Common use of Training and Guidance Clause in Contracts

Training and Guidance. The Company has implemented or will implement mechanisms designed to ensure that its compliance code, policies, and procedures designed to detect and prevent the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns are effectively communicated to all executives, officers, employees, and when necessary and appropriate, agents and business partners. These mechanisms shall include: (a) periodic training about compliance measures designed to detect and prevent the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns for all executives, officers, and employees in positions of leadership or trust, and those that hold positions that require such training, for example, among other potential groups of employees, sales employees, employees in the legal department, and those who perform compliance functions; and (b) corresponding certifications by all such executives, officers, employees, agents, and business partners that acknowledge the training requirements related to detecting and deterring the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns and certify compliance with those requirements. Epsilon will maintain, or where necessary and appropriate establish, an effective system for providing guidance and advice to executives, officers, and employees and, when necessary, agents and business partners, on abiding by the Company’s compliance code, policies, and procedures relating to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns, including when any of them need advice on an urgent or expedited basis. Epsilon will maintain, or if necessary establish, an effective system for internal, and when possible, confidential reporting by, and protection of, executives, officers, employees, and when appropriate, agents and business partners, concerning the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns or violations of the Company’s compliance code, policies, and procedures relating to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns. Epsilon will maintain, or if necessary establish, an effective and reliable process with sufficient resources for responding to, investigating, and documenting any allegations that the Company’s clients are engaged in fraudulent or deceptive marketing or are otherwise violating the Company’s compliance code, policies, or procedures relating to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns The Company has implemented or will implement mechanisms designed to effectively enforce its compliance code, policies, and procedures relating to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns, including mechanisms that appropriately incentivize compliance and that discipline violations. Epsilon has implemented or will implement appropriate disciplinary procedures to address, among other things, any employee’s provision of data or services to clients engaged in fraudulent or deceptive marketing. Such procedures shall be applied consistently and fairly, regardless of the position held by, or the perceived importance of, the subject executive, officer, or employee. The Company has implemented or shall implement procedures to ensure that when misconduct is discovered, the Company undertakes reasonable and appropriate steps to remedy the harm that resulted from the misconduct and to ensure that reasonable and appropriate steps are taken to prevent similar misconduct from occurring in the future, including by assessing the Company’s internal controls, its compliance code, policies, and procedures related to deceptive marketing by clients, and by making any necessary modifications to ensure that the Company’s overall compliance program is effective. The Company has instituted or will institute, to the extent required by and permissible under applicable law, a reasonable process by which an individual consumer may request a copy of his or her personal information held by the Company for the purpose of the transfer or sale of data to current or prospective clients. The Company also has instituted or will institute, to the extent required by and permissible under applicable law, a reasonable process by which an individual consumer may request that the Company not sell his or her personal information to current or prospective clients. Epsilon has developed and implemented, or will develop and implement, policies and procedures regarding mergers and acquisitions that require the Company to conduct risk-based due diligence on potential new business entities that includes diligence regarding the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns, including appropriate due diligence by legal, accounting, and compliance personnel. Epsilon has ensured or will ensure that its compliance code, policies, and procedures related to detecting and deterring the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns apply as quickly as is practicable to any newly acquired businesses or entities merged with the Company. Epsilon will promptly: (a) train the executives, officers, employees, and when appropriate, agents and business partners on its compliance code, policies, and procedures related to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns; and (b) when warranted, conduct a risk-based review of newly acquired or merged businesses as quickly as is practicable regarding the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns. Epsilon will conduct periodic reviews and testing of its compliance code, policies, and procedures related to preventing and detecting the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns that are designed to evaluate and improve their effectiveness in preventing and detecting the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns and any related violations of the Company’s code, policies, and procedures related to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns. The Company’s reviews and tests shall take into account relevant developments in the industry and any evolving international, domestic, and industry standards related to the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns. Epsilon will maintain, or where necessary establish, effective processes and procedures that enable the Company, to the extent possible, to detect the transfer or sale of consumer data to entities and individuals engaged in fraudulent or deceptive marketing campaigns.