Common use of Cybersecurity; Data Protection Clause in Contracts

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (including the data of their respective customers, employees, suppliers, vendors and any third party data maintained by or on behalf of the Company and its subsidiaries) (collectively, “IT Systems”) ), are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conductedsubsidiaries, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptantscorruptants (collectively, “Bugs”), except where such Bugs would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed as are generally maintained by similarly situated companies and which the Company and its subsidiaries believe are reasonably adequate to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses. Without limiting the foregoing, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes have used commercially reasonable efforts to establish and all judgmentsmaintain, ordersand have established, rules maintained, implemented and regulations of any court or arbitrator or governmental or regulatory authoritycomplied with, internal reasonable information technology, information security, cyber security and data protection controls, policies and contractual obligations relating to the privacy procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security of IT Systems plans as are generally maintained by similarly situated companies that are designed to protect against and Personal Data and to the protection of such IT Systems and Personal Data from prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification except where modification, or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s and its subsidiaries’ businesses (“Breach”). To the knowledge of the Company, there has been no such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectBreach. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if not been notified of and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data have no knowledge of any event or condition that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectresult in, any such Breach.

Cybersecurity; Data Protection. The Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses access to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company and its subsidiaries Subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. Any certificate signed by or on behalf of the Company and delivered to the Sales Agent or to counsel for the Sales Agent shall be deemed to be a representation and warranty by the Company to the Sales Agent as to the matters covered thereby.

Cybersecurity; Data Protection. The Company and its subsidiaries’ Except as could not be expected to have a Material Adverse Effect, the Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Except as could not be expected to have a Material Adverse Effect, the Company and its subsidiaries have has implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, proprietary, confidential or regulated data (“Personal Sensitive Data”)) used in connection with their respective businessesits business, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Except as could not be expected to have a Material Adverse Effect, the Company and its subsidiaries are is presently in material compliance with all applicable laws or statutes (including without limitation all applicable privacy and security laws and regulations, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”); the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); and the California Consumer Privacy Act (“CCPA”) (collectively, the “Privacy Laws”)) and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Sensitive Data and to the protection of such IT Systems and Personal Sensitive Data from unauthorized use, access, misappropriation or modification except where such non-compliance modification. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable result in any such notice; (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereofii) is currently conducting or paying for, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually in whole or in the aggregatepart, reasonably be expected any investigation, remediation, or other corrective action pursuant to have any Privacy Law; or (iii) is a Material Adverse Effectparty to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Cybersecurity; Data Protection. The Company Except as described in the Registration Statement, the Pricing Disclosure Package and its subsidiaries’ the Prospectus, the information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, applications and databases owned by, or leased or licensed to, the Company or any of its subsidiaries (collectively, “IT Systems”) ), to the knowledge of the Company, are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data of their respective customers, employees, suppliers, vendors and any third party data maintained by or on behalf of them (“Personal Data”)) used in connection with their respective businesses, and, ; to the knowledge of the Company’s knowledge, there have been no material breaches, violations, outages or outages, unauthorized uses of, accesses to or other compromise of or accesses relating to any of the sameCompany’s or any of its subsidiaries’ Personal Data or IT Systems, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any third party; there are no material incidents under internal review or investigations relating to any security breach or other compromise of the same. The Company’s or any of its subsidiaries’ Personal Data or IT Systems and the Company and its subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to their IT Systems or Personal Data; the Company and its subsidiaries have implemented commercially reasonable backup and disaster recovery technology consistent with industry standards and practices; and the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityauthority and internal policies, internal policies procedures and contractual obligations relating to the privacy and security of IT Systems and the privacy, collection, use, transfer, storage, protection, disposal or disclosure of Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases owned or used by the Company or its subsidiaries (collectively, “IT Systems”) ), to the knowledge of the Company, are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conductedconducted and as proposed to be conducted in the Registration Statement, the Pricing Disclosure Package and to the Company’s knowledge Prospectus, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used collected, used, stored or processed in connection with their respective businesses, and, to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other personperson or entity, nor any material incidents under internal review or investigations relating to the same. The Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company and its subsidiaries have complied with and are presently in material compliance with all applicable laws or statutes (including without limitation, to the extent applicable, the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, the California Consumer Privacy Act and the European Union General Data Protection Regulation (the “GDPR”) and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and external policies, and contractual obligations relating to the privacy and security of IT Systems and the collection, use, transfer, import, export, storage, disposal and disclosure of Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such (“Data Security Obligations”). Neither the Company nor any of its subsidiaries have received any notification of or complaint regarding non-compliance would notwith any Data Security Obligation, individually and there is no pending or, to the knowledge of the Company, threatened, action, suit or proceeding by or before any court or governmental agency, authority or body alleging non-compliance with any Data Security Obligation. The Company and its subsidiaries have made all disclosures as required by applicable laws and regulatory rules or requirements in connection with such Data Security Obligations, and no such disclosures have been inaccurate or in the aggregate, reasonably be expected to have a Material Adverse Effectviolation of any applicable laws or regulatory rules and requirements. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if GDPR and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) , as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company Company’s and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data or any such data that may constitute trade secrets, important data and working secrets of any governmental authority or any other data that would otherwise be detrimental to national security, public interest or lawful rights and interests of relevant individuals or organizations pursuant to the applicable laws (“Personal and Confidential Data”)) used in connection with their respective businesses, andand/or the offering of the Shares, to the Company’s knowledge, and there have been no, and the Company and the Subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, breaches, violations, outages outages, destruction, loss, leakage, misappropriation, modification or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityGovernmental Entity, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal and Confidential Data (“Data Security Obligations”) and to the protection of such IT Systems and Personal and Confidential Data from unauthorized use, access, misappropriation or modification except where such non-compliance would notmodification. The Company and its Subsidiaries have not received any notification of or complaint regarding and are unaware of any other facts that, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any indicate non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such any Data Security Obligations, and there have been no action, suit or proceeding by or before any court or government agency, authority or body pending or threatened alleging non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectwith any Data Security Obligation.

