Common use of Cybersecurity and Data Protection Clause in Contracts

Cybersecurity and Data Protection. The Company and its Subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate in all material respects for, and operate and perform as required in connection with, the operation of the business of the Company and its Subsidiaries as currently conducted and, to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect. The Company and its Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with the business of the Company and its Subsidiaries as currently conducted, and, to the knowledge of the Company, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except for such failures as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect. The Company and its Subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification, except for such failures as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect.

Cybersecurity and Data Protection. The (i)(x) Except as disclosed in the Registration Statement, the General Disclosure Package and the Prospectus, (A) (1) the Company has not disclosed or permitted any disclosure of and (2) to the Company’s knowledge, there has been no Personal Data Breach of, in each case of (1) and (2), any Personal Data controlled or Processed by the Company or its Subsidiariessubsidiaries (or of any Personal Data Processed by Processors on behalf of the Company or its subsidiaries; (B) (1) the Company has not permitted access to and (2) to the Company’s knowledge, there has been no security breach, unauthorized access, or other compromise of or relating to, in each case of (1) and (2), any of the Company’s or its subsidiaries’ information technology assets and equipment, computers, computer systems, networks, hardware, software, websitesdata (including the data of their respective customers, applicationsemployees, suppliers, vendors, patients and databases any third party data maintained by or on behalf of them), equipment or technology (collectively, the “IT SystemsSystems and Data”) are reasonably believed by the Company to be adequate in all material respects for, and operate and perform as required in connection with, the operation of the business of (y) the Company and its Subsidiaries as currently conducted andsubsidiaries have not been notified of, to the Company’s knowledge, are free and clear have no knowledge of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except as any event or condition that would not individually or in the aggregate reasonably be expected to result in, any security breach, unauthorized access, disclosure or other compromise to their IT Systems and Data or any Personal Data Breach, except as would not, in the case of this clause (i), individually or in the aggregate, have a Material Adverse Effect. The ; (ii)(x) the Company and its Subsidiaries subsidiaries have in place and maintain commercially reasonable technical and organizational measures to protect against the accidental or unlawful destruction, loss, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise Processed, by the Company or its subsidiaries; (y) have otherwise had in place and implemented and maintained commercially reasonable controls, policies, procedures, and technological safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all their IT Systems and data Data reasonably consistent with industry standards and practices, or as required by applicable Data Protection Laws; and (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)z) used in connection with the business of the Company and its Subsidiaries as currently conducted, and, to the knowledge of the Company, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except for such failures as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect. The Company and its Subsidiaries subsidiaries are presently in compliance with all applicable Data Protection Laws and other laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of Personal Data, IT Systems and Personal Data and to the protection of such Personal Data, IT Systems and Personal Data from unauthorized use, access, misappropriation or modification, except for such failures as would not not, in the case of this clause (ii), individually or in the aggregate reasonably be expected to result in aggregate, have a Material Adverse Effect; and (iii) the Company and its subsidiaries have implemented commercially reasonable controls, policies, procedures, technological safeguards and backup and disaster recovery technology reasonably consistent with industry standards and practices or as required by applicable Data Protection Laws, to maintain and protect the integrity, continuous operation, redundancy and security of the IT Systems and Data.