Data Protection Policy
Purpose and Scope
This UBIAI Open Platform Developers Program Data Protection Policy prescribes the minimum data protection and information security standards that you and Your Personnel must meet and maintain in order to protect Protected Data from unauthorised use, access, disclosure, theft, manipulation, reproduction, any security breaches or otherwise.
You shall be fully responsible for ensuring that you, Your Personnel performing any activities covered from time to time and your Users consent to and comply. Any act or omission by any of Your Personnel or your Users amounting to a breach of shall be deemed a breach by you. In the event of any such breach, (i) UBIAI may terminate your use of the Platform; and (ii) in the event that such breach constitutes a Security Breach, UBIAI may require you to indemnify, defend and hold UBIAI harmless from and against all liabilities, costs, damages, claims and expenses relating to such breach.
Capitalised terms used but not defined herein shall have the meaning set forth in the Terms.
No Access to Restricted Data
Under no circumstances shall you or any of Your Personnel access, receive, transmit, process or store (or attempt to do any of the aforementioned) any highly sensitive or regulated information
- That is restricted by UBIAI to a limited group of persons on a need to-know basis, and
- Whose access or whose release would likely have a material adverse financial or reputational effect on UBIAI, UBIAI customers, or UBIAI clients. Such information shall not include Payment Card Industry regulated data.
Security Management
You will develop, implement, maintain and enforce a written information privacy and security program that:
You will provide details of any major change to your security program that may adversely affect the security of any Protected Data. Such details must be communicated in writing to UBIAI business days before such change is implemented.