Cybersecurity; Data Protection. The Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate in all material respects for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge are free and clear of all material bugs, errors, defects, Trojan horses, time bombsbombs and malware. Except as would not, malware and other corruptants. The individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person. To the knowledge of the Company, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityauthority having jurisdiction over the Company and its subsidiaries, and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses access to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company and its subsidiaries Subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. Any certificate signed by or on behalf of the Company and delivered to the Representatives or to counsel for the Underwriters shall be deemed to be a representation and warranty by the Company to the Underwriters as to the matters covered thereby.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other personthird party, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent that it is applicable to the Company and its subsidiaries (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would noteffect. In addition, individually any certificate signed by any executive officer of the Company and delivered to the Underwriters or counsel for the Underwriters in connection with the aggregateoffering of the Securities shall be deemed to be a representation and warranty by the Company, reasonably be expected as to have a Material Adverse Effectmatters covered thereby, to each of the Underwriters.

Cybersecurity; Data Protection. The Company Except as has not had or could not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect, (i) the Company’s and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, conducted and (ii) to the knowledge of the Company’s knowledge , the IT Systems are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptantscorruptants designed to permit unauthorized access or activity. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the samesuch IT Systems or Personal Data, except for those that have been remedied without material cost to or liability of the Company and its Subsidiaries or the duty of the Company or any of its Subsidiaries to notify any other person, nor are there any material incidents under internal review or investigations relating to such IT Systems or Personal Data and the same. The Company and its subsidiaries Subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityauthority having jurisdiction over the Company or its Subsidiaries, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification.

