Data Privacy and Security Laws The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations in the United States, including, without limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act, and all applicable provincial and federal data privacy and security laws and regulations in Canada, including without limitation the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) (“PIPEDA”); and the Company has taken commercially reasonable actions to prepare to comply with, and have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal information”, “personal health information”. and “business contact information” as defined by PIPEDA; (v) “personal data” as defined by GDPR; and (vi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Data Protection and Security A. In this Agreement the following terms shall have the meanings respectively ascribed to them:
Data Privacy and Security Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds' shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer's reasonable requests for information concerning Bank's information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank's discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the points included in the questionnaire). Customer acknowledges that certain information provided by Bank, including internal policies and procedures, may be proprietary to Bank, and agrees to protect the confidentiality of all such materials it receives from Bank. Bank agrees to resolve promptly any applicable control deficiencies that come to its attention that do not meet the standards established by federal and state privacy and data security laws, rules, regulations, and/or generally accepted industry standards related to Bank's information security program. Bank shall: (i) promptly notify Customer of any confirmed unauthorized access to personal information or other confidential information of Customer ("Breach of Security"); (ii) promptly furnish to Customer appropriate details of such Breach of Security and assist Customer in assessing the Breach of Security to the extent it is not privileged information or part of an investigation; (iii) reasonably cooperate with Customer in any litigation and investigation of third parties reasonably deemed necessary by Customer to protect its proprietary and other rights; (iv) use reasonable precautions to prevent a recurrence of a Breach of Security; and (v) take all reasonable and appropriate action to mitigate any potential harm related to a Breach of Security, including any reasonable steps requested by Customer that are practicable for Bank to implement. Nothing in the immediately preceding sentence shall obligate Bank to provide Customer with information regarding any of Bank's other customers or clients that are affected by a Breach of Security, nor shall the immediately preceding sentence limit Bank's ability to take any actions that Bank believes are appropriate to remediate any Breach of Security unless such actions would prejudice or otherwise limit Customer's ability to bring its own claims or actions against third parties related to the Breach of Security. If Bank discovers or becomes aware of a suspected data or security breach that may involve an improper access, use, disclosure, or alteration of personal information or other confidential information of Customer, Bank shall, except to the extent prohibited by Applicable Law or directed otherwise by a governmental authority not to do so, promptly notify Customer that it is investigating a potential breach and keep Customer informed as reasonably practicable of material developments relating to the investigation until Bank either confirms that such a breach has occurred (in which case the first sentence of this paragraph will apply) or confirms that no data or security breach involving personal information or other confidential information of Customer has occurred. For these purposes, "personal information" shall mean (i) an individual's name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver's license number, (c) state identification card number, (d) debit or credit card number, (e) financial account 22 number, (f) passport number, or (g) personal identification number or password that would permit access to a person's account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual's account. This provision will survive termination or expiration of the Agreement for so long as Bank or any Subcustodian continues to possess or have access to personal information related to Customer. Notwithstanding the foregoing "personal information" shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
Identification and Disclosure of Privacy and Security Offices Business Associate and Subcontractors shall provide, within ten (10) days of the execution of this agreement, written notice to the Covered Entity’s contract/grant manager the names and contact information of both the HIPAA Privacy Officer and HIPAA Security Officer. This information must be updated any time either of these contacts changes.
Bill of Rights for Data Privacy and Security As required by Education Law Section 2-d, the Parents Bill of Rights for Data Privacy and Security and the supplemental information for the Service Agreement are included as Exhibit A and Exhibit B, respectively, and incorporated into this DPA. Contractor shall complete and sign Exhibit B and append it to this DPA. Pursuant to Education Law Section 2-d, the EA is required to post the completed Exhibit B on its website.
Survival of Confidentiality Obligations The Parties’ rights and obligations under this Section 10 shall survive and continue in effect until two (2) years after the expiration or termination date of this Agreement with regard to all Information exchanged during the term of this Agreement. Thereafter, the Parties’ rights and obligations hereunder survive and continue in effect with respect to any Information that is a trade secret under applicable law.
