Cybersecurity and Data Protection. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to, the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), (B) neither the Company nor its subsidiaries have been notified of, and have no knowledge of any event or condition that would result in, any security breach or incident, unauthorized access or disclosure of or other compromise to their IT Systems and Data and (C) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery and security of their IT Systems and Data consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards, except with respect to clauses (A) and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in the aggregate, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries are presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possession, and the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification.
Appears in 2 contracts
Samples: Underwriting Agreement (Protalix BioTherapeutics, Inc.), Atm Equity Offering Sales Agreement (Protalix BioTherapeutics, Inc.)
Cybersecurity and Data Protection. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to, to the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), except as would not, individually or in the aggregate, have a Material Adverse Effect; (B) neither the Company nor its subsidiaries have been notified of, and or have no any knowledge of any event or condition that would could result in, any security breach or incident, unauthorized access or disclosure of or other compromise to their IT Systems and Data and (C) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards, except with respect to clauses (A) and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in the aggregate, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries are presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possessionpossession (“Sensitive Company Data”), and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have taken all reasonable steps necessary to maintain the confidentiality of the Sensitive Company Data. The Company and its subsidiaries have not received any notice, claim, complaint, demand or letter from any person in respect of their businesses under applicable data security and data protection laws and regulations and industry standards regarding misuse, loss, unauthorized destruction or unauthorized disclosure of any Sensitive Company Data. There has been no unauthorized or illegal use of or access to any Sensitive Company Data by any third party. The Company and its subsidiaries have not been required to notify any individual or data protection authority of any information security breach, compromise or incident involving Sensitive Company Data.
Appears in 2 contracts
Samples: Atm Equity Offering Sales Agreement (Akoustis Technologies, Inc.), Atm Sales Agreement (Akoustis Technologies, Inc.)
Cybersecurity and Data Protection. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to, the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), (B) neither the Company nor its subsidiaries have been notified of, and have no knowledge of any event or condition that Except for those would result in, any security breach or incident, unauthorized access or disclosure of or other compromise not reasonably be expected to their IT Systems and Data and (C) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery and security of their IT Systems and Data consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards, except with respect to clauses (A) and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in the aggregate, have a Material Adverse Effect, or with respect to clause (C), where i) the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries the Group Entities have complied and are presently in compliance in all material respects with all internal and external privacy policies and information notices, contractual obligations, industry standards, regulatory guidelines, applicable laws or statutes and all laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authorityauthority and any other legal obligations, internal policies and contractual obligations in each case, relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processingimport, export, storage, protection, disposal, disclosuredisclosure and any other processing by the Company or the Group Entities of personal, handlingpersonally identifiable, storage household, sensitive, confidential or regulated data (“Data Security Obligations”, and analysis such data, “Data”), (ii) none of personally identifiable informationthe Company or the Group Entities has received any notification of or complaint regarding, protected health informationor is aware of any other facts that, consumer information individually or in the aggregate, would reasonably indicate, non-compliance by any of them with any Data Security Obligation, (iii) to the Company’s knowledge, there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging the Company’s or any Group Entity’s non-compliance with any Data Security Obligation, (iv) the Company and other confidential information each Group Entity have implemented and maintained reasonable technical and organizational measures designed to protect the security and integrity of the Data used in connection with the operation of the Company’s and each of the Group Entities’ businesses, its subsidiaries (v) without limiting the foregoing, the Company and any third parties in their possessioneach of the Group Entities have used reasonable efforts to establish and maintain, and the have established, maintained, implemented and complied with, reasonable information technology, information security, cybersecurity and data protection of such IT Systems controls, policies and Data from procedures, including oversight, access controls, encryption, technological, organizational and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized or unlawful distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any Data used in connection with the operation of the Company’s or any of the Group Entities’ businesses (“Breach”), and (vi) there has been no such Breach, and neither the Company or any of the Group Entities has been notified of or has any knowledge of any event or condition that would reasonably be expected to result in, any such Breach. Except as disclosed in the Hong Kong Public Offering Documents, Registration Statement, the Disclosure Package and the Prospectus, none of the Company or Group Entities is the subject of any investigation, or has received any inquiry, notice, warning, sanction or claim, or is a party to or affected by any pending or, threatened action, suit, proceeding or claim, or is bound by any judgment, decree or order, or has entered into any agreement, in each case relating to any alleged violation of any Cybersecurity Law of the PRC, in particular, neither the Company nor Group Entities is currently subject to a cybersecurity review by the Cyberspace Administration of the PRC (the “CAC”), except which would not, if determined adversely to the Company or any of the Group Entities, individually or in the aggregate, result in a Material Adverse Change.