Cybersecurity; Data Protection. The Company Each RSG Party and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are are, in the Company’s reasonable belief, adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company each RSG Party and its subsidiaries as currently conducted, and to the Company’s knowledge RSG Parties’ knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company Each RSG Party and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without without, or would not reasonably be expected to result in, material cost or liability or the duty to notify any governmental or regulatory authority or any other person, nor any material incidents under internal review or investigations relating to the same. The Company Each RSG Party and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not(collectively, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect“Data Security Obligations”). The Company Each RSG Party and its subsidiaries have taken all necessary actions as would reasonably be expected to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would could be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would noteffect. None of the RSG Parties has to their knowledge received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably be expected indicate non-compliance with any Data Security Obligation and to have a Material Adverse Effecttheir knowledge there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”i) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedurescomplied, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance, in all material compliance respects, with all internal and external privacy policies, contractual obligations, industry standards, applicable laws or statutes and all laws, statutes, #95429626v5 #95429626v9 judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authorityauthority and any legal obligations regarding the collection, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, accesstransfer, misappropriation import, export, storage, protection, disposal and disclosure by the Company and its subsidiaries of Data (“Data Security Obligations”); (ii) neither the Company nor any of its subsidiaries has received any notification of or modification except where such non-compliance would notcomplaint regarding, and are aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) there is no pending, or to the knowledge of the Company, threatened, action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation. The Company and its subsidiaries have taken steps reasonably necessary in accordance with industry standard practices to protect such information against loss and against unauthorized access, use, modification, disclosure or other misuse, except in each case to the extent that the failure to do so would not reasonably be expected to have a Material Adverse EffectEffect on the Company and its subsidiaries, taken as a whole. To the knowledge of the Company, except as disclosed in the Registration Statement, the Disclosure Package and the Prospectus or as would not individually or in the aggregate have a Material Adverse Effect on the Company and its subsidiaries, taken as a whole, there has been no unauthorized access to such information. The Company and its subsidiaries have taken or will take all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create have a material liability) Material Adverse Effect on the Company and its subsidiaries, taken as a whole, as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, documented internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable California Consumer Privacy Act (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect effect. Neither the Company nor any of its subsidiaries, (i) has received written notice of any actual or potential liability of the Company or its subsidiaries from any governmental or regulatory agencies or bodies (or, except where as would not be material to the Company and its subsidiaries, taken as a whole, any other person) under or relating to, or actual or potential violation by the Company or any of its subsidiaries of, any of such non-compliance would notlaws and regulations; (ii) is currently conducting or paying for, individually in whole or in the aggregatepart, reasonably be expected any investigation, remediation or other corrective action by or mandated by any governmental or regulatory agency or body pursuant to have any of such laws and regulations; or (iii) is a Material Adverse Effectparty to any order, decree, or agreement with any governmental or regulatory agency or body that imposed any obligation or liability under any of such laws and regulations.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the knowledge of the Company’s knowledge , are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other personperson (other than those notifications provided in accordance with applicable law and which did not result in material cost or liability), nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially comply in all material respects with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses access to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company and its subsidiaries Subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. Any certificate signed by or on behalf of the Company and delivered to the Representatives or counsel for the Underwriters shall be deemed to be a representation and warranty by the Company to the Underwriters as to the matters covered thereby.

Cybersecurity; Data Protection. The Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and are, to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their protect, in all material confidential information and respects, the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially comply prepare to comply, in all material respects, with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiariesParties’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company Parties and its subsidiaries their Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptantscorruptants except as would not reasonably be expected to have a Material Adverse Effect. The Company Parties and its subsidiaries their Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential identifiable or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to . To the Company’s knowledgeknowledge of the Company Parties, there have been no breaches, violations, outages or unauthorized uses of or accesses to the sameIT Systems or Personal Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the samesame and the Company Parties and its Subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to the IT Systems and Personal Data, except as would not reasonably be expected to have a Material Adverse Effect. The Company Parties and its subsidiaries their Subsidiaries are presently in compliance in all material compliance respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company Parties and its subsidiaries their Subsidiaries have taken used reasonable best efforts to implement backup and disaster recovery technology consistent with industry standards and practices in all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectrespects.

