PCI Data Security Standards Clause Samples

POPULAR SAMPLE Copied 1 times
PCI Data Security Standards. Servicer agrees that the Cardholder website shall comply with the Payment Card Industry Data Security Standard, and that Servicer is responsible for any payment card data in its possession or control.”
View SourceView Similar (2)
PCI Data Security Standards. U.S. Bank shall ensure that its Program related activities are conducted in a manner that complies with PCI Data Security Standards.
View Source
PCI Data Security Standards. NeuLion will at all times protect the confidentiality and security of cardholder data of potential Subscribers, Subscribers and former Subscribers (“Cardholder Data”) in compliance with the Payment Card Industry Data Security Standards (“PCI Data Security Standards”) promulgated by the PCI Security Standards Council, LLC or any successor entity thereto, as may be amended from time to time, and which are available at: ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇. NeuLion acknowledges and agrees that Cardholder Data may only be used: (i) to the extent necessary to verify, store, process or transmit Cardholder Data to Company to complete a card transaction; (ii) for fraud control; (iii) as specifically agreed to by the applicable payment card company, provided that such use has also been approved in writing by Company, such approval not to be unreasonably withheld; or (iv) as required by applicable Laws. In the event of a breach or intrusion of or otherwise unauthorized access to Cardholder Data stored at or for NeuLion, NeuLion will immediately notify Company and the applicable payment card company, in the manner required in the PCI Data Security Standards, and provide Company and the applicable payment card company and their respective designees access to NeuLion’s facilities and all pertinent records to conduct a review of NeuLion’s compliance with the PCI Data Security Standards. NeuLion will fully cooperate with any review of their facilities and records provided for herein. NeuLion will maintain appropriate business continuity procedures and systems to ensure security of Cardholder Data in the event of a disruption, disaster or failure of NeuLion’s data systems. NeuLion and its successors and assigns will comply with the PCI Data Security Standards after termination or expiration of this Agreement.
View Source
PCI Data Security Standards. In the event Manager will collect, store, process, transmit or otherwise handle credit card, debit card or other “cardholder data” as that term is defined and used in the Payment Card Industry Data Security Standards and the Payment Application Data Security Standards, as applicable (collectively, the “PCI DSS”): (a) Manager represents and warrants as follows: (i) it shall comply with the current and future versions of the PCI DSS; Card Association rules, policies, and regulations (as they may appear on Card Association websites); and all applicable laws, regulations, ordinances, rules, and orders of governmental authorities having jurisdiction over Owner; and (ii) Manager shall be solely and exclusively responsible for maintaining the security of all cardholder data and sensitive authentication data (as those terms are defined and used in the PCI DSS) in its possession and control. Manager shall indemnify, defend, and hold Owner harmless from and against any claims, damages, or expenses arising out of Manager’s breach of the foregoing warranties. “Card Associations” means the bankcard associations (e.g., MasterCard and Visa) and other non-bankcard or private label associations such as American Express, Discover, JCB, private label, and other credit or debit card associations. Without limiting the generality of the foregoing, Manager shall handle and secure all cardholder data in a matter fully compliant with the PCI DSS.
View Source

Related to PCI Data Security Standards

  • Security Standards The Provider shall implement and maintain commercially reasonable security procedures and practices that otherwise meet or exceed industry standards designed to protect Student Data from unauthorized access, destruction, use, modification, or disclosure, including but not limited to the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of the Student Data (a "Security Breach"). For purposes of the DPA and this Exhibit G, "Security Breach" does not include the good faith acquisition of Student Data by an employee or agent of the Provider or LEA for a legitimate educational or administrative purpose of the Provider or LEA, so long as the Student Data is used solely for purposes permitted by SOPPA and other applicable law, and so long as the Student Data is restricted from further unauthorized disclosure.