Appears in 2 contracts
Samples: International Underwriting Agreement (Tuya Inc.), Hong Kong Underwriting Agreement (Tuya Inc.)
Cybersecurity and Data Protection. Except as would not, singly or in the aggregate, have or reasonably be expected to have a Material Adverse Effect: (A) There there has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to, to the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), ; (B) neither the Company nor its subsidiaries have been notified of, and nor have no any knowledge of any event or condition that would result in, any security breach or incident, unauthorized access or disclosure of or other compromise to their IT Systems and Data and Data; (C) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards, except with respect to clauses (A) ; and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in D) the aggregate, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries are presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possessionpossession (“Sensitive Company Data”), and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have taken all reasonable steps necessary to maintain the confidentiality of the Sensitive Company Data. The Company and its subsidiaries have not received any written notice, claim, complaint, demand or letter from any person in respect of their businesses under applicable data security and data protection laws and regulations and industry standards regarding misuse, loss, unauthorized destruction or unauthorized disclosure of any Sensitive Company Data. There has been no unauthorized or illegal use of or access to any Sensitive Company Data by any third party. The Company and its subsidiaries have not been required to notify any individual or data protection authority of any information security breach, compromise or incident involving Sensitive Company Data.
Appears in 1 contract
Cybersecurity and Data Protection. Except as would not reasonably be expected to, singly or in the aggregate, result in a Material Adverse Effect, (A) There there has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to, to the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), ; (B) neither the Company nor its subsidiaries have been notified of, and nor have no any knowledge of any event or condition that would result in, any security breach or incident, unauthorized access or disclosure of or other compromise to their IT Systems and Data and Data; (C) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards; (D) the IT Systems and Data are adequate and operational for, except in accordance with respect their documentation and functional specifications, the business of the Company and its subsidiaries as now operated by them and as currently proposed to clauses (A) be operated as described in the Registration Statement and the Prospectus; and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in E) the aggregate, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries are presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possessionpossession (“Sensitive Company Data”), and to the protection of such IT Systems and Data and Sensitive Company Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have taken all reasonable steps necessary to maintain the confidentiality of the Sensitive Company Data. The Company and its subsidiaries have not received any written notice, claim, complaint, demand or letter from any person or Governmental Entity in respect of their businesses under applicable data security and data protection laws and regulations and industry standards regarding misuse, loss, unauthorized destruction or unauthorized disclosure of any Sensitive Company Data. To the Company’s knowledge, there has been no unauthorized or illegal use of or access to any Sensitive Company Data by any third party. The Company and its subsidiaries have not been required to notify any individual, Governmental Entity or data protection authority of any information security breach, compromise or incident involving Sensitive Company Data and, to the Company’s knowledge, are not the subject of any inquiry or investigation by any Governmental Entity or data protection authority regarding any of the foregoing.
Appears in 1 contract
Cybersecurity and Data Protection. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating toExcept as disclosed in the Hong Kong Public Offering Documents, the Company’s or its subsidiariesCompany and the Subsidiaries’ information technology assets and computer equipment, computers, systems, networks, hardware, software, data websites, applications, and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiaries), equipment or technology (collectively, “IT Systems and DataSystems”), (B) neither the Company nor its subsidiaries have been notified ofare adequate for, and have no knowledge operate and perform as required in connection with the operation of any event or condition that would result in, any security breach or incident, unauthorized access or disclosure the business of or other compromise to their IT Systems and Data and (C) the Company and its subsidiaries the Subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and the Subsidiaries have implemented appropriate and maintained adequate controls, policies, procedures, and technological safeguards to maintain and protect and their users’ material confidential information and the integrity, continuous operation, redundancy, disaster recovery redundancy and security of their all IT Systems and Data consistent data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with industry standards their businesses, and practicesthere have been no breaches, violations, outages or as required by applicable data protection laws, Healthcare Laws and regulatory standardsunauthorized uses of or accesses to same, except with respect for those that have been remedied without material cost or liability or the duty to clauses (A) and (B), for notify any such security breach or incident, unauthorized access or disclosure, or other compromises, person. Except as would not, individually or disclosed in the aggregateHong Kong Public Offering Documents, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries the Subsidiaries are presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityauthority (including the PRC Cyber Security Law, the PRC Data Security Law, the PRC Personal Information Protection Law, and the related regulations and rules), internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage Personal Data and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possession, and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification. Neither the Company nor any Subsidiaries has received any claim for compensation from any person in respect of its business under the applicable data protection Laws and industry standards in respect of inaccuracy, loss, unauthorized destruction or unauthorized disclosure of data in the previous three years except to the extent any such claim would not, individually or in the aggregate, result in a Material Adverse Effect. Neither the Company nor any Subsidiaries is subject to any material investigation, inquiry, or sanction relating to cybersecurity or data privacy or any cybersecurity review from the Cyberspace Administration of China (the “CAC”), the China Securities Regulatory Commission (the “CSRC”), or any other relevant Governmental Authority. Neither the Company nor any Subsidiaries has been notified by any Governmental Authority of being classified as a critical information infrastructure operator under the Cybersecurity Review Measures. Neither the Company nor any of its Subsidiaries has received any objection to this Offering or the transactions contemplated under this Agreement from the CSRC, the CAC or any other relevant PRC Governmental Authority.