Cybersecurity; Data Protection. The Company and its subsidiariesParties’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company Parties and its subsidiaries their Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptantscorruptants except as would not reasonably be expected to have an Issuer Material Adverse Effect. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential identifiable or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to . To the Company’s knowledgeknowledge of the Company Parties, there have been no breaches, violations, outages or unauthorized uses of or accesses to the sameIT Systems or Personal Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the samesame and the Company Parties and its Subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to the IT Systems and Personal Data, except as would not reasonably be expected to have an Issuer Material Adverse Effect. The Company Parties and its subsidiaries Subsidiaries are presently in compliance in all material compliance respects with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company Parties and its subsidiaries their Subsidiaries have taken used reasonable best efforts to implement backup and disaster recovery technology consistent with industry standards and practices in all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectrespects.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses access to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Any certificate signed by or on behalf of the Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and delivered to the extent applicable (Representatives or to counsel for the Underwriters shall be deemed to be a representation and warranty by the Company to prepare the Underwriters as to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmatters covered thereby.

Cybersecurity; Data Protection. The Company Each Xxxx Party and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are are, in the Company’s reasonable belief, adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company each Xxxx Party and its subsidiaries as currently conducted, and to the Company’s knowledge Xxxx Parties’ knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company Each Xxxx Party and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without without, or would not reasonably be expected to result in, material cost or liability or the duty to notify any governmental or regulatory authority or any other person, nor any material incidents under internal review or investigations relating to the same. The Company Each Xxxx Party and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not(collectively, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect“Data Security Obligations”). The Company Each Xxxx Party and its subsidiaries have taken all necessary actions as would reasonably be expected to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would could be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would noteffect. None of the Xxxx Parties has to their knowledge received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably be expected indicate non-compliance with any Data Security Obligation and to have a Material Adverse Effecttheir knowledge there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, documented internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable California Consumer Privacy Act (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability). Neither the Company nor any of its subsidiaries, (i) has received written notice of any actual or potential liability of the Company or its subsidiaries from any governmental or regulatory agencies or bodies ( except as soon they take effect except where would not be material to the Company and its subsidiaries, taken as a whole) under or relating to, or actual or potential violation by the Company or any of its subsidiaries of, any of such non-compliance would notlaws and regulations; (ii) is currently conducting or paying for, individually in whole or in the aggregatepart, reasonably be expected any investigation, remediation or other corrective action by or mandated by any governmental or regulatory agency or body pursuant to have any of such laws and regulations; or (iii) is a Material Adverse Effectparty to any order, decree, or agreement with any governmental or regulatory agency or body that imposed any obligation or liability under any of such laws and regulations.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and and, to the Company’s knowledge knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that as would not, individually or in the aggregate, reasonably be expected to have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the samea Material Adverse Effect. The Company and its subsidiaries have implemented backup and disaster recovery technology consistent with industry standards and practices. The Company and its subsidiaries are presently presently, and for the past three (3) years have been, in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (collectively, “Data Protection Requirements”), except where such non-compliance as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have taken in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all necessary actions material respects with their policies and procedures relating to materially comply with data privacy and security and the European Union General collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Data Protection Regulation if Requirements or Policies. To the Company’s knowledge, the Company and its subsidiaries have at all times made all material disclosures to the extent applicable (and to prepare to materially comply with all other users or customers required by applicable laws and regulations with respect regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to Personal Data that have been announced as the knowledge of the date hereof as becoming effective within 12 months after Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the date hereofData Protection Requirements, and for which has no knowledge of any non-compliance with the same event or condition that would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a Material Adverse Effectparty to any order, decree, or agreement that imposes any obligation or liability by any regulatory body or governmental authority under any Data Protection Requirement.

