Protection of Information and Data. Any action by Seller related to Personal Information shall be conducted in accordance with standards no less rigorous than the best industry practices, including any standards or requirements specifically set forth for information security elsewhere in the Order. To ensure the protection of Personal Information, Seller shall implement and maintain
(i) administrative, physical, and technical safeguards; and (ii) a written information security program including appropriate policies, procedures, and risk assessments reviewed at least annually. Seller agrees not to transfer or receive Personal Information to or from any country outside the United States without the prior written authorization of Buyer and to obtain consents and take other actions as required by the laws of any country or jurisdiction with legal authority.
Protection of Information and Data. The information and data obtained while performing tasks under this Agreement, with the exception of information and data that is not permitted to be exchanged, published or freely disseminated in accordance with the Parties' legislation, may be exchanged, published or transmitted to other legal and natural persons in accordance with the regulations of both Parties, unless otherwise agreed upon by the competent authorities for the implementation of this Agreement.