Limitations and exclusions of liability NONE OF THE TMLS AFFILIATES SHALL BE LIABLE TO SUBSCRIBER OR ANYONE ELSE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES THAT RESULT FROM THE USE OF, OR INABILITY TO USE, THE TMLS SERVICE, INCLUDING RELIANCE BY SUBSCRIBER ON ANY INFORMATION OBTAINED THROUGH USE OF THE TMLS SERVICE; MISTAKES, OMISSIONS, DELETIONS OR DELAYS IN TRANSMISSION OF SUCH INFORMATION; INTERRUPTIONS IN TELECOMMUNICATIONS CONNECTIONS TO THE TMLS SERVICE; AND VIRUSES OR FAILURES OF PERFORMANCE; WHETHER CAUSED IN WHOLE OR PART BY NEGLIGENCE, ACTS OF GOD, TELECOMMUNICATIONS FAILURE, OR THEFT OF, DESTRUCTION OF, OR UNAUTHORIZED ACCESS TO THE TMLS SERVICE AND RELATED INFORMATION, RECORDS AND PROGRAMS.
Limitation of Vendor Indemnification and Similar Clauses This is a requirement of the TIPS Contract and is non-negotiable TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, is prohibited from indemnifying third-parties (pursuant to the Article 3, Section 52 of the Texas Constitution) except as otherwise specifically provided for by law or as ordered by a court of competent jurisdiction. Article 3, Section 52 of the Texas Constitution states that "no debt shall be created by or on behalf of the State … " and the Texas Attorney General has opined that a contractually imposed obligation of indemnity creates a "debt" in the constitutional sense. Tex. Att'y Gen. Op. No. MW-475 (1982). Thus, contract clauses which require TIPS to indemnify Vendor, pay liquidated damages, pay attorney's fees, waive Vendor's liability, or waive any applicable statute of limitations must be deleted or qualified with ''to the extent permitted by the Constitution and Laws of the State of Texas." Does Vendor agree? Yes, I Agree TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, does not agree to binding arbitration as a remedy to dispute and no such provision shall be permitted in this Agreement with TIPS. Vendor agrees that any claim arising out of or related to this Agreement, except those specifically and expressly waived or negotiated within this Agreement, may be subject to non-binding mediation at the request of either party to be conducted by a mutually agreed upon mediator as prerequisite to the filing of any lawsuit arising out of or related to this Agreement. Mediation shall be held in either Camp or Titus County, Texas. Agreements reached in mediation will be subject to the approval by the Region 8 ESC's Board of Directors, authorized signature of the Parties if approved by the Board of Directors, and, once approved by the Board of Directors and properly signed, shall thereafter be enforceable as provided by the laws of the State of Texas. Does Vendor agree? Yes, Vendor agrees Does Vendor agree? Yes, Vendor agrees Vendor agrees that nothing in this Agreement shall be construed as a waiver of sovereign or government immunity; nor constitute or be construed as a waiver of any of the privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department. The failure to enforce, or any delay in the enforcement, of any privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department under this Agreement or under applicable law shall not constitute a waiver of such privileges, rights, defenses, remedies, or immunities or be considered as a basis for estoppel. Does Vendor agree? Yes, Vendor agrees Vendor agrees that TIPS and TIPS Members shall not be liable for interest or late-payment fees on past-due balances at a rate higher than permitted by the laws or regulations of the jurisdiction of the TIPS Member. Funding-Out Clause: Vendor agrees to abide by the applicable laws and regulations, including but not limited to Texas Local Government Code § 271.903, or any other statutory or regulatory limitation of the jurisdiction of any TIPS Member, which requires that contracts approved by TIPS or a TIPS Member are subject to the budgeting and appropriation of currently available funds by the entity or its governing body.
Survival of Covenants Except as expressly set forth in this Agreement or any Ancillary Agreement, the covenants, representations and warranties contained in this Agreement and each Ancillary Agreement, and Liability for the breach of any obligations contained herein, shall survive the Separation and the Distribution and shall remain in full force and effect.
