Document toolboxDocument toolbox

Policy 1: Data Security and Handling

Owned by Muellners Foundation
Last updated: Oct 19, 2024
6 min read

Data Security and Handling Agreement And Acknowledgement of, and Agreement to, Finscale’s Privacy and Confidentiality Agreement

  1. You (hereinafter referred to as “Entity” upon an electronically governed consent on one of the Finscale’ web pages or web applications or request forms,

agrees that all information received by Entity from Finscale (“Finscale”) including its shareholders and foreign controlling company in Denmark or from any other source on behalf of Finscale is “Confidential Information” and shall be maintained in confidence and not disclosed, used or duplicated by Entity, except as described in this Data Security Agreement and Acknowledgement of, and Agreement to, Finscale’s Privacy Agreement (the “Data Security Agreement”). To the extent this Data Security Agreement is inconsistent with any other agreement Entity has with Finscale, this Data Security Agreement will control.

  1. Confidential Information includes, without limitation, all lists of customers, former customers, applicants and prospective customers of the Finscale, and all information relating to and identified with such persons, including but not limited to any and all non-public personal information (“NPPI”) or any personally identifiable financial information regarding the Finscale’s customers and their customers, as such terms are defined under the relevant Laws of Denmark and India; financial information of investors of the Finscale; business volumes or usage; pricing information; information concerning business plans or business strategy; sales methods; marketing plans; finances; contracts; legal affairs; business affairs; any trade secrets or other information that is not generally available to the public; any information that a party is obligated to keep confidential (e.g., pursuant customer lists, sales methods, pricing methods, to a contractual or other obligation such as federal privacy obligations owing to a third-party or shareholders of the Finscale); and the terms and conditions of any agreement between Entity and the Finscale, including this Agreement and any Data Processing Service Agreement or any statements of work or supplemental agreements attached thereto.

  1. Entity acknowledges and agrees that all Confidential Information obtained from the Finscale or on behalf of the Finscale, shall be deemed highly sensitive, confidential, private, and proprietary and at all times. The Entity shall with the utmost of care and confidentiality, handle, keep, maintain and secure from others any Confidential Information to which Entity is provided access to, by the Finscale.

  1. Entity may use Confidential Information only in connection with the performance of Entity’s obligations and responsibilities under Entity’s various agreements with the Finscale, including the Data Processing and Service Agreement. The Entity shall not copy Confidential Information or disclose Confidential Information to any third person and organization(s) who do not need confidential information in order for the Entity to perform his duties and responsibilities under Entity’s other agreements with the Finscale. Confidential Information shall be returned to the Finscale or destroyed upon the earlier of 1) the request of the Finscale; 2) the termination of the agreements between Entity and the Finscale; or 3) the services contemplated by the agreement between Entity and the Finscale have been completed.

  1. Entity shall not advertise, market, or otherwise make known to others any information relating to the subject matter of this Data Security Agreement or the agreements between the Finscale and Entity, including mentioning or implying the name of the Finscale. The Entity is not in the business of selling, distributing, or marketing Confidential Information to other third parties, advertisers, or marketers, and Entity agrees that it will not share Confidential Information with, or disclose, furnish or sell to any third party except as otherwise authorized by this Agreement. If Entity proposes to disclose Confidential Information to a third party in order to perform under its agreements with the Finscale, Entity must first obtain the consent of the Finscale to make such disclosure and Entity must enter into a confidentiality agreement with such third party under which that third party would be restricted from disclosing, using or duplicating such confidential information, except as consistent with this paragraph. To the extent, Entity is required by law to provide a third party with Confidential Information covered by this Data Security Agreement. The Entity shall provide the Finscale with at least 10 days prior written notice of such disclosure so the Finscale may seek a protective order.

  1. Entity represents and warrants that his/their collection, access, use, storage, disposal, and disclosure of Confidential Information, including NPPI of Finscale’s customers and customers of Finscale’s customers, does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations and directives, including but not limited to laws of Denmark and India and all regulations promulgated thereunder.

  1. Entity shall at all times abide and adhere to standards of Entity’s obligations under this Agreement and Finscale’ standard policies and procedures, a copy of which is available to the Entity on https://docs.muellners.info . Entity further agrees that it shall adhere to maintain a disciplinary process to address any unauthorized access, use or disclosure of Confidential Information and NPPI by any of the Entity's other officers, partners, principals, agents or employees.

  1. Entity agrees to reasonably cooperate at its own expense with Finscale in any litigation or other formal action deemed necessary by Finscale to protect its rights relating to the use, disclosure, protection, and maintenance of Confidential Information and NPPI.

  1. Upon Finscale’s written request, to confirm Entity’s compliance with this Agreement, as well as any applicable laws, regulations and industry standards, Entity grants Finscale or, upon Finscale’s election, a third party on Finscale’s behalf, permission to perform an assessment, audit, examination or review of all controls in Entity’s physical or technical environment in relation to all Confidential Information and NPPI being handled and/or services being provided to Finscale pursuant to this Agreement. Entity shall fully cooperate with such assessment by providing access to knowledgeable third party personnel, physical premises, documentation, infrastructure and application software that processes, stores or transports Confidential Information and NPPI for Finscale pursuant to this Agreement and as relevant to the security and confidentiality of Confidential Information and NPPI shared during the course of this Agreement.

10. Upon the Finscale’s written request, to confirm compliance with this Agreement, as well as any applicable laws and industry standards, Entity shall promptly and accurately complete a written information security questionnaire provided by Finscale or a third party on the Finscale’s behalf regarding information technology environment in relation to all Confidential Information and NPPI being handled and/or services being provided by Entity to Finscale pursuant to this Agreement.

Entity shall fully cooperate with such inquiries. Finscale shall treat the information provided by Entity in the security questionnaire as Entity’s Confidential Information.

11. All terms used in this Data Security Agreement have the meanings given them in the federal “Privacy of Consumer Financial Information” regulations, GDPR, EUROPE and those of regulations in India. The Finscale may disclose in the future, to Entity certain NPPI about consumers and customers of financial institutions, in the Finscale. Entity agrees to maintain the confidentiality of all such NPPI to the same extent that the Finscale and its affiliates are required to maintain it, under all federal and state accompanying regulations, including any regulations promulgated thereunder, and under any privacy policy of the Finscale or any written agreement between the Finscale and any third party, provided however, Entity’s obligation to comply with any privacy policy of the Finscale or any written agreement between the Finscale and third party shall only apply after the Finscale provides a copy of such privacy policy and/or written agreement to Entity or makes it available on Finscale’s website. Entity further agrees not to disclose or use any such information except to carry out the purpose for which the Finscale provided such information or any similar state regulation by which the Finscale is bound.

12. Notwithstanding any contrary provision of any agreement between the Finscale and Entity, Entity agrees to defend, indemnify and hold the Finscale and any affiliate, subsidiary, officer, director, Entity, agent and/or representative of the Finscale, harmless from any loss, cost, judgment, settlement, civil money penalty, claims, damages, or other expenditure, including full reasonable attorney fees at trial and on all appeals, incurred by the Finscale, required of the Finscale or voluntarily made by the Finscale in good faith, if it is caused, in whole or in part, directly or indirectly, by any violation of the obligations contained in this Data Security Agreement or that in any way arise from or are related to any of Entity’s acts, omissions or other conduct of Entity in violation of this Data Security Agreement.