Cybersecurity; Data Protection. The Company Company, CTWS and its their respective subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company Company, CTWS and its their respective subsidiaries as currently conducted, and and, to the Company’s knowledge knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company Company, CTWS and its their respective subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company Company, CTWS and its their respective subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would notmodification. To the Company’s knowledge, individually or in the aggregateCompany, reasonably be expected to have a Material Adverse Effect. The Company CTWS and its their respective subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and actions, to the extent applicable (and required to have been taken as of the date hereof, to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential confidential, or regulated data (“Personal or Sensitive Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same, except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect. The Company and its subsidiaries are presently presently, and at all times have been, in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal or Sensitive Data and to the protection of such IT Systems and Personal or Sensitive Data from unauthorized use, access, misappropriation or modification modification, except where such non-compliance would notas could not reasonably be expected, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary commercially reasonable actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other any applicable laws and regulations with respect to Personal or Sensitive Data that have been announced are effective as of the date hereof as becoming hereof, and to prepare to comply with applicable laws and regulations with respect to Personal or Sensitive Data that will become effective within 12 months after the date hereof, and in each case for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in liability to the aggregate, reasonably be expected to have a Material Adverse EffectCompany and its subsidiaries.

Cybersecurity; Data Protection. (i) The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and are, to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The corruptants designed to damage or corrupt the IT Systems; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their protect, in all material confidential information and respects, the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, and internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in modification; and (iv) the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect effect, except where such non-compliance as would not, in the case of each of clause (i), (iii) and (iv), reasonably be expected, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cybersecurity; Data Protection. The Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus or in each case as would not otherwise result in a Material Adverse Effect, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects perform, as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conductedconducted and as proposed to be conducted in the Registration Statement, Prospectus and Pricing Disclosure Package, and are, to the Company’s knowledge knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data and information (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages destructions, losses, outages, disablements, misappropriations, modifications or unauthorized uses of or accesses to the samesame (“Breaches”), except for those that have been remedied without material cost would not, individually or liability or in the duty to notify any other personaggregate, nor any material incidents under internal review or investigations relating to the sameresult in a Material Adverse Effect. The Company and its subsidiaries have not been notified, and have no knowledge of, any event or condition that would reasonably be expected to result in a Breach. Without limiting the foregoing, the Company and its subsidiaries have established, maintained, implemented and complied with commercially reasonable information technology, information security, cybersecurity and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans to protect against Breaches. The Company and its subsidiaries have complied, and are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to (i) the collection, use, transfer, processing, import, export, storage, protection, disposal and disclosure of Personal Data by the Company or any of its subsidiaries, (ii) the privacy and security of IT Systems and Personal Data and to (iii) the protection of such IT Systems and Personal Data from unauthorized useBreaches (the “Data Security Obligations”), accessin each case, misappropriation or modification except where such non-compliance as would not, individually or in the aggregate, not reasonably be expected to have a Material Adverse Effect. The Neither the Company and nor any of its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as has received any notification of the date hereof as becoming effective within 12 months after the date hereofor complaint regarding, and for which is unaware of any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would notother facts that, individually or in the aggregate, would reasonably be expected indicate, material non-compliance with any Data Security Obligation. There is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or, to have a Material Adverse Effectthe knowledge of the Company, threatened, alleging non-compliance with any Data Security Obligation.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conductedconducted and, and to the knowledge of the Company’s knowledge , are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all its IT Systems and material data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; and (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary customary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company Company’s and its subsidiariesSubsidiaries’ and Affiliated Entities’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries Subsidiaries and Affiliated Entities as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries and Affiliated Entities have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries and Affiliated Entities are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries Subsidiaries and Affiliated Entities have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 twelve months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate in all material respects for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, and to the knowledge of the Company’s knowledge, there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification modification, except where such non-compliance as would not, individually or in the aggregate, not reasonably be expected to have a Material Adverse Effect. Any certificate signed by any officer of the Company and delivered to any Underwriter or to counsel for the Underwriters in connection with the offering, or the purchase and sale, of the Offered Shares shall be deemed a representation and warranty by the Company to each Underwriter as to the matters covered thereby. The Company and its subsidiaries have taken all necessary actions has a reasonable basis for making each of the representations set forth in this Section 1. The Company acknowledges that the Underwriters and, for purposes of the opinions to materially comply with the European Union General Data Protection Regulation if and be delivered pursuant to Section 6 hereof, counsel to the extent applicable (Company and counsel to prepare to materially comply with all other applicable laws the Underwriters, will rely upon the accuracy and regulations with respect to Personal Data that have been announced as truthfulness of the date hereof as becoming effective within 12 months after the date hereof, foregoing representations and for which any non-compliance with the same would be reasonably likely hereby consents to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectreliance.

