Privacy; Data Security Clause Samples
POPULAR SAMPLE Copied 4 times
Privacy; Data Security. (a) No Seller has collected Personal Information, including data collected from an IP address, web beacon, pixel tag, ad tag, cookie, JavaScript, local storage, Software, or by any other means, or from a particular computer, Web browser, mobile telephone, or other device or application, where such data is or may be used to identify or contact an individual, device, or application (including, without limitation, by means of an advertisement or content), or to predict or infer the preferences, interests, or other characteristics of the device or of a user of such device or application or is otherwise used to target advertisements or other content to a device or application or to a user of such device or application (“Non-Personal Information”). Sellers do not, and the Acquired Assets purchased do not provide for collection or utilization of, Personal Information or Non-Personal Information, nor perform in any manner when utilized by users as intended, any function that would collect Personal Information or Non-Personal Information from users of its apps. Each Seller has complied in all material respects with all Laws (which for such purposes shall include the policy of third parties) relating to: (i) the privacy of users of (including Internet or mobile users who view or interact with) the websites of Sellers, and (ii) the collection, use, storage, retention, disclosure, and disposal of any Personal Information or Non-Personal Information collected by Sellers, or by Third Parties acting on Sellers’ behalf or having authorized access to Sellers’ records. The privacy practices of Sellers concerning the collection, use, retention, disclosure, and disposal, of Personal Information or Non-Personal Information conform, and at all times have materially conformed, to all of the contractual commitments of Sellers including to viewers of the websites of Sellers and users of (including Internet users who view or interact with) the contractual commitments of Sellers through which Sellers services or products are offered. Seller’s offerings conform, and at all times have materially conformed to applicable Law and, to the extent subject thereto, to the Network Advertising Initiative’s Self-Regulatory Code of Conduct (2008), the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising, and the Federal Trade Commission’s Principles for the Self Regulation of Online Behavioral Advertising (2010). Except as required to process a transaction ...
Privacy; Data Security. Since March 31, 2017, except as would not, individually or in the aggregate, have a Company Material Adverse Effect, (i) the Company and its Subsidiaries are in compliance with (A) all applicable Privacy Laws, (B) all of the Company’s policies regarding Personal Information (“Privacy Policies”), and (C) all of the Company’s contractual obligations with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security (technical, physical and administrative), disposal, destruction, disclosure, or transfer (including cross-border) of Personal Information; (ii) no Privacy Policies of the Company and its Subsidiaries have contained any material omissions or been misleading or deceptive; (iii) the Company and its Subsidiaries have implemented and at all times maintained reasonable safeguards, consistent with practices in the industry in which the Company and its Subsidiaries operate, to protect Personal Information and other confidential data in their possession or under their control against loss, theft, misuse or unauthorized access, use, modification or disclosure; (iv) the Company and its Subsidiaries have taken commercially reasonable steps to ensure that any third party to whom the Company and its Subsidiaries have granted access to Personal Information collected by or on behalf of the Company and its Subsidiaries has implemented and maintained the same; (v) there have been no breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any of the Company and its Subsidiaries; (vi) the Company and its Subsidiaries have not provided or been legally required to provide any notices to any Person in connection with any such breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any the Company and its Subsidiaries; and (vii) neither the Company nor any of its Subsidiaries has received any written notice of any claims (including written notice from third parties acting on its behalf), of or been charged with, the violation of, any Privacy Laws, applicable privacy policies, or contractual commitments with respect to Personal Information.
Privacy; Data Security. Except as would not reasonably be expected, individually or in the aggregate, to be material to Washington and its Subsidiaries, taken as a whole:
(a) the data, privacy and information security practices of Washington (and Subsidiaries thereof) are, and since January 1, 2022, have been, in compliance with all (i) applicable Laws, (ii) contractual obligations or industry standards to which Washington or any of its Subsidiaries are bound including with respect to Affiliates and/or third parties with respect to the processing of Personally Identifiable Information on behalf of, and/or sharing Personally Identifiable Information with the Washington Business (collectively, “Washington Data Partners”) and the Payment Card Industry Data Security Standard, and (iii) Washington’s (and its Subsidiaries’) publicly facing privacy and information security policies concerning the collection, use, storage, processing, transfer, disclosure, or protection of Personally Identifiable Information (clauses (i) through (iii), collectively, the “Washington Data Security Requirements”);
(b) Washington (and its Subsidiaries), and to the Knowledge of Washington, Washington Data Partners, have implemented and maintain reasonable and appropriate organizational, physical, administrative and technical safeguards and measures, including a written information security program that are designed to (i) comply with applicable Washington Data Security Requirements and (ii) protect the Information Technology owned by Washington or its Subsidiaries, together with any Personally Identifiable Information held or processed by Washington or its Subsidiaries, against a Security Incident. Washington (and Subsidiaries thereof) regularly test their written information security program by conducting security audits, penetration tests, and/or vulnerability scans, and, to the Knowledge of Washington, no entity has identified any medium, high, or critical vulnerability that has not been fully remediated;
(c) since January 1, 2022, Washington and its Subsidiaries, and to the Knowledge of Washington, Washington Data Partners have not experienced any Security Incidents. In relation to any Security Incident and/or actual, alleged, or potential violation of a Business Data Security Requirement, Washington and its Subsidiaries have not (i) notified or been required to notify any Person, or (ii) received any notice, inquiry, request, claim, complaint, correspondence or other communication from, or been the subje...
