1. Service provided by Party A shall meet Party B's security requirements, free from Trojan, backdoor, worms, viruses, malicious code, unknown functions, and unknown permissions in any form. Party A shall not implant any illegal codes, malware, and backdoor in equipment or systems of Customers or Party B, or reserve any undisclosed interfaces or accounts.
译文：甲方提供的服务应符合乙方的安全要求，不存在任何形式的特洛伊木马、后门程序、蠕虫、病毒、恶意代码、未知的功能以及未知的权限限制。甲方不得在客户和乙方的设备、系统中植入任何非法代码、恶意软件和后门程序，不得保留任何秘密接口或账户。
2. In the commercial-use phase or engineering-to-maintenance phase, Party A shall not keep or use administrator account or other unauthorized accounts. Without written authorization of Customers and/or Party B, Party A shall not access systems of Customers or Party B, or gather, hold, process, modify, disclose or public any data or information in any customer's network.
译文：在商业使用阶段或工程维护阶段，甲方不得保留和使用管理员帐户、其他未经授权的帐户。未经客户和/或乙方的书面授权，甲方不得访问客户或乙方的系统，不得在任何客户的网络上收集、保存、处理、修改、披露、公开任何数据或信息。
3. Party A shall strictly keep confidential any information or data acquired when providing services until relevant information or data are lawfully disclosed. Party A shall not use such information for personal interests or other illegal purposes. Party A shall not run illegal software on networks of Party B's customers or Party B.
译文：甲方应当对提供服务时获得的所有信息和数据严格保密，直至相关信息和数据被合法披露。甲方不得将这些信息用于谋取个人利益或其他非法目的。甲方不得在乙方或乙方客户的网络上运行非法软件。
4. The Service Provider shall ensure that it fully complies with the specific provisions of all the applicable laws and regulations dealing with data protection and privacy. The Service Provider shall take all reasonable precautions to preserve the integrity and prevent any corruption or loss, damage or destruction of the sensitive personal data and information.
译文：服务提供商应当确保完全符合有关数据保护和隐私的所有适用法律和法规的具体规定。服务提供商应采取一切合理的预防措施，保证敏感的个人数据和信息的完整性，防止发送任何损失、丢失、损坏或破坏。
5. The Service Provider shall not implant any illegal codes, malware, and backdoor in Products, equipment or systems of Customers or Party B, or reserve any undisclosed interfaces or accounts. Without written authorization of Customers and/or Party B, the Service Provider shall not use any unauthorized accounts or others' accounts to log in to any Product, or share any accounts or passwords with third parties.
译文：服务提供商不得在客户或乙方的产品、设备或系统中植入任何非法代码、恶意软件和后门，不得保留任何秘密接口或账户。未经客户和/或乙方的书面授权，服务提供商不得使用任何未经授权的账户或其他账户登录任何产品，不得与第三方共享任何账户或密码。
6. Except to the extent necessary to render the Services hereunder, the Service Provider shall not, under any circumstances, attempt to remove, copy, decompile, reverse engineer or reverse assemble, compromise or replace any data or files or any other component of the Products or Spare Parts.
译文：除为提供本协议项下的服务所必需的范围外，在任何情况下，服务提供商不得试图对产品或备件的任何数据、文件、任何其他组件进行删除、复制、反编译、逆向工程、反向组装、反汇编、替换等操作。
7. Without limiting the generality of the foregoing, Client will not, and will not permit any advisors, consultants, or subcontractors to, attempt to access Party A’s systems or networks connected to Party A’s systems by circumventing Party A’s system access control measures (e.g., hacking, password mining, etc.) or breach the security or authentication measures of Party A’s systems and networks.
译文：在不限制上述规定普遍适用性的前提下，客户不会、也不允许任何顾问、咨询师或者分包商试图通过绕过甲方的系统访问控制措施（例如，黑客攻击、密码挖掘等）或者违反甲方的系统和网络的安全或认证措施，来访问甲方的系统、与甲方的系统相连接的网络。
8. Where any Personal Data is processed in connection with the exercise of the Parties’ rights and obligations under this Agreement, the Parties acknowledge that DISTRIBUTOR shall be acting as a processor on behalf of AAA’S. AAA’S will have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which it was obtained.
译文：任何个人数据的处理涉及本协议项下双方权利的行使和义务的履行的，双方特此确认，经销商应当代表AAA进行处理。AAA将对个人数据的准确性、质量和合法性以及获取个人数据的方式负全部责任。
9. DISTRIBUTOR guarantees to process Personal Data in accordance with the requirements of data protection laws and regulations. DISTRIBUTOR shall implement and maintain appropriate technical and organizational security measures to protect the Personal Data and to preserve the security and confidentiality of the Personal Data.
译文：经销商保证按照数据保护法律法规的要求处理个人数据。经销商应当制定和实施适当的技术和组织安全措施，以保护个人数据并维护个人数据的安全性和保密性。
10. Except for liability resulting from Supplier's indemnification obligations, or either Party's breach of confidentiality and data security obligations in no event shall either Party's annual aggregate liability to the other party for direct damages in relation to any and all claims arising under or in relation to any Statement of Work entered pursuant to this Agreement exceed twelve (12) times the average monthly billed fees paid by BBB during the year in which the claim(s) arose.
译文：除因供应商的赔偿责任而导致的责任以及任何一方违反任何保密义务和数据安全规定而导致的责任外，在任何情况下，因依据本协议订立的任何工作说明书而发生的或者与之相关的所有索赔，对一方造成直接损失的，对方每年的赔偿责任总额不得超过发生索赔的年度内BBB平均每月支付的费用的十二(12)倍。