Cybersecurity; Data Protection. The Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform perform, in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and are, to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The corruptants designed to damage or corrupt the IT Systems; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their protect, in all material confidential information and respects, the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, and internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in modification; and (iv) the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply comply, in all material respects, with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses access to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. Any certificate signed by or on behalf of the Company and delivered to the Representative or to counsel for the Underwriters shall be deemed to be a representation and warranty by the Company to the Underwriters as to the matters covered thereby.

Cybersecurity; Data Protection. The Except as described in the Registration Statement, the Pricing Disclosure Package and the Prospectus, (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The , and (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other personperson or supervisory authority, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries comply in all material respects with all applicable laws and regulations with respect to Personal Data currently in effect and have taken commercially reasonable actions designed to comply, on the date that such compliance is required, in all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply material respects with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability, including, without limitation, the Swiss Data Protection Act (and its implementing ordinance), the European Union General Data Protection Regulation and the California Consumer Privacy Act. Neither the Company nor its subsidiaries have been subject to a control or a notification from a supervisory authority, or have received any complaint in relation with their compliance with the Swiss Data Protection Act (and its implementing ordinance) as soon they take effect except where such non-compliance would not, individually or in and the aggregate, reasonably be expected European Union General Data Protection Regulation (and all other applicable laws and regulations with respect to have a Material Adverse EffectPersonal Data).

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. Any certificate signed by or on behalf of the Company and delivered to the Representative or to counsel for the Underwriters shall be deemed to be a representation and warranty by the Company to the Underwriters as to the matters covered thereby.

Cybersecurity; Data Protection. The Except as described in the Registration Statement, the Pricing Disclosure Package and the Prospectus or as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, including in terms of functionality and performance, and, to the knowledge of the Company’s knowledge , are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and confidential data (including all personal, personally identifiable, sensitive, confidential or regulated data, including, without limitation, any data which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”), “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679 or “GDPR”), and any other piece of information that allows the identification of a natural person, or his or her family, or data related to an identified person’s health or sexual orientation (collectively, “Personal Data”)) used in connection with their respective businesses, and, ; (iii) to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost any IT Systems or liability or the duty to notify any other personPersonal Data, nor any material incidents under internal review or investigations relating to the same. The same and (iv) the Company and its subsidiaries are presently and have been at all times in material compliance with all applicable laws laws, directives or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or supragovernmental or regulatory authority, internal policies and policies, contractual obligations and industry standards relating to the privacy and security of IT Systems and Personal Data, including, without limitation, the GDPR, the UK Data Protection Xxx 0000, EU Directive 2002/58/EC and all applicable national implementing legislation (“Data Protection Laws”) and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in modification; and (v) the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions used commercially reasonable efforts to materially comply with the European Union General Data Protection Regulation if and require their vendors, service providers or other third parties that have received access to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to any Personal Data that have been announced as from the Company or its subsidiaries to protect the privacy, security and confidentiality of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectPersonal Data.

