In an effort to comply with Tensorleap’s obligations in Section 7 of the Agreement, Tensorleap shall take precautions which include, but are not limited to, establishing and maintaining: (i) contractual restrictions on access to the information by contractors (ii) intrusion detection systems on all information systems of where Protected Information is maintained or controlled by Tensorleap, and (iii) notification procedures for notifying Customer promptly in the event a security breach is detected or suspected, as well as other response programs when there is a suspected or detected security breach involving Protected Information. These precautions will also include, as appropriate: (1) access controls to Tensorleap’s information systems, including controls to identify and permit access only to authorized individuals and controls to prevent access to Customer Confidential Information through improper means; (2) Tensorleap Personnel controls and training; (3) physical access restrictions at locations where Customer, Confidential Information is located; and (4)encryption of electronic Customer Confidential Information in transit and at rest.

Tensorleap will: (1) monitor the foregoing measures with periodic audits or testing, and (2) provide copies of the same sufficient to assure Customer, or its regulatory authorities, that Tensorleap is implementing these precautions, and (3) notify Customer immediately in the event Tensorleap becomes aware of any security breach (“Security Breach”). In providing any notice of a Security Breach, Tensorleap shall (i) provide notice to one or more Customer managers generally responsible for security matters affected by the Security Breach, within seventy two (72) hours of discovering the Security Breach, and (ii) keep Customer informed as to the actual and anticipated effects of the Security Breach and the corrective actions taken or to be taken in response to the Security Breach.