OCLC 12/18/2018 - Laserfiche WebLink

8.3 Nondisclosure of Internal Data. OCLC shall hold all Internal Data in strict confidence and with the same standard of care it uses to protect its own information of a similar nature and shall not use Internal Data for any purpose other than to provide the Service or as may be authorized in writing by Institution. OCLC shall not disclose Internal Data to any other party except: (a)to OCLC employees, agents, subcontractors and service providers, to whom Internal Data needs to be disclosed for the purpose of providing the Service; (b) as required by law, or to respond to duly authorized information requests of police and governmental authorities or to comply with any facially valid subpoena or court order;(c)to protect the rights or property of OCLC or OCLC customers,including the enforcement of OCLC agreements or policies governing Institution's use of the Service; (d)to involve and cooperate with law enforcement or the appropriate legal authorities in investigations,and to protect Systems and OCLC's customers,or(e)as authorized by Institution in writing. 8.4 Prohibitions. Institution expressly warrants that it will not enter, submit, transfer, or store in the Service any of the following types of information: Social Security Numbers (or other national identification numbers), financial account numbers, credit card or debit card numbers. OCLC will have no liability, and Institution expressly releases OCLC from any liability,associated with the loss,theft,disclosure or misuse of such information. 8.5 Data Transfer. As part of providing Services, OCLC may store and process Institution Data in the United States or any other country in which OCLC or its affiliates, subsidiaries, or agents maintain facilities. By using the Service, Institution consents to this transfer, processing, and storage of Institution Data to or by OCLC, its service providers, and affiliates subsidiaries or agents,over state and international borders as necessary to provide the Service in accordance with OCLC's standard business practices. 8.6 Unauthorized Disclosures. OCLC will promptly notify Institution in the event of a verified breach of non-public personal data unless such breach is unlikely to result in material harm to Institution or the data subject,or as otherwise provided by law. Institution agrees that it shall be Institution's sole responsibility to determine whether a breach is subject to state, federal or national breach notification laws and requires breach notification ("Breach Notification"). In the event that Institution determines that a breach requires Breach Notification, OCLC agrees that it will reasonably cooperate with Institution in regard to Institution's Breach Notification obligations as specified in the applicable law, including Institution's investigation, enforcement, monitoring, document preparation, Breach Notification requirements, and reporting.Institution shall be solely responsible for notifying all individuals subject to Breach Notification,however OCLC reserves the right to first review all notifications before they are sent. Section 9 Limitation of Liability NEITHER PARTY WILL HAVE LIABILITY FOR ANY INDIRECT, CONSEQUENTIAL, EXEMPLARY, SPECIAL, INCIDENTAL,OR PUNITIVE DAMAGES FOR ANY MATTER ARISING FROM OR RELATING TO THIS AGREEMENT OR THE PRODUCTS AND SERVICES, INCLUDING BUT NOT LIMITED TO ANY UNAUTHORIZED ACCESS TO,OR ALTERATION, THEFT, LOSS, INACCURACY, OR DESTRUCTION OF INFORMATION OR DATA COLLECTED, STORED, DISTRIBUTED, OR MADE AVAILABLE VIA THE PRODUCTS AND SERVICES, INSTITUTION'S USE OR INABILITY TO USE THE PRODUCTS AND SERVICES, ANY CHANGES TO OR INACCESSIBILITY OF THE PRODUCTS AND SERVICES,ANY DELAY OR FAILURE OF THE SERVICES,OR FOR LOST PROFITS,OR COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, EVEN IF OCLC OR INSTITUTION HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY EVENT,A PARTY'S LIABILITY TO THE OTHER PARTY FOR ANY REASON AND UPON ANY CAUSE OF ACTION WILL BE LIMITED TO AN AMOUNT EQUAL TO THE AMOUNT INSTITUTION ACTUALLY PAID OCLC FOR THE INDIVIDUAL IMPLICATED OCLC PRODUCTS OR SERVICES COVERED UNDER THIS AGREEMENT OVER THE 12 MONTHS PRIOR TO WHICH SUCH CLAIM AROSE. THIS LIMITATION APPLIES TO ALL CAUSES OF ACTION IN THE AGGREGATE, INCLUDING, BUT NOT LIMITED TO, BREACH OF CONTRACT,BREACH OF WARRANTY,NEGLIGENCE, STRICT LIABILITY,MISREPRESENTATIONS, AND OTHER TORTS. FEES UNDER THIS AGREEMENT ARE BASED UPON THIS ALLOCATION OF RISK. THIS SECTION WILL NOT APPLY TO DAMAGES THAT CANNOT BE LIMITED OR EXCLUDED BY LAW (IN WHICH EVENT THE LIABILITY SHALL BE LIMITED TO THE FULLEST EXTENT PERMITTED). Section 10 Use of Products and Services 10.1 Institution Data a) Ownership. Institution,and/or its suppliers and affiliates,retains all right,title and interest(including,without limitation, all proprietary rights) to Institution Data, except for rights granted to OCLC and its affiliates under this Agreement. Institution is solely responsible for the accuracy, completeness, and legality of Institution Data. Institution is responsible for obtaining all permission and other rights necessary to provide Institution Data to OCLC. Institution will not provide OCLC with Institution Data that Institution does not have the right to provide for use in connection with the Products or Services. b)License Rights. Institution grants OCLC a global,non-exclusive,royalty-free,transferable and sub-licensable right to use the Internal Data to the extent necessary for the provision of the Products and Services. Institution grants OCLC, OCLC participants,non-participant users,and OCLC designees a global,perpetual,non-exclusive,royalty-free,transferable,and sub-licensable right to host, reproduce, transmit, store, publish, distribute, modify, create derivative works from, and otherwise use Shared Data. Institution Data shall be supplied to OCLC in a format compatible for use with the Products and Services. 10.2 Not Used. 10.3 Acceptable Use Policy("AUP") Everett Public Library 20170701 Page 4 of 13 OCLC Master Services Agreement