NON-EXCLUSIVITY; SURVIVAL OF RIGHTS; INSURANCE; SUBROGATION; PRIORITY OF OBLIGATIONS (a) The rights of Indemnitee as provided by this Agreement shall not be deemed exclusive of any other rights to which Indemnitee may at any time be entitled under applicable law, the Articles, any agreement, a vote of shareholders or a resolution of directors, or otherwise. No amendment, alteration or repeal of this Agreement or of any provision hereof shall limit or restrict any right of Indemnitee under this Agreement in respect of any Proceeding (regardless of when such Proceeding is first threatened, commenced or completed) or claim, issue or matter therein arising out of, or related to, any action taken or omitted by such Indemnitee in his or her Corporate Status prior to such amendment, alteration or repeal. To the extent that a change in applicable law, whether by statute or judicial decision, permits greater indemnification, hold harmless or exoneration rights or advancement of Expenses than would be afforded currently under the Articles or this Agreement, then this Agreement (without any further action by the parties hereto) shall automatically be deemed to be amended to require that the Company indemnifies the Indemnitee to the fullest extent permitted by law. No right or remedy herein conferred is intended to be exclusive of any other right or remedy, and every other right and remedy shall be cumulative and in addition to every other right and remedy given hereunder or now or hereafter existing at law or in equity or otherwise. The assertion or employment of any right or remedy hereunder, or otherwise, shall not prevent the concurrent assertion or employment of any other right or remedy.
(b) The Articles permit the Company to purchase and maintain insurance or furnish similar protection or make other arrangements including, but not limited to, providing a trust fund, letter of credit, or surety bond (“Indemnification Arrangements”) on behalf of Indemnitee against any liability asserted against him or her or incurred by or on behalf of him or in such capacity as a director, officer, employee or agent of the Company, or arising out of his or her status as such, whether or not the Company would have the power to indemnify him or her against such liability under the provisions of this Agreement and the Articles. The purchase, establishment, and maintenance of any such Indemnification Arrangement shall not in any way limit or affect the rights and obligations of the Company or of Indemnitee under this Agreement except as expressly provided herein, and the execution and delivery of this Agreement by the Company and Indemnitee shall not in any way limit or affect the rights and obligations of the Company or the other party or parties thereto under any such Indemnification Arrangement.
(c) To the extent that the Company maintains an insurance policy or policies providing liability insurance for directors, officers, trustees, partners, managers, managing members, fiduciaries, employees, or agents of the Company or of any other Enterprise which such person serves at the request of the Company, Indemnitee shall be covered by such policy or policies in accordance with its or their terms to the maximum extent of the coverage available for any such director, officer, trustee, partner, managers, managing member, fiduciary, employee or agent under such policy or policies. If, at the time the Company receives notice from any source of a Proceeding as to which Indemnitee is a party or a participant (as a witness, deponent or otherwise), the Company has director and officer liability insurance in effect, the Company shall give prompt notice of such Proceeding to the insurers in accordance with the procedures set forth in the respective policies. The Company shall thereafter use commercially reasonable efforts to cause such insurers to pay, on behalf of Indemnitee, all amounts payable as a result of such Proceeding in accordance with the terms of such policies.
(d) In the event of any payment under this Agreement, the Company, to the fullest extent permitted by law, shall be subrogated to the extent of such payment to all of the rights of recovery of Indemnitee, who shall execute all papers required and take all action necessary to secure such rights, including execution of such documents as are necessary to enable the Company to bring suit to enforce such rights. No such payment by the Company shall be deemed to relieve any insurer of its obligations.
(e) The Company’s obligation to indemnify, hold harmless, exonerate or advance Expenses hereunder to Indemnitee who is or was serving at the request of the Company as a director, officer, trustee, partner, manager, managing member, fiduciary, employee or agent of any other Enterprise shall be reduced by any amount Indemnitee has actually received as indemnification, hold harmless or exoneration payments or advancement of expenses from such Enterprise. Notwithstanding any other provision of this Agreement to the contrary, but subject to Section 27, (i) Indemnitee shall have no obligation to reduce, offset, allocate, pursue or apportion any indemnification, hold harmless, exoneration, advancement, contribution or insurance coverage among multiple parties possessing such duties to Indemnitee prior to the Company’s satisfaction and performance of all its obligations under this Agreement, and (ii) the Company shall perform fully its obligations under this Agreement without regard to whether Indemnitee holds, may pursue or has pursued any indemnification, advancement, hold harmless, exoneration, contribution or insurance coverage rights against any person or entity other than the Company.
(f) Notwithstanding anything contained herein, the Company is the primary indemnitor, and any indemnification or advancement obligation of the Sponsor or its affiliates or members or any other Person is secondary.
