Compliance with Data Privacy Laws The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
HIPAA Compliance To the extent that and for so long as a Loan Party is a “covered entity” within the meaning of HIPAA, such Loan Party (i) has undertaken or will promptly undertake all applicable surveys, audits, inventories, reviews, analyses and/or assessments (including any required risk assessments) of all areas of its business and operations required by HIPAA; (ii) has developed or will promptly develop a detailed plan and time line for becoming HIPAA Compliant (a “HIPAA Compliance Plan”); and (iii) has implemented or will implement those provisions of such HIPAA Compliance Plan in all material respects necessary to ensure that such Loan Party is or becomes HIPAA Compliant.
Privacy Laws The Dealer Manager and Dealer (each referred to individually in this section as “party”) agree as follows:
Compliance with Privacy Laws NCPS represents and warrants that its collection, access, use, storage, disposal and disclosure of Personal Data does and will comply with all applicable federal and state privacy and data protection laws, as well as all other applicable regulations. Without limiting the foregoing, NCPS shall implement administrative, physical and technical safeguards to protect Personal Data that are no less rigorous than accepted industry, and shall ensure that all such safeguards, including the manner in which Personal Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Escrow Agreement. NCPS shall use and disclose Personal Data solely and exclusively for the purposes for which the Personal Data, or access to it, is provided pursuant to the terms and conditions of this Escrow Agreement, and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Personal Data for NCPS’s own purposes or for the benefit of any party other than Issuer. For purposes of this section, “Personal Data” shall mean information provided to NCPS by or at the direction of the Issuer, or to which access was provided to NCPS by or at the direction of the Issuer, in the course of NCPS’s performance under this Escrow Agreement that: (i) identifies or can be used to identify an individual (also known as a “data subject”) (including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers); or (ii) can be used to authenticate an individual (including, without limitation, employee identification numbers, government-issued identification numbers, passwords or PINs, financial account numbers, credit report information, biometric or health data, answers to security questions and other personal identifiers), including the identifying information on individuals described in Section 12.
OFAC Compliance (a) Tenant represents and warrants that (a) Tenant and each person or entity owning an interest in Tenant is (i) not currently identified on the Specially Designated Nationals and Blocked Persons List maintained by the Office of Foreign Assets Control, Department of the Treasury (“OFAC”) and/or on any other similar list maintained by OFAC pursuant to any authorizing statute, executive order or regulation (collectively, the “List”), and (ii) not a person or entity with whom a citizen of the United States is prohibited to engage in transactions by any trade embargo, economic sanction, or other prohibition of United States law, regulation, or Executive Order of the President of the United States, (b) none of the funds or other assets of Tenant constitute property of, or are beneficially owned, directly or indirectly, by any Embargoed Person (as hereinafter defined), (c) no Embargoed Person has any interest of any nature whatsoever in Tenant (whether directly or indirectly), (d) none of the funds of Tenant have been derived from any unlawful activity with the result that the investment in Tenant is prohibited by law or that the Lease is in violation of law, and (e) Tenant has implemented procedures, and will consistently apply those procedures, to ensure the foregoing representations and warranties remain true and correct at all times. The term “
Local Law Compliance To the Mortgage Loan Seller’s knowledge, based upon any of a letter from any governmental authorities, a legal opinion, an architect’s letter, a zoning consultant’s report, an endorsement to the related Title Policy, a survey, or other affirmative investigation of local law compliance consistent with the investigation conducted by the Mortgage Loan Seller for similar commercial and multifamily mortgage loans intended for securitization, the improvements located on or forming part of each Mortgaged Property securing a Mortgage Loan are in material compliance with applicable laws, zoning ordinances, rules, covenants, and restrictions (collectively “Zoning Regulations”) governing the occupancy, use, and operation of such Mortgaged Property or constitute a legal non-conforming use or structure and any non-conformity with zoning laws constitutes a legal non-conforming use or structure which does not materially and adversely affect the use, operation or value of such Mortgaged Property. In the event of casualty or destruction, (a) the Mortgaged Property may be restored or repaired to the full extent necessary to maintain the use of the structure immediately prior to such casualty or destruction, (b) law and ordinance insurance coverage has been obtained for the Mortgaged Property in amounts customarily required by the Mortgage Loan Seller for similar commercial and multifamily loans intended for securitization, (c) title insurance policy coverage has been obtained with respect to any non-conforming use or structure, or (d) the inability to restore the Mortgaged Property to the full extent of the use or structure immediately prior to the casualty would not materially and adversely affect the use or operation of such Mortgaged Property. The Mortgage Loan documents require the related Mortgagor to be qualified to do business in the jurisdiction in which the related Mortgaged Property is located.
Tax Law Compliance The Company and its subsidiaries have filed all necessary federal, state and foreign income and franchise tax returns or have properly requested extensions thereof and have paid all taxes required to be paid by any of them and, if due and payable, any related or similar assessment, fine or penalty levied against any of them except as may be being contested in good faith and by appropriate proceedings. The Company has made adequate charges, accruals and reserves in the applicable financial statements referred to in Section 1(j) above in respect of all federal, state and foreign income and franchise taxes for all periods as to which the tax liability of the Company or any of its subsidiaries has not been finally determined.
Reporting Compliance The Company is subject to, and is in full compliance in all material respects with, the reporting requirements of Section 13 and Section 15(d), as applicable, of the Exchange Act.
FCPA Compliance The Company has not and, to the best of the Company’s knowledge, none of its employees or agents at any time during the last five years have (i) made any unlawful contribution to any candidate for foreign office, or failed to disclose fully any contribution in violation of law, or (ii) made any payment to any federal or state governmental officer or official, or other person charged with similar public or quasi-public duties, other than payments required or permitted by the laws of the United States or any jurisdiction thereof.
Privacy of Customer Information Company Customer Information in the possession of the Agent, other than information independently obtained by the Agent and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of the Companies. Except in accordance with this Section 10.10, the Agent shall not use any Company Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, Customers, or disclose any Company Customer Information to any Person, including any of the Agent’s employees, agents or contractors or any third party not affiliated with the Agent. The Agent may use or disclose Company Customer Information only to the extent necessary (i) for examination and audit of the Agent’s activities, books and records by the Agent’s regulatory authorities, (ii) to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges or (iii) to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors), and for no other purpose; provided that the Agent may also use and disclose the Company Customer Information as expressly permitted by the relevant Company in writing, to the extent that such express permission is in accordance with the Privacy Requirements. The Agent shall take commercially reasonable steps to ensure that each Person to which the Agent intends to disclose Company Customer Information, before any such disclosure of information, agrees to keep confidential any such Company Customer Information and to use or disclose such Company Customer Information only to the extent necessary to protect or exercise the Agent’s, the Custodian’s and the Lenders’ rights and privileges, or to carry out the Agent’s, the Custodian’s and the Lenders’ express obligations, under this Agreement and the other Facilities Papers (including providing Company Customer Information to Approved Investors). The Agent agrees to maintain an Information Security Program and to assess, manage and control risks relating to the security and confidentiality of Company Customer Information pursuant to such program in the same manner as the Agent does so in respect of their own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 CFR Parts 30, 208, 211, 225, 263, 308, 364, 568 and 570. Without limiting the scope of the foregoing sentence, the Agent shall use at least the same physical and other security measures to protect all Company Customer Information in the Agent’s possession or control as the Agent uses for their own customers’ confidential and proprietary information.