Appears in 1 contract
Cybersecurity and Data Protection. (Ai) There (x) To the Company’s knowledge, there has been no material security breach or incident, unauthorized access or disclosure, or other material compromise of or relating to, to any of the Company’s or its subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective patients, customers, employees, suppliers, vendors and any third third-party data maintained, processed maintained by or stored by the Company or its subsidiaries, and any such data processed or stored by third parties on behalf of the Company or its subsidiariesthem), equipment or technology (collectively, “IT Systems and Data”), ) and (By) neither the Company nor its subsidiaries have has not been notified of, and have has no knowledge of any event or condition that would reasonably be expected to result in, any material security breach or incident, unauthorized access or disclosure of or other material compromise to their IT Systems and Data and Data; (Cii) the Company and its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards to maintain and protect the integrity, continuous operation, redundancy, disaster recovery and security of their IT Systems and Data consistent with industry standards and practices, or as required by applicable data protection laws, Healthcare Laws and regulatory standards, except with respect to clauses (A) and (B), for any such security breach or incident, unauthorized access or disclosure, or other compromises, as would not, individually or in the aggregate, have a Material Adverse Effect, or with respect to clause (C), where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. The Company and its subsidiaries are is presently in compliance in all material respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of the IT Systems and Data, including the collection, use, transfer, processing, disposal, disclosure, handling, storage Data and analysis of personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in their possession, and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification, and (iii) the Company has implemented backup and disaster recovery technology consistent with industry standards and practices; except as would not, in the case of clause (ii) and (iii) hereof, individually or in the aggregate, result in a Material Adverse Effect. The Company has adopted and maintains data privacy and security policies designed to comply with all applicable laws, and each of the Company and the Subsidiaries has at all times complied with all applicable policies and third-party obligations (imposed by applicable laws, regulations or contracts) regarding the collection, use, transfer, storage, protection, disposal and disclosure by the Company and the Subsidiaries of personally identifiable information and data and any other information and data collected from or provided by third parties as well as data that may constitute trade secrets and working secrets of any Governmental Authority or would otherwise be detrimental to national security or public interest pursuant to the applicable laws in all material respects. The Company and the Subsidiaries have taken all commercially reasonable steps to protect the information technology systems and data used in connection with the operation of the Company and the Subsidiaries and/or the offering. There has been no material security breach or attack or other compromise of or relating to any such information technology systems or data, and, no material action, suit or proceeding (including, without limitation, governmental investigations or inquiries) by or before any Governmental Authority involving the Company or any of the Subsidiaries with respect to applicable cybersecurity, data privacy and security and confidentiality or archive administration laws is pending or threatened. The Company has not been informed by any Governmental Authority that the Company must file for a cybersecurity review under the Cybersecurity Review Measures of the Cyberspace Administration of China, which came into effect on February 25, 2022. The Company will use reasonable best efforts to fully cooperate once being informed by any Governmental Authority of any such cybersecurity review and report to the Cybersecurity Review Office once relevant network products and services provided by the Company may affect national security and is required by applicable Laws to make such report. The Company has not been designated as a “critical information infrastructure” operator by the Cyberspace Administration of China or any other Governmental Authority.
Appears in 1 contract