Cybersecurity; Data Protection. The Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (including protected health information) (“Personal Data”)) used collected, used, stored or processed in connection with their respective businesses, andand except as would not reasonably be expected, individually or in the aggregate, to the Company’s knowledgehave a Material Adverse Effect, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company and its subsidiaries are presently presently, and since January 1, 2017 have been, in material compliance with all applicable laws or statutes (including without limitation, the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act) and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and external privacy policies, applicable industry standards and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would notand regarding the collection, use, transfer, import, export, storage, disposal and disclosure by the Company and its subsidiaries of Personal Data (“Data Protection Obligations”). Neither the Company nor any of its subsidiaries has received any written notification of or written complaint regarding, or is aware of any other facts that, individually or in the aggregate, would reasonably be expected indicate non-compliance in any material respect with any Data Protection Obligation. There is no pending, or to have a Material Adverse Effectthe knowledge of the Company, threatened, action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance in any material respect with any Data Protection Obligation. The Company and its subsidiaries have taken all necessary actions to materially comply commercially reasonable steps in accordance with the European Union General Data Protection Regulation if industry standard practices (including, without limitation, implementing and to the extent applicable (and to prepare to materially comply monitoring compliance with all other applicable laws and regulations adequate measures with respect to technical and physical security) designed to protect Personal Data that have been announced collected, used or otherwise processed by the Company or any of its subsidiaries. Except as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would not reasonably be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would notexpected, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries have made all disclosures to users or customers required by applicable laws and regulatory rules or requirements and no such disclosures have been inaccurate or in violation of any applicable laws or regulatory rules and requirements.

Cybersecurity; Data Protection. The Company Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and and, to the Company’s knowledge knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. To the Company’s knowledge, no claims have been asserted or threatened against the Company or its subsidiaries alleging a violation relating to Personal Data or data rights and the consummation of the transactions contemplated hereby will not breach or otherwise cause any violation of any law related to privacy, data protection, or the collection and use of Personal Data collected, used, or held for use by the Company or its subsidiaries in the conduct of their businesses, except where any such breach or violation would not reasonably be expected to result in a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the collection and use of Personal Data, privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification.

Cybersecurity; Data Protection. The Company and its subsidiaries’ Except as would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect, the Issuer’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries Issuer as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have Issuer has implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (including protected health information) (“Personal Data”)) used collected, used, stored or processed in connection with their respective businesses, andand except as would not reasonably be expected to have, to individually or in the Company’s knowledgeaggregate, a Material Adverse Effect, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company Except as would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect, the Issuer has been for the past three (3) years and its subsidiaries are presently in material compliance with all applicable laws Laws or statutes (including the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (“HIPAA”)) and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and external privacy policies, applicable industry standards and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would notand regarding the collection, use, transfer, import, export, storage, disposal and disclosure by the Issuer of Personal Data (“Data Protection Obligations”). The Issuer has not received any written notification of or written complaint regarding, or is aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance in any material respect with any Data Protection Obligation. There is no pending, or to the knowledge of the Issuer, threatened, action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance in any material respect with any Data Protection Obligation. The Issuer has taken commercially reasonable steps in accordance with industry standard practices (including implementing and monitoring compliance with adequate measures with respect to technical and physical security) designed to protect Personal Data collected, used or otherwise processed by the Issuer. Except as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would nothave, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Issuer has made all disclosures to users or customers required by applicable Laws and regulatory rules or requirements and no such disclosures have been inaccurate or in violation of any applicable Laws or regulatory rules and requirements.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or |US-DOCS\149255760.3|| regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect effect, except where such non-compliance as has not and would not, individually or in the aggregate, not reasonably be expected to have result in liability material to the Company and its subsidiaries, taken as a Material Adverse Effectwhole.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the knowledge of the Company’s knowledge , are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the knowledge of the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or of, accesses to or other compromises of the same, except for those that have been remedied without material cost or liability or the duty to notify any other personperson (other than those notifications provided in accordance with applicable law and which did not result in material cost or liability), nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and external privacy and security policies, binding industry standards and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially comply in all material respects with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company Company, the Guarantor and its their subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, applications and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries the Subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except in each case as would not, singly or in the aggregate, result in a Material Adverse Effect. The Company Company, the Guarantor and its their subsidiaries (i) (x) have implemented and maintained commercially reasonable controls, policies, procedures, procedures and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated identifiable data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and (y) there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries ; (ii) are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company modification; and its subsidiaries (iii) have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance effect; except, with respect to each of the foregoing clauses (i), (ii) and (iii), as would not, individually singly or in the aggregate, reasonably be expected to have result in a Material Adverse Effect. Any certificate signed by an officer of the Company or the Guarantor and delivered to the Representative or to counsel for the Initial Purchasers shall be deemed to be a representation and warranty by the Company and the Guarantor to each Initial Purchaser as to the matters set forth therein.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect effect, except where such non-compliance as has not and would not, individually or in the aggregate, not reasonably be expected to have result in liability material to the Company and its subsidiaries, taken as a Material Adverse Effectwhole.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except as would not, individually or in the aggregate, be reasonably expected to result in a Material Adverse Change. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material Personal Data, confidential information and the integrity, continuous operation, redundancy and security of all IT Systems information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those such controls, policies, procedures and safeguards the failure to maintain, or such breaches, violations, outages or unauthorized uses or accesses that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and Change, nor any incidents under internal review or investigations relating to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except same. Except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have result in a Material Adverse EffectChange, the Company and each of its subsidiaries are in compliance with all applicable data privacy and security and data protection laws and regulations regarding the collection, use, transfer, storage, protection, disposal or disclosure of Personal Data (as defined below) processed, stored or collected by the Company and its subsidiaries (collectively, the “Privacy Laws”). “Personal Data” means personally identifiable information, protected health information, financial information, “personal data” as defined by the EU General Data Protection Regulations (EU 2016 679) and all other information subject to Privacy Laws. The Company and its subsidiaries have policies and procedures reasonably designed to (i) ensure compliance with Privacy Laws and its privacy policies on its website or other consumer facing communications; and (ii) reasonably protect the security and confidentiality of all Personal Data. Neither the Company nor any subsidiary has received written notice of any actual or potential material liability under or relating to, or actual or potential material violation of, any of the Privacy Laws.

