Privacy and Protection of Personal Data. In connection with the collection and/or use of an individual’s name, address, credit card information, email address, social security number, and account numbers and any other information that is “non-public personal information” concerning a consumer for Title V of the ▇▇▇▇▇-▇▇▇▇▇-▇▇▇▇▇▇ Act, 12 C.F.R. part 1016 or otherwise protected information under similar federal or state privacy laws (“Personal Data”), the Company and each of its Subsidiaries have at all times complied in all material respects with and currently comply with all applicable statutes and regulations in all relevant jurisdictions in all material respects where the Company or any Subsidiary of the Company currently conducts business, any publicly available privacy policy of the Company or any Subsidiary of the Company, any privacy policy otherwise furnished for customers and any third party privacy policies which the Company or any Subsidiary of the Company has been contractually obligated to comply with, in each case relating to the collection, storage, use and onward transfer of all Personal Data collected by or on behalf of the Company or any Subsidiary of the Company (the “Privacy Requirements”). The Company or its Subsidiary, as applicable, will have the right after the execution of this Agreement to use such Personal Data in substantially the same manner as used by the Company or such Subsidiary prior to the execution of this Agreement. The Company Bank has adopted a written information security program approved by the Board of Directors of Company. Such information security program meets the requirements of 12 C.F.R. part 364, Appendix B, and 201 C.M.R. 17.00 (the “Information Security Requirements”) and includes (A) security measures in place to protect all Personal Data under its control and/or in its possession and to protect such Personal Data from unauthorized access or use by any parties and (B) the Company’s hardware, software, encryption, systems, policies and procedures are sufficient to protect the privacy, security, confidentiality of all Personal Data in accordance with the Privacy Requirements and the Information Security Requirements. To the Knowledge of the Company, neither the Company nor any Subsidiary of the Company has suffered any breach in security that has permitted any unauthorized access to the Personal Data under the control or possession of the Company or any Subsidiary of the Company. The Company or its Subsidiary, as applicable, has required and does require all third parties to which it provides Personal Data and/or access thereto to maintain the privacy, security and confidentiality of such Personal Data, including by contractually obliging such third parties to protect such Personal Data from unauthorized access by and/or disclosure to any unauthorized third parties.
Appears in 1 contract
Privacy and Protection of Personal Data. In connection with the collection and/or use of an individual’s name, address, credit card information, email address, social security number, and account numbers and any other information that is “non-public personal information” concerning a consumer for Title V of the ▇▇▇▇▇-▇▇▇▇▇-▇▇▇▇▇▇ Act, 12 C.F.R. part 1016 or otherwise protected information under similar federal or state privacy laws (“Personal Data”), the Company and each of its Subsidiaries have has at all times complied in all material respects with and currently comply complies with all applicable statutes and regulations in all relevant jurisdictions in all material respects where the Company or any Subsidiary of the Company currently conducts business, any its publicly available privacy policy of the Company or any Subsidiary of the Companypolicy, any privacy policy otherwise furnished for customers and any third party privacy policies which the Company or any Subsidiary of the Company has been contractually obligated to comply with, in each case relating to the collection, storage, use and onward transfer of all Personal Data collected by or on behalf of the Company or any Subsidiary of the Company (the “Privacy Requirements”). The Company or its Subsidiary, as applicable, will have the right after the execution of this Agreement to use such Personal Data in substantially the same manner as used by the Company or such Subsidiary prior to the execution of this Agreement. The Company Bank has adopted a written information security program approved by the Board of Directors of CompanyCompany Board. Such information security program meets the requirements of 12 C.F.R. part 36430, Appendix B, and 201 C.M.R. 17.00 (the “Information Security Requirements”) and includes (A) security measures in place to protect all Personal Data under its control and/or in its possession and to protect such Personal Data from unauthorized access or use by any parties and (B) the Company’s hardware, software, encryption, systems, policies and procedures are sufficient to protect the privacy, security, confidentiality of all Personal Data in accordance with the Privacy Requirements and the Information Security Requirements. To the Knowledge of the Company, neither the Company nor any Subsidiary of the Company has not suffered any breach in security that has permitted any unauthorized access to the Personal Data under the Company’s control or possession of the Company or any Subsidiary of the Companypossession. The Company or its Subsidiary, as applicable, has required and does require all third parties to which it provides Personal Data and/or access thereto to maintain the privacy, security and confidentiality of such Personal Data, including by contractually obliging such third parties to protect such Personal Data from unauthorized access by and/or disclosure to any unauthorized third parties.
Appears in 1 contract