|
INC.
<br />Basic Applicant Data (as defined in this Section) will remain on the eSOPH System and be visible to other MMI
<br />clients. Further information regarding another agency's entry of an Applicant, must be gained through that agency's
<br />permission and their own internal process(es).
<br />5.5 Security Incident. In the event MMI learns of a Security Incident, MMI will make every effort to
<br />notify Client within 24-hours of learning of the breach. Notification will be made to at least one of Client's
<br />Administrative Users listed on Exhibit A via telephone and email. Notifications will only be made when an actual
<br />Security Incident has occurred; if the data is encrypted, by industry standards, no Security Incident is considered to
<br />have occurred and no notification will be made. At the request of Client, and with Client's cooperation and
<br />assistance, MMI will work together with law enforcement and other personnel in connection with the unauthorized
<br />access into the eSOPH System. MMI takes the privacy and security of data seriously, and uses reasonable
<br />administrative, technical, and physical safeguards to protect the confidentiality and security of all Client Data.
<br />Clients are encouraged to review MMI's eSOPH Security Overview, which is updated as needed by MMI from time
<br />to time and is available upon request.
<br />5.6 Ownership of Client Data. Client owns all Client Data entered into the eSOPH System by its
<br />Authorized Users and its Applicants, including Applicant Data entered in response to the Client's request for
<br />information to process an Applicant's background investigation.
<br />5.7 Post -Termination Retention of Data. Without limiting Client's rights to Client Data and
<br />Applicant Data hereunder, MMI may retain and store the following data during and after the term of this Agreement:
<br />Applicant name, Applicant telephone number, Applicant mailing address, Applicant email address, Applicant year
<br />of birth, date the Applicant was entered into the eSOPH System, Applicant's background investigation close date,
<br />position Applicant has applied for with Client, and the legal agreements (e.g., MMI's Electronic Signature
<br />Agreement, Terms of Use and Privacy Policy) related to any Authorized User's or Applicant's use of the eSOPH
<br />System. MMI may retain such information and use it to comply with applicable law and the eSOPH System Terms
<br />of Use and Privacy Policy and for the purposes described in Section 5.4 (MMI's Sharing of Basic Applicant Data).
<br />Other than as stated in this Agreement, MMI will not use such information for other purpose.
<br />5.8 Confidential Information. In performance of this Agreement, the Parties may directly or
<br />indirectly disclose to each other confidential information, proprietary information, or confidential data
<br />("Confidential Information"). "Confidential Information" shall include any data and/or information that is
<br />identified by either Party as confidential (either orally or in writing) or is of such a nature that a reasonable person
<br />would understand such information to be confidential, including, but not limited to, (a) trade secrets or confidential
<br />business information of either Party, including without limitation information about such Party's technology,
<br />financial information, and plans; and (b) personal information of employees, Applicants, and Authorized Users,
<br />including but not limited to, images, names, addresses, Social Security numbers, e-mail addresses, telephone
<br />numbers, financial profiles, credit card information, driver's license numbers, medical data, law enforcement
<br />records, educational records or other information identifiable to a specific individual that relates to any of these
<br />types of information ("Personally Identifiable Information" or "PII").
<br />5.9 Exclusions from Confidential Information. Notwithstanding the foregoing, Confidential
<br />Information shall not include information the receiving Party can prove by clear and convincing written
<br />contemporaneous evidence is: (1) publicly known through no fault or negligence of the receiving Party; (2) rightfully
<br />possessed by the receiving Party prior to disclosure by the disclosing Party; (3) rightfully obtained by the receiving
<br />Party from a third -party in lawful possession of such Confidential Information without obligation of confidentiality;
<br />(4) independently developed by the receiving Party without reference to or use of the disclosing Party's Confidential
<br />Information.
<br />5.10 Restrictions on Use and Disclosure. Each party shall not use the other party's Confidential
<br />Information for any purpose other than performance of its obligations and exercise of its rights under this Agreement.
<br />Furthermore, each party shall not disclose the other party's Confidential Information to any third party except to
<br />such parry's employees, contractors, and other representatives who (a) have a bona fide need to know such
<br />Confidential Information for purposes of performing this Agreement, (b) have been informed of the confidential
<br />MASTER SOFTWARE SUBSCRIPTION SERVICES AGREEMENT ('°MSSSA") PAGE 13 OF 24
<br />Version: May 30, 2023
<br />
|