  • Privacy and Data Security (a) In the prior three (3) years, the Company and its Subsidiaries have been in compliance with Privacy Laws, and in all material respects with (i) Contracts (or portions thereof) between the Company or its Subsidiaries and other Persons relating to Personal Data and (ii) applicable written policies, public statements and other public representations relating to the Processing of Personal Data, inclusive of all disclosures required by applicable Privacy Laws (“Privacy and Data Security Policies,” and together with Privacy Laws and such Contracts, “Privacy Commitments”). The execution, delivery and performance by the Company of this Agreement to which the Company is or will be a party, and the consummation of the transactions contemplated hereby or thereby, are not reasonably expected to, directly or indirectly, result in a violation of any Privacy Commitments that would be materially adverse to the Company and its Subsidiaries, taken as a whole. (b) In the prior three (3) years, the Privacy and Data Security Policies have at all times been maintained and made available to individuals in accordance with reasonable industry practices and as required by Privacy Laws, are accurate and complete and are not misleading or deceptive (including by omission). The practices of the Company or its Subsidiaries with respect to the Processing of Personal Data conform in all material respects to the Privacy and Data Security Policies that govern such Personal Data. (c) There is (and in the prior three years there has been) no material Legal Proceeding pending or, to the Company’s knowledge, threatened against or involving the Company or its Subsidiaries initiated by any Person (including (i) the Federal Trade Commission, any state attorney general or similar state official, (ii) any other Governmental authority, foreign or domestic or (iii) any regulatory or self-regulatory entity) alleging that any Processing of Personal Data by or on behalf of the Company or its Subsidiaries is or was in violation of any Privacy Commitments. To the Company’s Knowledge, there are no facts, circumstances or conditions that would reasonably be expected to form the basis for any proceeding for any potential violation of any Privacy Commitments. (d) In the prior three (3) years, (i) there has been no unauthorized access to, or unauthorized use, disclosure, or Processing of Personal Data in the possession or control of the Company or its Subsidiaries or any of its contractors with regard to any Personal Data obtained from or on behalf of the Company or its Subsidiaries (“Security Incident”), (ii) there have been no unauthorized intrusions or breaches of security into any Company IT Systems, and (iii) none of the Company or any of its Subsidiaries has notified or been required to notify any Person of any (A) loss, theft or damage of, or (B) other unauthorized or unlawful access to, or use, disclosure or other Processing of, Personal Data, except, in each case of clauses (i), (ii), and (iii), as would not have a Company Material Adverse Effect. Each of the Company and its Subsidiaries has implemented commercially reasonable administrative, physical and technical safeguards, and ensures that its contractors processing Personal Data take such safeguards to protect the confidentiality, integrity and security of Personal Data against any Security Incident, including taking all reasonable steps to safeguard and back up Personal Data. (e) Each of the Company and its Subsidiaries owns or has a license or other right to use the Company IT Systems as necessary to operate the business of each the Company or its Subsidiaries as currently conducted. All Company IT Systems are (i) free from any defect, bug, virus or programming, design or documentation error and (ii) in sufficiently good working condition to effectively perform all information technology operations necessary for the operation of businesses of the Company and its Subsidiaries (except for ordinary wear and tear), except in each case of clauses (i) and (ii), as is not and would not reasonably be expected to be, individually or in the aggregate, material to the Company and its Subsidiaries, taken as a whole. In the prior three years, there have not been any material failures, breakdowns or continued substandard performance of any Company IT Systems that have caused a material failure or disruption of the Company IT Systems other than routine failures or disruptions that have been remediated in the Ordinary Course of Business. In the past three (3) years, there have been no (except to the extent completely remediated), and to the Company’s Knowledge, there are no material security deficiencies or vulnerabilities in the Company IT Systems.

  • Information Technology Accessibility Standards Any information technology related products or services purchased, used or maintained through this Grant must be compatible with the principles and goals contained in the Electronic and Information Technology Accessibility Standards adopted by the Architectural and Transportation Barriers Compliance Board under Section 508 of the federal Rehabilitation Act of 1973 (29 U.S.C. §794d), as amended. The federal Electronic and Information Technology Accessibility Standards can be found at: ▇▇▇▇://▇▇▇.▇▇▇▇▇▇-▇▇▇▇▇.▇▇▇/508.htm.

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Safety Standards Performance of the Contract for all commodities or contractual services must comply with requirements of the Occupational Safety and Health Act and other applicable State of Florida and federal requirements.