INFORMATION SECURITY / DATA PRIVACY Sample Clauses

INFORMATION SECURITY / DATA PRIVACY. A. The University’s Data and Intellectual Property Protection Addendum is attached and incorporated herein as Exhibit A.
View SourceView Similar (11)
INFORMATION SECURITY / DATA PRIVACY. A. To the extent Contractor now or in the future accesses, collects, processes, stores, or transmits University Data as defined in the University’s Data and Intellectual Property Protection Addendum (the “DPA”), the DPA shall apply. (See Exhibit A, DPA, attached and incorporated herein.)
View SourceView Similar (3)
INFORMATION SECURITY / DATA PRIVACY. The University’s Data and Intellectual Property Protection Addendum is attached and incorporated herein as EXHIBIT 1.
View Source
INFORMATION SECURITY / DATA PRIVACY. (a) The Target Company and the Transferred Subsidiary have established a commercially reasonable Information Security Program that is appropriate to the nature of the Personal Data Processed by the Target Company or the Transferred Subsidiary, and that is appropriately implemented and maintained, and, since the Applicable Date, there have been no material violations of the Information Security Program. The Target Company and the Transferred Subsidiary have assessed and tested their Information Security Program in a manner that is commercially reasonable, and have remediated all critical, high and medium risks and vulnerabilities that were identified as part of such assessments. The Information Security Program is compliant with Privacy Requirements in all material respects. The Company IT Systems are in good working condition, do not contain any material Malicious Code or defect, and operate and perform as necessary to conduct the Target Business. All Company Data will continue to be available for Processing by the Target Company and the Transferred Subsidiary following the Closing on substantially the same terms and conditions as existed immediately before the Closing. (b) The Target Company and the Transferred Subsidiary comply and have complied since the Applicable Date with Company Privacy Policies and the Privacy Requirements in all material respects. To the extent required by Privacy Requirements or Company Privacy Policies. (i) Personal Data is Processed by the Target Company or the Transferred Subsidiary in an encrypted manner, and (ii) Personal Data is securely deleted or destroyed by the Target Company or the Transferred Subsidiary. The Target Company and the Transferred Subsidiary have not sold (as defined by the California Consumer Privacy Act of 2018), and do not sell, any Personal Data to any third parties. Neither the execution, delivery nor performance of this Agreement or any other Transaction Document, nor the consummation of any of the transactions contemplated hereby or thereby, violate any Privacy Requirements or Company Privacy Policies, except for as would not reasonably be expected to be material to the Target Company or the Transferred Subsidiary. Where the Target Company or the Transferred Subsidiary uses a Data Processor to Process Personal Data, the Data Processor has provided guarantees, warranties or covenants to Process such Personal Data in accordance with confidentiality and security measures sufficient for the Target Compa...
View Source

Related to INFORMATION SECURITY / DATA PRIVACY

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC ▇▇▇▇▇ Cyber-safety Policy, UC ▇▇▇▇▇ Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC ▇▇▇▇▇ computing systems and electronic data.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • INFORMATION SECURITY SCHEDULE All capitalized terms not defined in this Information Security Schedule (this “Security Schedule”) shall have the meanings ascribed to them in the Transfer Agency and Service Agreement by and between DST and each of the funds listed on Exhibit A thereto (each such fund, or series thereof, severally, and not jointly, the “Fund”) dated March 1, 2022 (the “Agreement”). DST and Fund hereby agree that DST shall maintain and comply with an information security policy (“Security Policy”) that satisfies the requirements set forth below; provided, that, because information security is a highly dynamic space (where laws, regulations and threats are constantly changing), DST reserves the right to make changes to its information security controls at any time and at the sole discretion of DST in a manner that it believes does not materially reduce the protection it applies to Fund Data. From time to time, DST may subcontract services performed under the Agreement (to the extent provided for under the Agreement) or provide access to Fund Data or its network to a subcontractor or other third party; provided, that, such subcontractor or third party implements and maintains security measures DST believes are at least as stringent as those described in this Security Schedule. For the purposes of this Schedule “prevailing industry practices and standards” refers to standards among financial institutions, including mutual funds, and third parties providing financial services to financial institutions.

  • Personal Information security breach a) Each Party shall notify the other party in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal information and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal information and to restore the integrity of the affected personal information as quickly as is possible. The Parties shall also be required to provide each other with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal information. b) The Parties shall provide on-going updates on the progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Parties must notify the South African Police Service; and/or the State Security Agency and the Information Regulator and the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Parties undertake to co‑operate in any investigations relating to security which is carried out by or on behalf of the other including providing any information or material in its possession or control and implementing new security measures.

  • PERSONAL INFORMATION PRIVACY AND SECURITY CONTRACT 11 Any reference to statutory, regulatory, or contractual language herein shall be to such language as in 12 effect or as amended. 13 A. DEFINITIONS