Privacy; Data Security. (a) The Company, the Company Subsidiaries, and, to the Company’s Knowledge, all third parties Processing Personal Information on behalf of any Company Subsidiary pursuant to a written agreement with the Company or a Company Subsidiary (collectively, “Company Data Partners”), comply and have at all times since January 1, 2020 complied, in all material respects, with all applicable (i) Privacy Laws, (ii) external-facing policies, notices, and/or statements published by the Company or a Company Subsidiary, as applicable, related to Personal Information (“Company Privacy Policy”), and (iii) contractual commitments related to the Processing of Personal Information in a Company Material Contract (collectively, “Company Privacy Requirements”). All Company Privacy Policies are and have been materially accurate, consistent and complete and not misleading or deceptive (including by omission) in any material respect. To the Company’s Knowledge, the execution, delivery, and performance of this Agreement do not conflict with and will not result in a breach of any Company Privacy Requirements or require the consent of or provision of notice to any Person.
(b) The Company and each Company Subsidiary have at all times since January 1, 2020 implemented and maintained commercially reasonable measures designed to protect Personal Information against any accidental, unlawful or unauthorized access, use, loss, disclosure, alteration, destruction, or compromise (a “Security Incident”). To the Company’s Knowledge, none of the Company, the Company Subsidiaries, or, to the Company’s Knowledge, any Company Data Partners have experienced any material Security Incidents, including any successful ransomware attack or denial-of-service attack material to the Company or Company Subsidiary’s operations. In relation to any Security Incident and/or Company Privacy Requirement, none of the Company, the Company Subsidiaries, or, to the Company’s Knowledge, any Company Data Partners, have (i) notified or been required to notify any Person under Privacy Laws, or (ii) received any notice, inquiry, request, claim, complaint, correspondence or other communication from, or been the subject of any investigation or enforcement action by, any Person. To the Company’s Knowledge, there are no facts or circumstances that would reasonably be expected to give rise to the occurrence of (i) or (ii).
Privacy; Data Security. The Parties agree to protect, secure, and maintain information processed and handled under this Agreement in compliance with Applicable Law and applicable privacy and data security terms and conditions set forth in the Affirm Policies and Service Terms.
Privacy; Data Security. The Parties will process information under this Agreement in compliance with Applicable Law and the terms and conditions set forth in the applicable Affirm Service Terms.
Privacy; Data Security. (a) At all times since inception, the Company and any Company Subsidiary has provided accurate notice of its privacy practices on all of its websites and these notices have not contained any material omissions of the Company’s (or the Company Subsidiary’s, as the case may be) privacy practices or practices concerning the collection, use, and disclosure of Personal Information or information about a user or consumer that is not Personal Information, including data collected from an IP address, web beacon, pixel tag, ad tag, cookie, JavaScript, local storage, Software, or by any other means, or from a particular computer, Web browser, mobile telephone, or other device or application, where such data is or may be used to identify or contact an individual, device, or application (including, without limitation, by means of an advertisement or content), or to predict or infer the preferences, interests, or other characteristics of the device or of a user of such device or application or is otherwise used to target advertisements or other content to a device or application or to a user of such device or application (“Non-Personal Information”). The privacy policy or policies providing this notice and the periods each policy has been in effect are set forth in Section 3.18(a) of the Company Disclosure Schedule (hereinafter collectively, the “Privacy Policies”). The privacy practices of the Company or any Company Subsidiary, as the case may be, conform, and at all times have conformed, in all material respects to their respective Privacy Policies at the time each Privacy Policy was in effect and with any public statements regarding the privacy practices of the Company or any Company Subsidiary, as the case may be. The Company and each Company Subsidiary has complied in all material respects with all Laws relating to: (i) the privacy of users of (including Internet or mobile users who view or interact with) the Company Offerings and all of the websites of the Company or any Company Subsidiary, as the case may be, and (ii) the collection, use, storage, retention, disclosure, and disposal of any Personal Information or Non-Personal Information collected by the Company or any Company Subsidiary, or by Third Parties acting on the Company’s behalf or any Company Subsidiary’s behalf or having authorized access to the Company’s or any Company Subsidiary’s records. The Privacy Policies and practices of the Company or any Company Subsidiary, as the case may be, concerning th...
