Privacy and Security Clause Samples
The Privacy and Security clause establishes the obligations of parties to protect personal and confidential information from unauthorized access, use, or disclosure. It typically outlines the standards and procedures for handling sensitive data, such as requiring encryption, limiting access to authorized personnel, and complying with relevant privacy laws. This clause is essential for safeguarding data integrity and confidentiality, thereby reducing the risk of data breaches and ensuring compliance with legal and contractual privacy requirements.
POPULAR SAMPLE Copied 6 times
Privacy and Security. (a) Each of the Company and its Subsidiaries complies (and requires and monitors the compliance of applicable third parties) in all material respects with all applicable Laws relating to privacy or data security, and reputable industry practice, standards, self-governing rules and policies and their own published, posted and internal agreements and policies (which are in conformance with reputable industry practice) (all of the foregoing collectively, “Privacy Laws”) with respect to: (i) personally identifiable information (including name, address, telephone number, electronic mail address, social security number, bank account number or credit card number), sensitive personal information and any special categories of personal information regulated thereunder or covered thereby (“Personal Information”), whether any of same is accessed or used by the Company or any of its Subsidiaries or any of their respective business partners; and (ii) non-personally identifiable information, whether any of same is accessed or used by the Company or any of its Subsidiaries or any of their respective business partners.
(b) Neither the Company nor any of its Subsidiaries uses, collects, or receives any Personal Information or sensitive non-personally identifiable information and does not become aware of the identity or location of, or identify or locate, any particular Person as a result of any receipt of such Personal Information, in a manner which would materially breach or violate any Privacy Laws and materially and adversely impact the business of the Company and its Subsidiaries, taken as a whole.
(c) To the Company’s knowledge, Persons with which the Company or any of its Subsidiaries have contractual relationships have not breached any agreements or any Privacy Laws pertaining to Personal Information and to non-personally identifiable information.
(d) To the Company’s knowledge, the Company and its Subsidiaries take all commercially reasonable steps to protect the operation, confidentiality, integrity and security of their respective business systems and websites and all information and transactions stored or contained therein or transmitted thereby against any unauthorized or improper use, access, transmittal, interruption, modification or corruption, and there have been no material breaches of same. Without limiting the generality of the foregoing, each of the Company and its Subsidiaries (i) uses industry standard encryption technology and (ii) has implemented a c...
Privacy and Security. 9.1 County receives funding from the State Department of Health Care Services pursuant to an annual contracting arrangement (hereinafter “State Contract”). The State Contract contains certain requirements pertaining to the privacy and security of personally identifiable information (hereinafter “PII”) provided to County by the State Department of Health Care Services and/or protected health information (hereinafter “PHI”) provided to County by the State Department of Health Care Services, and requires that County contractually obligate any of its subcontractors to also comply with these requirements.
9.2 Contractor hereby agrees to be bound by, and comply with, any and all terms and conditions of the State Contract pertaining to the privacy and/or security of PII and/or PHI, a copy of which is available from Marin Behavioral Health & Recovery Services’ (BHRS) Administration upon request.
9.3 Additionally, in the event the State Contract requires County to notify the State of a breach of privacy and/or security of PII and/or PHI, Contractor shall, immediately upon discovery of a suspected or actual breach of privacy and/or security of PII and/or PHI by Contractor, notify the County of Marin, Health and Human Services Compliance Program of such breach by telephone and email or facsimile (contact details below). Contractor further agrees that it shall notify County of any such breaches prior to the time County is required to notify the State pursuant to the State Contract. Email: ▇▇▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇▇▇▇▇▇▇▇.▇▇▇
9.4 In the event the State Contract requires County to pay any costs associated with a breach of privacy and/or security of PII and/or PHI, including but not limited to the costs of notification, Contractor shall pay on County’s behalf any and all such costs arising out of a breach of privacy and/or security of PII and/or PHI by Contractor.
9.5 Contractor shall ensure that all staff and subcontractors complete a privacy and security training upon initial hire, and annually thereafter. Contractor shall provide evidence of these trainings when requested by County, CA Department of Health Care Services or the US Department of Health & Human Services.
9.6 Contractor shall ensure that all staff and subcontractors sign a confidentiality agreement upon initial hire, and annually thereafter. Contractor shall provide evidence of completed agreements when requested by County, CA Department of Health Care Services or the US Department of Health & Human Services.
Privacy and Security. Client privacy is extremely important to Formidium. Please read Formidium’s Privacy Policy here which explains how Formidium treats and protects personal data when the Client uses the Formidium Systems.
Privacy and Security. (a) The Service Provider shall not transmit or store any AHS data outside the borders of Canada, nor transmit any AHS data in Canada to any party not specifically contemplated in this Agreement, without AHS’s prior written consent to each such data transmittal, which consent may be arbitrarily and unreasonably withheld.
(b) If the Service Provider receives any request by a third party for any information related to, or gathered in respect of the Confidential Information, it shall immediately refer such request to AHS and shall reasonably cooperate with AHS’s response to such request.
(c) To the extent required by HIA and FOIPP, the Service Provider shall protect personal information and health information in its possession by taking reasonable administrative, technical and physical security precautions against such risks as unauthorized access, collection, use, disclosure alteration or disposal. Such precautions must be no less than those precautions undertaken by AHS. Any records created, obtained and maintained in the delivery of the Services that the Service Provider intends to destroy must be destroyed in accordance with HIA and/or FOIPP and AHS’s records management policies.
(d) The Service Provider shall notify AHS immediately upon discovery by the Service Provider that Confidential Information could be, or has been, released to an unauthorized third party, or of any breach of this Article 6 resulting from the conduct of the Service Provider and, if appropriate, take reasonable steps to remedy the breach. The Service Provider shall cooperate with AHS’s investigation of any such disclosure or breach and AHS’s efforts to recover the Confidential Information. Notwithstanding any notification by the Service Provider to AHS under this Section 6.2, all obligations of the Service Provider with respect to the Confidential Information shall survive and continue to bind the Service Provider. The Service Provider shall not intimidate, punish, terminate, penalize or otherwise harass any Staff if such Staff notifies AHS of any breach of this Agreement.
Privacy and Security. Acumatica has taken reasonable actions, including encryption of Subscriber Data during transmission and firewalls, to ensure that Subscriber Data is disclosed only to Authorized Parties. However, you acknowledge that the Internet is an open system and Acumatica cannot and does not warrant or guarantee that Subscriber Data will not be intercepted by third parties. Acumatica disclaims any liability for interception of any Subscriber Data or electronic communications. Notwithstanding the first sentence in this Section 5.1, Acumatica may disclose information you submitted to Acumatica if required by law or in the event that Acumatica, in good faith, believes disclosure is necessary to (i) comply with legal process, or
Privacy and Security. Acumatica has taken reasonable actions, including encryption of Subscriber Data during transmission and firewalls, to ensure that Subscriber Data is disclosed only to Authorized Parties. However, you acknowledge that the Internet is an open system and Acumatica cannot and does not warrant or guarantee that Subscriber Data will not be intercepted by third parties. Acumatica disclaims any liability for interception of any Subscriber Data or electronic communications. Notwithstanding the first sentence in this Section 5.1, Acumatica may disclose information you submitted to Acumatica if required by law or in the event that Acumatica, in good faith, believes disclosure is necessary to (i) comply with legal process, or (ii) protect the rights or property of Acumatica, its Affiliates, licensors or others. Acumatica does not sell or rent Personal Data to third parties for their marketing purposes without your explicit consent and Acumatica only uses your information as described in the Privacy Statement. For more information on Acumatica’s Privacy Statement, see the Privacy Statement posted on ▇▇▇.▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇▇▇▇▇▇. If you object to your information being used in the manner set forth in the Privacy Statement, you should discontinue use of the Service.
Privacy and Security. (a) Except as set forth on Schedule 4.24, the Company and its Subsidiaries are, and since January 1, 2021, have been, in material compliance with all applicable Data Privacy and Security Requirements. Except as set forth on Schedule 4.24, since January 1, 2021, neither the Company nor any of its Subsidiaries has received any formal written notification from any person that alleges a violation of any Data Privacy and Security Requirements. Except as set forth on Schedule 4.24, since January 1, 2021, to the knowledge of the Company, there have been no material breaches or unauthorized uses of or accesses to or other adverse events or incidents related to any Personal Information Processed by or on behalf of the Company or any of its Subsidiaries. The Company and its Subsidiaries have conducted commercially reasonable data security testing or audits.
(b) Except as set forth on Schedule 4.24, the Company and its Subsidiaries have (i) implemented and, since January 1, 2021, maintained commercially reasonable security procedures and practices, including technical and organizational safeguards, designed to protect the IT Assets (including the confidentiality, integrity and accessibly of the IT Assets) and all Personal Information and other confidential data in their possession or under their control against loss, theft, misuse or unauthorized access, use, modification, alteration, destruction or disclosure, and (ii) taken commercially reasonable steps to ensure that any third party with access to any Personal Information collected by or on behalf of the Company or any of its Subsidiaries has implemented and maintains the same.
