Each party (“Indemnitor”) shall defend and indemnify the other party (“Indemnified Party”) and Indemnified Party’s Indemnified Associates against any third party claim, suit, or proceeding arising out of or related to a Data Incident (as defined below) caused by the act or omission of Indemnitor or any of its agents, subcontractors, or employees (an “Indemnified Claim”). Indemnified Claims include, without limitation, government enforcement actions. (A “Data Incident” is any unauthorized disclosure of, access to, or use of Customer Data.)
• • •
Customer shall defend and indemnify Provider and Provider’s Indemnified Associates against any “Indemnified Claim,” meaning any third party claim, suit, or proceeding arising out of, related to, or alleging a Data Incident (as defined below). INDEMNIFIED CLAIMS INCLUDE, WITHOUT LIMITATION, CLAIMS ARISING OUT OF, RELATED TO, OR ALLEGING PROVIDER’S NEGLIGENCE, as well as government enforcement actions. (A “Data Incident” is any (i) unauthorized disclosure of, access to, or use of Customer Data or (ii) violation of Privacy/Security Law through Customer’s account. Data Incidents include, without limitation, such events caused by Customer, by Provider, by Customer’s customers or other users, by hackers, and by any other third party. “Privacy/Security Law” means applicable law governing the protection or management of personal information, including without limitation the following statutes: _________.)