything to the contrary contained herein, no provision of this Agreement shall be interpreted so as to impede the Employee (or any other individual) from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures under the whistleblower provisions of federal law or regulation. The Employee does not need the prior authorization of the Company to make any such reports or disclosures and the Employee shall not be not required to notify the Company that such reports or disclosures have been made.
Security and Safeguarding Information (a) Confidential Information that contains Non-Public Personal Information about customers is subject to the protections created by the Xxxxx-Xxxxx-Xxxxxx Act of 1999 (the “Act”) and under the standards for safeguarding Confidential Information, 16 CFR Part 314 (2002) adopted by Federal Trade Commission (“FTC”) (the “Safeguards Rule”). Additionally, state specific laws may regulate how certain confidential or personal information is safeguarded. The parties agree with respect to the Non-Public Personal Information to take all appropriate measures in accordance with the Act, and any state specific laws, as are necessary to protect the security of the Non-Public Personal Information and to specifically assure there is no disclosure of the Non-Public Personal Information other than as authorized under the Act, and any state specific laws, and this Agreement. With respect to Confidential Information, including Non-Public Personal Information and Personally Identifiable Financial Information as applicable, each of the parties agrees that:
