My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Bank of America 12/30/2021 (2)
>
Contracts
>
Agreement
>
Purchase
>
Bank of America 12/30/2021 (2)
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/11/2022 11:41:03 AM
Creation date
3/11/2022 11:40:00 AM
Metadata
Fields
Template:
Contracts
Contractor's Name
Bank of America
Approval Date
12/30/2021
Department
Purchasing
Department Project Manager
Theresa Bauccio-Teschlog
Subject / Project Title
Corporate Care Service Agreement
Tracking Number
0003164
Total Compensation
$0.00
Contract Type
Agreement
Contract Subtype
Purchase
Retention Period
6 Years Then Destroy
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
23
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
BANK OFAMERICA " , <br /> 21. INFORMATION SECURITY/DATA PROTECTION <br /> 21.1 Overall Data Security Regulations. As a financial institution, we are required to comply with the information security standards <br /> established under national and international legal and regulatory requirements applicable to us. We are evaluated regularly for compliance <br /> with these obligations by various US and international regulators as applicable. <br /> 21.2 Security and Confidentiality.We maintain an Information Security Policy that <br /> i. contains appropriate administrative, technical and physical safeguards designed to protect against Information Security <br /> Events; <br /> ii. conforms as required to the requirements of applicable Data Protection Laws;and <br /> iii. sets forth policies and procedures that are designed to be consistent with,to the extent applicable to the Services, PCI-DSS <br /> standards;the card networks rules and regulations;and Financial Services Industry Best Practices. <br /> 21.3 Data Protection. You hereby represent and warrant to us now and on each day on which we provide a Service to you that you are in <br /> compliance with all Data Protection Laws and where required under such Data Protection Laws you will maintain at all times during the term <br /> of the Agreement a valid registration or authorization with any applicable Data Protection Authority.You shall inform us of any requirement of <br /> which you are aware which would require us to be registered or authorized with any applicable Data Protection Authority in order to provide <br /> the Services to you.You shall obtain on your and, as applicable,our behalf all necessary and valid consents, including Cardholder consents, <br /> and provide all necessary data protection notices in order for us to process the Personal Data using such forms as we may prescribe for the <br /> purposes described in the Agreement, and to disclose the Personal Data to the types of recipients described in the Agreement, including if <br /> applicable where the recipients are located outside of the EEA.You shall retain,and upon request provide us with,copies of such notices and <br /> consents. With regard to our processing of Personal Data, we will comply with our obligations as a financial institution as set out in Section <br /> 21.1 and all applicable Data Protections Laws. <br /> We may process Personal Data for the following purposes: <br /> i. to provide and manage the Services; <br /> ii. to help monitor,assess and carry out statistical product analysis and development; <br /> iii. to develop for our own use internal data on the types of clients and the markets we service; <br /> iv. to perform system testing and training; <br /> v. to manage our business; <br /> vi. as part of any internal or external audit or compliance review that we or any of our affiliates may undertake; <br /> vii. to help prevent crime,fraud and terrorism;and <br /> viii. to comply with card networks rules and all applicable laws and other legal and regulatory requirements. <br /> We will never use Personal Data for direct marketing to Cardholders. <br /> You agree that we may disclose Personal Data to: <br /> i. our affiliates, agents,auditors and service providers; <br /> ii. card networks and fraud prevention agencies; <br /> iii. to any other person if legally required, including to law enforcement agencies,authorities,regulators and courts;and <br /> iv. any other person to whom we may transfer or intend to transfer, assign or sell any of our rights or obligations under the <br /> Agreement. <br /> Any disclosures of Personal Data that we make will be made in compliance with applicable Data Protection Laws. <br /> Where we are deemed to be processing Personal Data on your behalf,we agree to the following: <br /> i. We will process the Personal Data only as required for the purposes providing the Services or as otherwise set out in the <br /> Agreement. We will only act on your instructions in relation to the processing of the Personal Data in accordance with the <br /> terms of the Agreement. You are responsible for providing us with any relevant instructions concerning the Processing of <br /> Personal Data in connection with Services. <br /> ii. During the term of the Agreement,we take appropriate technical and organizational measures to protect the Personal Data <br /> against accidental or unlawful destruction or accidental loss,alteration, unauthorized disclosure or access and against other <br /> unlawful forms of processing having regard to the state of technological developments and the cost of implementing those <br /> measures, so as to ensure a level of security appropriate to the harm that may result from breach of those measures and <br /> the nature of the Personal Data to be protected. In addition,we will ensure that our staff processing Personal Data hereunder <br /> keep any Personal Data strictly confidential and not use such Personal Data for any other purposes other than for the <br /> provision of Services to you or as otherwise set out in the Agreement. <br /> You acknowledge and agree that data processing related to a Service and your Card Accounts may take place in countries other than those <br /> where you and your accounts with us are located. You further understand that information concerning your relationship with us may be <br /> available on our electronic data system both for information management purposes and in order to enable you to benefit from our electronic <br /> banking services. You understand and agree that,as a result, your banking relationship information may be available to some of our officers <br /> outside the country or countries where you and your accounts are located. You authorize us to transmit your banking relationship information <br /> across national borders, notwithstanding the banking secrecy laws of any of the countries involved, as necessary or appropriate to provide a <br /> Service. <br /> 00-35-6182NSBW 02-28-2020 AK Page 12 of 16 <br /> Bank of America — Confidential C 2020 Bank of America Corporation <br />
The URL can be used to link to this page
Your browser does not support the video tag.