|
MILLER MENDEL. INC.
<br />5.3 Client's Sharing of Applicant Data. The eSOPH System allows Client to externally share
<br />Applicant data and other information about Applicants from the eSOPH System. If Client or its Authorized
<br />User(s) share Applicant Data or other information about an Applicant with a third party, Client must: (i) possess
<br />valid, signed authorization from each Applicant whose Applicant Data or information is to be shared, legally
<br />adequate to authorize Client to share such Applicant Data or information, (ii) refrain from violating any law,
<br />policy, term or rule by sharing, transmitting or otherwise disclosing such Applicant Data or information, and (iii)
<br />keep the Applicant Data and information secure and private in accordance with any and all applicable privacy
<br />laws, and other legal requirement(s) and obligation(s).
<br />5.4 MMI's Sharing of Basic Applicant Data. Client acknowledges and understands a valuable part
<br />of the eSOPH System is the ability for Client to see if an Applicant has been entered into the eSOPH System by
<br />other MMI client(s). I£ Client enters an Applicant into the eSOPH System, the eSOPH System will disclose if any
<br />other MMI client has previously entered the same Applicant into the eSOPH System. "Basic Applicant Data"
<br />information produced to other MMI clients is limited to: Agency/entity name, position applied for, entered date,
<br />and closed date. The eSOPH System will also display the point of contact for any other agency(s) who have
<br />previously entered the Applicant into the eSOPH System. If Client purges their backgrounds from the eSOPH
<br />System, the Basic Applicant Data (as defined in this section) will remain on the eSOPH System and be visible to
<br />other MMI clients. Further information regarding another agency's entry of an Applicant, must be gained through
<br />that agency's permission and their own internal process(es).
<br />5.5 Security Incident. In the event MMI learns of a Security Incident, MMI will make every effort
<br />to notify Client within 24-hours of learning of the breach. Notification will be made to the Client's Primary
<br />Administrative User or representative listed in Exhibit A to this Agreement, via telephone, and also email.
<br />Notifications will only be made when an actual Security Incident has occurred; if the data is encrypted, by industry
<br />standards, no Security Incident is considered to have occurred and no notification will be made. At the request of
<br />Client, and with Client's cooperation and assistance, MMI will work together with law enforcement and other
<br />personnel in connection with the unauthorized access into the eSOPH System. MMI takes the privacy and security
<br />of data seriously, and uses reasonable administrative, technical, and physical safeguards to protect the
<br />confidentiality and security of all Client Data. Clients are encouraged to review M 41's eSOPH Security
<br />Overview, which is updated as needed by MMI from time to time and is available upon request.
<br />5.6 Ownership of Client Data. Client owns all Client Data entered into the eSOPH System by its
<br />Authorized Users and its Applicants, including Applicant Data entered in response to the Client's request for
<br />information to process an Applicant's background investigation.
<br />5.7 Post -Termination Retention of Data. Without limiting Client's rights to Client Data and
<br />Applicant Data hereunder, MMI may retain and store the following data during and after the term of this
<br />Agreement: Applicant name, Applicant telephone number, Applicant mailing address, Applicant email address,
<br />Applicant year of birth, date the Applicant was entered into the eSOPH System, Applicant's background
<br />investigation close date, position Applicant has applied for with Client, and the legal agreements (e.g., MMI's
<br />Electronic Signature Agreement, Terms of Use and Privacy Policy) related to any Authorized User's or
<br />Applicant's use of the eSOPH System. MMI may retain such information and use it to comply with applicable
<br />law and the eSOPH System Terms of Use and Privacy Policy and for the purposes described in Section 5.4. Other
<br />than as stated in this Agreement, MMI will not use such information for other purpose.
<br />5.8 Confidential Information. In performance of this Agreement, the Parties may directly or
<br />indirectly disclose to each other confidential information, proprietary information, or confidential data
<br />("Confidential Information"). "Confidential Information" shall include any data and/or information that is
<br />identified by either Party as confidential (either orally or in writing) or is of such a nature that a reasonable person
<br />would understand such information to be confidential, including, but not limited to, (a) trade secrets or
<br />confidential business information of either Party, including without limitation information about such Party's
<br />technology, financial information, and plans; and (b) personal information of employees, Applicants, and
<br />Authorized Users, including but not limited to, images, names, addresses, Social Security numbers, e-mail
<br />MASTER SOFTWARE LICENSE & SERVICES AGREEMENT PAGE 7 OF 20
<br />Version: April 12, 2017
<br />
|