Laserfiche WebLink
that the Brainfuse Program, including any software, website, databases, content, or other product made <br />available to the Indemnified Parties by Brainfuse pursuant to this Agreement, infringe or otherwise violate <br />the intellectual property rights of such third party. Brainfuse shall also indemnify and hold harmless the <br />Indemnified Parties from and against any final award of damages or settlement amounts for release of <br />liability from any such Infringement Claim. Brainfuse shall have no liability under this subsection with <br />respect to any use or other exploitation of the Brainfuse Program not in compliance with this Agreement or <br />applicable law. <br />Section 7.3 Settlement <br />Brainfuse shall not settle any Claim or Infringement Claim without the prior written approval of Library, <br />which approval may be unreasonably withheld or delayed. <br />Section 7.4 Third Partv Beneficiaries <br />Students of the library are third party beneficiaries of this Section VII. <br />ARTICLE VIII — USER DATA AND DATA PRIVACY <br />Section 8.1 Data Ownership <br />Library will own all right, title and interest in its data that is related to the services provided by this <br />Agreement. Brainfuse shall not access Library user accounts or Library Data, except (1) as necessary to <br />provide the services, (2) in response to service or technical issues, (3) as required by the express terms of <br />this Agreement or (4) at Library's written request. <br />Section 8.2 Data Protection <br />Protection of personal privacy and data shall be an integral part of the business activities of Brainfuse to <br />ensure there is no inappropriate or unauthorized use of Library's data at any time. To this end, Brainfuse <br />shall safeguard the confidentiality, integrity, and availability of Library information and Library Data and <br />comply with the following conditions: <br />Brainfuse shall implement and maintain appropriate administrative, technical and <br />organizational security measures to safeguard against unauthorized access, disclosure or theft <br />of Personal Data and Non -Public Data. Such security measures shall be in accordance with <br />recognized industry practice and not less stringent than the measures Brainfuse applies to its <br />own Personal Data and Non -Public Data of similar kind. <br />ii. All data obtained by Brainfuse in the performance of this Agreement shall become and remain <br />the property of the Library. <br />iii. All Personal Data and Non -Public Data shall be encrypted at rest and in transit with controlled <br />access. Unless otherwise stipulated, Brainfuse is responsible for encryption of the Personal <br />Data and Non -Public Data. Any stipulation of responsibilities will identify specific roles and <br />responsibilities and shall be included in a service level agreement signed by Brainfuse and <br />Library. <br />iv. Brainfuse warrants and represents that it is PCI -DSS SAQ-D compliant and that any data <br />transmitted by the services will be sent via industry -standard PCI -compliant means. For data <br />at rest, Brainfuse shall ensure hard drive encryption consistent with validated cryptography <br />ATfY/AGR/2017.276/BRAINFUSE, INC. <br />REV: 11-17-17 JS <br />Page 3 of 7 <br />