“Customer” refers to the entity that has ordered services from Apps Associates under this Agreement and defined in each Statement of Work entered into hereunder.
“Services” shall mean each discrete software engineering and consulting service to be performed by Apps Associates for Customer as described in a Statement of Work, and governed by the terms of this Agreement.
“Parties” means Apps Associates and Customer collectively and “Party” means each of Apps Associates and Customer individually.
“Personal Data” means any information or data that relates to an identified or identifiable natural person or data considered to be personal data as defined under Privacy Laws.
“Confidential Information,” means all technical, financial, operational, marketing and sales information of either Party disclosed to the other, that is either designated as “Confidential” or the receiving Party should reasonably understand to be confidential given the nature of the information and the circumstances of its disclosure. A Party’s Confidential Information shall not include information that : (a) is or becomes a part of the public domain through no act of omission of the receiving Party: (b) was in the receiving Party’s lawful possession prior to the disclosure by the disclosing Party and had not been obtained by the receiving Party either directly or indirectly from the disclosing Party; (c) is lawfully disclosed to the receiving Party by a third party without restriction on the disclosure; or (d) is independently developed by the receiving Party without use of or reference to the disclosing Party’s Confidential Information.
“Data Privacy Laws” means any applicable law, statute, directive or regulation regarding privacy, data protection, and/or the processing of Personal Data to which Apps Associates and/or the Customer are subject and which is applicable to the parties’ data protection obligations under this Agreement.
“Security Incident” means any circumstance that involves, or which a party reasonably believes may involve, the accidental or unauthorized access, use, disclosure, modification, storage, destruction or loss of Customer Confidential Information in Apps Associates’ or Apps Associates Personnel’s possession, custody or control.
Apps Associates shall maintain a written security program, that includes appropriate administrative, technical, organizational and physical safeguards, security awareness and security measures designed to protect Confidential Information from unauthorized access and use.
Apps Associates agrees to install and implement security hardware, software, procedures and policies that will provide effective information security. Apps Associates agrees to use commercially reasonable efforts to monitor and update such hardware, software, procedures and policies to utilize improved technology and to respond to developing security threats in order to maintain a level of security protection, preparedness and resilience appropriate for the information involved and the then current state of security solutions. Upon request, Apps Associates shall provide Customer any SSAE18 audit reports issued to on behalf of Apps Associates during the term of this Agreement.
Apps Associates further agrees to:
Maintain and implement information security program.
Apps Associates shall only collect, access, use, or share Confidential Information with authorized third parties, in performance of its obligations under the Agreement, or to comply with applicable legal obligations. Apps Associates will not make any secondary or other use (e.g., for the purpose of data mining) of Confidential Information except (a) as expressly authorized in writing by Customer in connection with Customer’s purchase of Services hereunder, or (b) as required by law.
Apps Associates shall:
The following provisions apply whenever Apps Associates will have access to Confidential Information.
Apps Associates shall:
Apps Associates shall provide written notice to Customer as soon as possible and, in no instance more than 48 hours after, of any actual or reasonably suspected incident of accidental or unlawful destruction or accidental loss, alteration, unauthorized or accidental disclosure of or access to Customer Information of which it becomes aware (a “Security Incident”); thereafter shall take all reasonable measures to contain and remedy the Security Breach, wherever possible; provide Customer with information regarding the investigation and remediation of the Security Breach, unless restricted by law; not make any notification, announcement or publish or otherwise authorize any broadcast of any notice or information about a Security Incident (a “Security Incident Notice”) without the prior written consent of and prior written approval by Customer of the content, media and timing of the Security Incident Notice (if any), unless required to do so by law or court order; and even where required to do so by law or court order, make all reasonable efforts to coordinate with Customer prior to providing any Security Breach Notice