Safeguarding Customer Information The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616 and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Master Servicer, the Trustee and the NIMS Insurer information reasonably available to it regarding such security measures upon the reasonable request of the Master Servicer, the Trustee and the NIMS Insurer which information shall include, but not be limited to, any Statement on Auditing Standards (SAS) No. 70 report covering the Servicer’s operations, and any other audit reports, summaries of test results or equivalent measures taken by the Servicer with respect to its security measures to the extent reasonably necessary in order for the Seller to satisfy its obligations under the Guidelines.
Privacy of Customer Information The Seller’s Customer Information in the possession of the Administrative Agent or the Buyers, other than information independently obtained by the Administrative Agent or the Buyers and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of the Seller. Except in accordance with this Section 16.9, the Administrative Agent and the Buyers shall not use any Seller’s Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, Customers, or disclose any Seller’s Customer Information to any Person, including any of the Administrative Agent’s or the Buyers’ employees, agents or contractors or any third party not affiliated with the Administrative Agent or a Buyer. The Administrative Agent and the Buyers may use or disclose Seller’s Customer Information only to the extent necessary (i) for examination and audit of the Administrative Agent’s or the Buyers’ respective activities, books and records by their regulatory authorities, (ii) to market or sell Purchased Mortgage Loans or to enforce or exercise their rights under any Repurchase Document, (iii) to carry out the Administrative Agent’s, the Buyers’ and the Custodian’s express rights and obligations under this Agreement and the other Repurchase Documents (including providing Seller’s Customer Information to Approved Investors), or (iv) in connection with an assignment or participation as authorized by Section 22 or in connection with any hedging transaction related to the Purchased Loans and for no other purpose; provided that the Administrative Agent and the Buyers may also use and disclose the Seller’s Customer Information as expressly permitted by the Seller in writing, to the extent that such express permission is in accordance with the Privacy Requirements. The Administrative Agent and the Buyers shall ensure that each Person to which the Administrative Agent or a Buyer intends to disclose Seller’s Customer Information, before any such disclosure of information, agrees to keep confidential any such Seller’s Customer Information and to use or disclose such Seller’s Customer Information only to the extent necessary to protect or exercise the Administrative Agents, the Buyers’ or the Custodian’s rights and privileges, or to carry out the Administrative Agent’s, the Buyers’ and the Custodian’s express obligations, under this Agreement and the other Repurchase Documents (including providing Seller’s Customer Information to Approved Investors). The Administrative Agent agrees to maintain an Information Security Program and to assess, manage and control risks relating to the security and confidentiality of Seller’s Customer Information pursuant to such program in the same manner as the Administrative Agent does in respect of its own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 C.F.R. Parts 30, 208, 211, 225, 263, 308, 364, 568 and 570. Without limiting the scope of the foregoing sentence, the Administrative Agent and the Buyers shall use at least the same physical and other security measures to protect all of the Seller’s Customer Information in their possession or control as each of them uses for its own customers’ confidential and proprietary information.
Customer Data 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you.
8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001.
8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case:
(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf;
(b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;
(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and
(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.
8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities
8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing
8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.
Customer Information CPNI of a Customer and any other non-public, individually identifiable information about a Customer or the purchase by a Customer of the services or products of a Party.
Compliance with Safeguarding Customer Information Requirements The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616, and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Seller information regarding the implementation of such security measures upon the reasonable request of the Seller.
Customer will Select and notify Boeing of the suppliers and part numbers of the following BFE items by the following dates: Galley System Complete 2005 Galley Inserts Complete 2005 Seats (passenger) Complete 2005 Cabin Systems Equipment Complete 2005 Miscellaneous Emergency Equipment Complete 2005 Cargo Handling Systems ****N/A****
Return of Customer Data Okta shall return Customer Data to Customer and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and time periods specified in the Trust & Compliance Documentation, unless the retention of the data is requested from Okta according to mandatory statutory laws.
Processing of Customer Personal Data 3.1 UKG will:
3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data.
3.2 Customer hereby:
3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement.
3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and
3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law.
3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
Customer Lists We hereby agree that we shall not use any list of your customers which may be obtained in connection with this Agreement for the purpose of solicitation of any product or service without your express written consent. However, nothing in this paragraph or otherwise shall be deemed to prohibit or restrict us or our affiliates in any way from solicitations of any product or service directed at, without limitation, the general public, any segment thereof, or any specific individual, provided such solicitation is not based upon such list.
Safeguarding The Local Authority has overarching responsibility for safeguarding and promoting the welfare of all children and young people in their area. They have a number of statutory functions under the 1989 and 2004 Children Acts which make this clear, and the ‘Working Together to Safeguard Children’ 2015 guidance1 sets these out in detail.
