Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement. (b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ prior written notice, and at the auditing party’s sole expense and cost. (c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 4 contracts
Sources: Fund Participation Agreement (Nationwide Multi Flex Variable Account), Fund Participation Agreement (Jefferson National Life Annuity Account G), Fund Participation Agreement (Jefferson National Life of New York Annuity Account 1)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Trust, the Variable Accounts Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust Company, Nationwide, the Trust, Variable Accounts, or Variable Accounts Contract Owners which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), ) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(bAgreementb) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) . All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 3 contracts
Sources: Mutual Fund Administrative Services Agreement (Jefferson National Life Annuity Account G), Mutual Fund Administrative Services Agreement (Nationwide VL Separate Account-G), Mutual Fund Administrative Services Agreement (Nationwide Multi Flex Variable Account)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, NationwideJefferson National, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30248.1—248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company NFD and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide Jefferson National or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (the “Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (the “Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers JNSC under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, alteration or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, misuse and destruction.
Appears in 2 contracts
Sources: Fund Participation Agreement (Jefferson National Life Annuity Account G), Fund Participation Agreement (Jefferson National Life of New York Annuity Account 1)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the CompanyVariable Accounts, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), ) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 2 contracts
Sources: Fund Administrative Services Agreement (Nationwide Variable Account Ii), Mutual Fund Administrative Services Agreement (Nationwide VL Separate Account-G)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), ) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains agrees to respond to the right other’s reasonable request for information concerning its information security program and, upon request, provide certification to the requesting party that we have applicable policies and procedures in place. Each party also agrees, when reasonably audit its data in requested by the other party’s systems environment no more than annually, upon 60 days’ prior written notice, and at to complete a security questionnaire provided by the auditing requesting party’s sole expense and cost. The parties agree to resolve promptly any material control deficiencies related to their respective information security programs that are identified through the completion of such questionnaires. The parties agree to limit the security questionnaires frequency to once a year.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 2 contracts
Sources: Mutual Fund Administrative Services Agreement (Nationwide Variable Account 4), Mutual Fund Administrative Services Agreement (Nationwide Variable Account 4)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Nonpublic Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 2 contracts
Sources: Fund Participation Agreement (Nationwide Jefferson National VA Separate Account 1), Fund Participation Agreement (Nationwide VL Separate Account-G)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 2 contracts
Sources: Fund Participation Agreement (Jefferson National Life Annuity Account G), Fund Participation Agreement (Jefferson National Life Annuity Account G)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations DocuSign Envelope ID: F42A0E06-5685-46F1-9939-AB5EBA222398 (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 1 contract
Sources: Fund Participation Agreement (Nationwide Variable Account 4)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), ) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or or
(iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 1 contract
Sources: Administrative Services Agreement (Jefferson National Life Annuity Account G)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust NFM will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide Jefferson National or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (the “Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (the “Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers Jefferson National under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, alteration or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, misuse and destruction.
Appears in 1 contract
Sources: Fund Administrative Services Agreement (Jefferson National Life Annuity Account G)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts Plans and Contract Owners Participants received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts Plans which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust NFD will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners Plans or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (the “Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (the “Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers NISC under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, alteration or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, misuse and destruction.
Appears in 1 contract
Sources: Retirement Plans Mutual Fund Selling Agreement (Nationwide Variable Account)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts Plans and Contract Owners Participants received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts Plans which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust NFM will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners Plans or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (the “Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (the “Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, alteration or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, misuse and destruction.
Appears in 1 contract
Sources: Retirement Plans Administrative Services Agreement (Nationwide Variable Account)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), ) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust Parties will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide a party or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 1 contract
Sources: Mutual Fund Administrative Services Agreement (Nationwide Variable Account 4)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the Trust, the Company, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust Parties will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide a party or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains the right to reasonably audit its data in the other party’s systems environment no more than annually, upon 60 days’ days prior written notice, and at the auditing party’s sole expense and cost.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 1 contract
Sources: Fund Participation Agreement (Nationwide Variable Account 4)
Privacy and Data Security. (a) The parties will keep confidential any information regarding the TrustCorporation, the CompanyFunds, Nationwide, the Variable Accounts and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust Corporation or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”), and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated hereinherein (except as noted above), and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company and the Trust Corporation will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge is not prohibited from disclosing such information to the Receiving Party by a legal, contractual or fiduciary obligation to the Disclosing Party, or (iv) describes the annual fees payable to Nationwide Broker-Dealers under this Agreement.
(b) Each party will maintain and enforce safety and physical security procedures with respect to its access and maintenance of Non-public Personal Information that (a) are at least equal to industry standards for such types of locations, (b) are in accordance with reasonable policies in these regards, and (c) provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access of Non-public Personal Information under this Agreement. Without limiting the generality of the foregoing, each party will take all reasonable measures to secure and defend its location and equipment against cyber-attacks, “hackers” and others, both internal and external, who may seek, without authorization, to modify or access its systems or the information found therein. Each party will periodically test its systems for potential areas where security could be breached. Each party will report to the other party promptly any breaches of security or unauthorized access to its systems that it detects or becomes aware of that would require notification to consumers and/or regulators, as may be required by applicable federal and/or state laws. Each party will use reasonable and diligent efforts to remedy such breach of security or unauthorized access in a timely manner. Each party maintains agrees to respond to the right other’s reasonable request for information concerning its information security program and, upon request, provide certification to the requesting party that we have applicable policies and procedures in place. Each party also agrees, when reasonably audit its data in requested by the other party’s systems environment no more than annually, upon 60 days’ prior written notice, and at to complete a security questionnaire provided by the auditing requesting party’s sole expense and cost. The parties agree to resolve promptly any material control deficiencies related to their respective information security programs that are identified through the completion of such questionnaires. The parties agree to limit the security questionnaires frequency to once a year.
(c) All Non-public Personal Information must be stored in a physically and logically secure environment that reasonably attempts to protect it from unauthorized access, modification, theft, misuse, and destruction.
Appears in 1 contract
Sources: Fund Participation Agreement (Nationwide Variable Account 4)