We use cookies on our site to analyze traffic, enhance your experience, and provide you with tailored content.

For more information visit our privacy policy.

SECURITY OF CARDHOLDER DATA Sample Clauses

SECURITY OF CARDHOLDER DATA. (a) Xxxxxx Beaumont has designed and implemented an Information Security Program that is designed to protect cardholder data in accordance with the Visa/MasterCard Cardholder Information Security Program (“CISP”) requirements. At all times during the term of the Agreement, Xxxxxx Beaumont shall be in compliance with the CISP requirements, as the same may be revised from time to time.
Sample 1Sample 2Sample 3See All (7)
SECURITY OF CARDHOLDER DATA. Company and Services Vendor each acknowledge and agree that this Agreement constitutes an agreement for Services Vendor to perform services for Company as contemplated in Title V of the Xxxxx-Xxxxx-Xxxxxx Financial Modernization Act (the "Act") and Regulation P issued under the Act ("Regulation P"), Without limiting the generality of the terms of this Agreement, Services Vendor agrees that it shall protect the privacy of Cardholder's non-public personal information, as such terms are defined in the Act and in Regulation P ("Consumer Information") to at least the same extent that Client must maintain that confidentiality under the Act and Regulation P. Without limiting the generality of the foregoing sentence, Services Vendor shall not disclose any non-public personal information to any third person except as required in the performance of Services under this Agreement, and Services Vendor shall not use any non-public personal information except to perform the Services described under this Agreement. Services Vendor shall establish administrative, technical and physical safeguards for Company's customer records and information in Services Vendor's control or possession from time to time. Such safeguards shall be designed for the purpose of: (a) insuring the security of such records and information, (b) protecting against any anticipated threats or hazards to the security or integrity of such records and information; and (c) protecting against unauthorized access to or use of such records and information that would result in substantial harm or inconvenience to any Cardholder. Such safeguards shall be established in accordance with Section 501 of the Act and the Interagency Guidelines Establishing Standards for Safeguarding Customer Information adopted pursuant to Section 501 of the Act. Company shall provide Services Vendor with a copy of its privacy policy established in accordance with the Act and Regulation P.
Sample 1Sample 2See All (6)
SECURITY OF CARDHOLDER DATAThe Sub Merchant shall ensure that there are proper encryption and security measures at its Site to prevent any hacking into the information of the Sub Merchant. It shall be the obligation of Sub Merchant to verify the IP address of xxx.XXXxxxxx.xxx in the return/confirmation message URL. In the event of any loss being due to any act, which is beyond the control of the Sub Merchant, including any hacking into the Sub Merchants Site, the loss shall be borne by the Sub Merchant alone and not the Customer;
Sample 1Sample 2
SECURITY OF CARDHOLDER DATA. The Contractor and/or any subcontractors responsible for storing, processing, or transmitting cardholder data must comply with all applicable Payment Card Industry Data Security Standards (PCI-DSS) throughout the term of the Contract. The State acknowledges that as of the effective date of this Agreement, as a payment brand, Contractor is not a service provider as that term is defined by PCI DSS. American Express places a top priority on safeguarding Card Member information and, as a regulated financial services institution, adheres to robust legal requirements by U.S. and international regulators, including the Gramm Xxxxx Xxxxxx Act (GLBA), the EU General Data Protection Regulation (GDPR), and the Federal Financial Institutions Examinations Council (“FFIEC”) guidelines. The FFIEC is composed of the primary banking regulators, including the Federal Reserve Board of Governors (FRB), the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency (OCC) and the Consumer Financial Protection Bureau (CFPB) among other banking regulators. PCI-DSS does not address all of the legal and regulatory security requirements that American Express must comply with. As such, American Express’s information security standards address specific concerns for our industry.
Sample 1
SECURITY OF CARDHOLDER DATA. SecurePay is committed to maintaining the security of cardholder data it possesses or otherwise stores, processes, or transmits on your behalf, or to the extent that it could impact the security of your cardholder data environment.
Sample 1
SECURITY OF CARDHOLDER DATAMerchant shall ensure that there are proper encryption and security measures at its Site to prevent any hacking into the information of Merchant. It shall be the obligation of Merchant to verify the IP address of xxx.xxxxxxxxxx.xxx in the return/confirmation message URL. In the event of any loss being due to any act, which is beyond the control of Merchant, including any hacking into Merchant Site, the loss shall be borne by Merchant alone and not by APPNIT.
Sample 1
SECURITY OF CARDHOLDER DATA. MBI has designed and implemented an Information Security Program that is designed to protect cardholder data in accordance with the Visa/MasterCard Cardholder Information Security Program (“CISP”) requirements. At all times during the term of the Agreement, MBI shall be in compliance with the CISP requirements, as the same may be revised from time to time.
Sample 1
SECURITY OF CARDHOLDER DATA. Upon activation of an account, Integrator acknowledges and agrees that it shall bear the sole responsibility for protecting the privacy of cardholder data in its possession in accordance with Applicable Law and any requirement of participating agencies.
Sample 1

Related to SECURITY OF CARDHOLDER DATA

  • Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.

  • Customer Data 8.1 You, not bookinglab or JRNI, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data. bookinglab and JRNI is not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Booking Service by you. 8.2 As of the MSA Start Date, JRNI is certified under ISO 27001 and shall maintain an information security program for the Services that complies with the ISO 27001 standards or such other standards as are substantially equivalent to ISO 27001. 8.3 If JRNI and/or bookinglab processes any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and JRNI and/or bookinglab shall be a Data Processor and in any such case: (a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to JRNI and/or bookinglab so that they may lawfully use, process and transfer the Customer Personal Data in accordance with this Agreement on your behalf; (b) you shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws; (c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage; and (d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent JRNI or bookinglab from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority. 8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities 8.5 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing 8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by JRNI or bookinglab at your request) from the Booking Service to a third party and for ensuring that such transfer is in compliance with the Parties' obligations under the Data Protection Laws.