Privacy; Data Security. Each party shall ensure that any collection, use and disclosure of Customer Information obtained by such party pursuant to this Agreement complies with Data Protection Laws. Neither party shall send any unsolicited commercial email or other online communication (e.g., "spam") to Customers. You shall take all appropriate measures to secure the confidentiality of Customer Information in your possession and to protect such Customer Information from unauthorized use or disclosure. If either party shares any personal data (whether Customer Information or otherwise) with the other party pursuant to this Agreement, the following terms shall apply:
9.1 Each party shall only process the personal data in accordance with the Data Protection Laws, including:
(a) process the personal data lawfully, fairly and in a transparent manner in relation to the data subjects;
(b) treat the personal data as confidential and ensure that its employees will treat the personal data as confidential;
(c) only process the personal data for limited and specified purposes;
(d) not retain the personal data for longer than is necessary to carry out the purposes for which it has obtained the personal data; and
(e) implement appropriate security measures to protect the personal data, including appropriate technical and organisational measures, to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage, including inter alia: (a) the pseudonymisation and encryption of the personal data; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (c) the ability to restore the availability and access to the personal data in a timely manner in the event of a physical or technical incident; and (d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
9.2 Where either party becomes aware of inaccuracies of the personal data received from the other party, it will notify the other party thereof.
9.3 Each party may transfer the personal data outside the European Economic Area if it complies with the provisions of the Data Protection Laws on the transfer of personal data to third countries.
9.4 Each party will hold the other party harmless of any claims, damages, penalties and any costs or fees, of whatever nature incurred by the party or for which the party may become liable due ...
Privacy; Data Security. (a) The Company has delivered to Buyer correct and complete copies of all written policies, procedures, and all employee, supplier or third party education and training materials maintained by the Company for at least the previous five (5) years with respect to privacy and personal data protection relating to its employees, customers, suppliers, service providers, or any other third parties from or about whom the Company has obtained personal data (“Company Privacy Policies”). The Company has complied in all material respects with, and has not received any notices of violation with respect to, applicable Laws, Contracts, Company Privacy Policies or any other commitments, obligations or representations concerning privacy and personal data protection relating to its employees, customers, suppliers, service providers, or any other third parties from or about whom the Company has obtained personal data (“Company Privacy Obligations”). No Company Privacy Obligations will impose any restrictions upon the Company’s ability to use, possess, disclose or transfer such personal data in the manner necessary to conduct the Business in a manner similar to its conduct prior to Closing consistent with any Company Privacy Policy in effect at the time Company collected such data. To Seller's Knowledge, there are no claims or alleged claims that the Company has violated Company Privacy Obligations and there is no legal proceeding with respect to any potential violation thereof. To Seller’s Knowledge, the consummation of the transactions contemplated by the Transaction Documents will not require the Company to provide any notice to, or seek any consent from, any employee, customer, supplier, service provider or other third party under any Company Privacy Policy.
(b) The Company has at all times for the last five (5) years maintained an information security program and used commercially reasonable efforts to maintain appropriate administrative, technical and physical controls, including but not limited to the controls set forth in the Payment Card Industry Data Security Standards, as adopted by the PCI Security Standards Council, LLC, Massachusetts’ Information Security Regulations, 201 CMR § 17.00, and other Company Privacy Obligations, in order to protect the security of all information in any form which comprises the Company Registered IP, Company source code, and confidential information and the personal data relating to its employees, customers, suppliers, service provide...
Privacy; Data Security. (a) Since January 1, 2018, the Company and each of its Subsidiaries has at all times maintained reasonable administrative, technical and physical safeguards designed to (i) protect the security, confidentiality, integrity and availability of Company Information and IT Assets in a manner consistent with applicable industry standard practices; (ii) protect against any anticipated threats or hazards to the security, confidentiality or integrity of Company Information and IT Assets; and (iii) detect and remediate Information Security Incidents. Since January 1, 2018, to the Knowledge of the Company, there has been no material Information Security Incident involving the Company or any of its Subsidiaries or third parties that process Company Information on behalf of Company or its Subsidiaries.
(b) Since January 1, 2018, each of the Company and its Subsidiaries has at all times implemented and maintained reasonable policies, procedures and technical controls to monitor for, detect and remediate security vulnerabilities and security control deficiencies associated with IT Assets in a timely manner and in accordance with industry standard practices. To the Knowledge of the Company, the Company and each of its Subsidiaries has fully remediated, including necessary compensating controls, any and all material, critical and/or high-risk security vulnerabilities for which the Company or any of its Subsidiaries has become aware.
(c) Except as do not and would not reasonably be expected to have a Company Material Adverse Effect, since January 1, 2018, the Company and each of its Subsidiaries is, and has been at all times, in compliance with all Privacy Laws and Privacy Commitments (collectively, “Privacy Requirements”). Except as do not and would not reasonably be expected to be material to the Company and its Subsidiaries, taken as a whole, any privacy notices distributed or otherwise made available by the Company or any of its Subsidiaries have at all times complied in all material respects with Privacy Requirements. The Company and each of its Subsidiaries has all rights and permissions necessary to lawfully access, collect, obtain, use, retain, disclose and transfer Personal Information as permitted by the Privacy Requirements. To the Knowledge of the Company, no Person has made any written claim or commenced any Proceeding against the Company or any of its Subsidiaries with respect to any Information Security Incident or actual or alleged violation of a Privacy Req...