(c) Except as would not reasonably be expected to be material, individually or in the aggregate, to the operation of the business of the Company and its Subsidiaries, taken as a whole, following the Closing, (i) neither the Company nor any of its Subsidiaries is subject to any contractual requirement or other legal obligation that, following the Closing, would prohibit the Company or such Subsidiary from Processing any Personal Information in the manner in which the Company or such Subsidiary Processed such Personal Information prior to the Closing and (ii) the transfer of Personal Information in connection with the transactions contemplated by this Agreement will not violate any Data Privacy and Security Requirements as they currently exist or as they existed at any time during which any of the Personal Information was collected or obtaine...
Privacy and Security. (i) The Company Group complies with all applicable U.S., state, foreign and multinational Laws (including, as applicable, Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 (General Data Protection Regulation), the Computer Fraud and Abuse Act (and all state and foreign Laws similar thereto), the Children’s Online Privacy Protection Act and California Civil Code section 1798.81.5, the Personal Information Protection and Electronic Documents Act (Canada), and the Personal Information Protection Act (Alberta)) relating to privacy or data security, customary industry practice, standards, self-governing rules and policies and their own published policies (all of the foregoing collectively, “Privacy Laws”) in all material respects with respect to: (i) personally identifiable information (including name, address, telephone number, electronic mail address, social security number, bank account number or credit card number), sensitive personal information and any special categories of personal information regulated under Privacy Laws (“Personal Information”); (ii) non-personally identifiable information; (iii) spyware and adware; (iv) the procurement or placement of advertising; (v) the sending of electronic mail messages; and (vi) privacy generally.
(ii) Without limiting the generality of the foregoing, each member of the Company Group, and to the knowledge of the Company, any processors acting on its behalf, have implemented a comprehensive security plan that (i) identifies internal and external risks to the security of the Company’s or its Subsidiaries’ confidential information and Personal Information and (ii) implements, monitors and improves appropriate technical, physical, and organizational measures and security systems and technologies designed to ensure the integrity and security of Personal Information and all Company Group data and to prevent any destruction, loss, alteration, corruption, misuse, or unauthorized disclosure thereof or unauthorized access thereto.
(iii) No member of the Company Group has or is currently under audit or investigation by any Governmental Body with respect to any alleged violation of Privacy Laws, and, to the knowledge of the Company, no specific facts or circumstances exist that may give rise to such audit or investigation. The Company Group has not experienced any incident, including any breach of security, in which Personal Information was or may have been stolen, lost, unavailable, destroyed,...
Privacy and Security. MX may in its sole discretion terminate the Agreement at any time if MX determines in its sole discretion that Participant’s actions and/or continued participation in MX would, or is reasonably likely to, endanger the privacy or security of Patient Data or otherwise result in a breach of the Agreement that is reasonably likely to harm MX or an NP Participant. MX shall deliver notice of this termination to Participant at least twenty-four (24) hours prior to terminating Participant’s access to the System, unless MX determines in its sole discretion that Participant’s access must be terminated immediately in order to protect the privacy or security of the Patient Data, in which case MX may terminate access immediately without notice.
Privacy and Security. Microsoft and Customer will each comply with all applicable privacy and data protection laws and regulations (including applicable security breach notification law). However, Microsoft is not responsible for compliance with any laws applicable to Customer or Customer’s industry that are not also generally applicable to information technology services providers. Customer consents to the processing of personal information by Microsoft and its agents to facilitate the subject matter of this agreement. Customer may choose to provide personal information to Microsoft on behalf of third parties (including Customer’s contacts, resellers, distributors, administrators, and employees) as part of this agreement. Customer will obtain all required consents from third parties under applicable privacy and data protection law before providing personal information to Microsoft. The personal information Customer provides in connection with this agreement will be processed according to the privacy statement available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇.▇▇▇/licensing/servicecenter (see footer), except that Product-specific privacy statements are in the Product use rights. Personal data collected through Products may be transferred, stored and processed in the United States or any other country in which Microsoft or its service providers maintain facilities. By using the Products, Customer consents to the foregoing. Microsoft abides by the EU Safe Harbor and the Swiss Safe Harbor frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland. For Online Services, additional privacy and security details are in the Product use rights.