  • Privacy of Customer Information The Seller’s Customer Information in the possession of the Administrative Agent or the Buyers, other than information independently obtained by the Administrative Agent or the Buyers and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of the Seller. Except in accordance with this Section 16.9, the Administrative Agent and the Buyers shall not use any Seller’s Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, Customers, or disclose any Seller’s Customer Information to any Person, including any of the Administrative Agent’s or the Buyers’ employees, agents or contractors or any third party not affiliated with the Administrative Agent or a Buyer. The Administrative Agent and the Buyers may use or disclose Seller’s Customer Information only to the extent necessary (i) for examination and audit of the Administrative Agent’s or the Buyers’ respective activities, books and records by their regulatory authorities, (ii) to market or sell Purchased Mortgage Loans or to enforce or exercise their rights under any Repurchase Document, (iii) to carry out the Administrative Agent’s, the Buyers’ and the Custodian’s express rights and obligations under this Agreement and the other Repurchase Documents (including providing Seller’s Customer Information to Approved Investors), or (iv) in connection with an assignment or participation as authorized by Section 22 or in connection with any hedging transaction related to the Purchased Loans and for no other purpose; provided that the Administrative Agent and the Buyers may also use and disclose the Seller’s Customer Information as expressly permitted by the Seller in writing, to the extent that such express permission is in accordance with the Privacy Requirements. The Administrative Agent and the Buyers shall ensure that each Person to which the Administrative Agent or a Buyer intends to disclose Seller’s Customer Information, before any such disclosure of information, agrees to keep confidential any such Seller’s Customer Information and to use or disclose such Seller’s Customer Information only to the extent necessary to protect or exercise the Administrative Agents, the Buyers’ or the Custodian’s rights and privileges, or to carry out the Administrative Agent’s, the Buyers’ and the Custodian’s express obligations, under this Agreement and the other Repurchase Documents (including providing Seller’s Customer Information to Approved Investors). The Administrative Agent agrees to maintain an Information Security Program and to assess, manage and control risks relating to the security and confidentiality of Seller’s Customer Information pursuant to such program in the same manner as the Administrative Agent does in respect of its own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 C.F.R. Parts 30, 208, 211, 225, 263, 308, 364, 568 and 570. Without limiting the scope of the foregoing sentence, the Administrative Agent and the Buyers shall use at least the same physical and other security measures to protect all of the Seller’s Customer Information in their possession or control as each of them uses for its own customers’ confidential and proprietary information.

  • Safeguarding Customer Information The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616 and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Master Servicer, the Trustee and the NIMS Insurer information reasonably available to it regarding such security measures upon the reasonable request of the Master Servicer, the Trustee and the NIMS Insurer which information shall include, but not be limited to, any Statement on Auditing Standards (SAS) No. 70 report covering the Servicer’s operations, and any other audit reports, summaries of test results or equivalent measures taken by the Servicer with respect to its security measures to the extent reasonably necessary in order for the Seller to satisfy its obligations under the Guidelines.

  • User Data We will maintain certain data that you transmit to the Services for the purpose of managing the performance of the Services, as well as data relating to your use of the Services. Although we perform regular routine backups of data, you are solely responsible for all data that you transmit or that relates to any activity you have undertaken using the Services. You agree that we shall have no liability to you for any loss or corruption of any such data, and you hereby waive any right of action against us arising from any such loss or corruption of such data.

  • Collection of card When your application is approved by us, we may send you the card, and a renewal or replacement thereof, by ordinary post to the address we have on record for you. In the event you fail to receive the card and unauthorized transactions occur on the card account, you will not be liable for the balances arising therefrom provided you have not acted fraudulently or negligently. We are not liable to you for any loss or damage which you may suffer if you fail to receive the card.

  • Customer Information CPNI of a Customer and any other non-public, individually identifiable information about a Customer or the purchase by a Customer of the services or products of a Party.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Use of Customer Data Verizon, Verizon Affiliates and their respective agents, may use, process and/or transfer Customer Data (including intra-group transfers and transfers to entities in countries that do not provide statutory protections for personal information) as set forth in the Privacy Policy and as necessary: (a) in connection with provisioning of Services; (b) to incorporate Customer Data into databases controlled by Verizon, Verizon Affiliates or their respective agents for the purpose of providing Services; administration; provisioning; invoicing and reconciliation; verification of Customer identity, solvency and creditworthiness; maintenance, support and product development; fraud detection and prevention; sales, revenue and customer analysis and reporting; market and customer use analysis including in the manner described in the Privacy Policy; and (c) to communicate to Customer regarding Services.

  • Links to Third Party Sites The Bank website may contain links to other websites ("Linked Sites"). Such links are provided solely as a convenience for you. While the Bank will attempt to select and provide links to Linked Sites that it believes may be of interest to its customers, the Bank does not screen, approve, review or otherwise endorse any content or information contained in any Linked Sites. You acknowledge and agree that the Bank, its affiliates and partners are not responsible for the contents of any Linked Sites, including the accuracy or availability of information provided by Linked Sites, and make no representations or warranties regarding the Linked Sites or your use of them.

Most Referenced Clauses

Most Referenced Definitions