Cybersecurity; Data Protection. The Except in each case as would not, individually or in the aggregate, have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in modification; and (iv) the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually effect. Any certificate signed by an officer of the Company and delivered to the Managers or in to counsel for the aggregate, reasonably Underwriters shall be expected deemed to have be a Material Adverse Effectrepresentation and warranty by the Company to each Underwriter as to the matters set forth therein.

Cybersecurity; Data Protection. The Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and are, to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The corruptants designed to damage or corrupt the IT Systems; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their protect, in all material confidential information and respects, the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, and internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in modification; and (iv) the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect effect, except where such non-compliance as would not, in the case of each of clause (i), (iii) and (iv), reasonably be expected, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cybersecurity; Data Protection. (i) The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and are, to the knowledge of the Company’s knowledge , free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The ; and (iii) the Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance modification, except, with respect to each of clauses (i) and (iii), as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken all necessary commercially reasonable actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) liability as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiariesthe Controlled Entities’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries the Controlled Entities have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other personthird party, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries the Controlled Entities are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries the Controlled Entities have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent that it is applicable to the Company and the Controlled Entities (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”i) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedurescomplied, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance compliance, with all internal and external privacy policies, contractual obligations, industry standards, applicable laws or statutes statutes, and all judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authorityauthority and any contractual or legal obligations regarding the collection, internal policies use, transfer, import, export, storage, protection, security, disposal and contractual obligations relating to disclosure by the privacy Company and security its subsidiaries of IT Systems and Personal Data and to (“Data Security Obligations”); (ii) neither the protection Company nor any of such IT Systems and Personal Data from unauthorized useits subsidiaries has received any notification of or complaint regarding, accessor are aware of any other facts that, misappropriation individually or modification except where such in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) there is no pending, or to the knowledge of the Company, threatened, action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation, except in the case of clause (iii), as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have taken steps reasonably necessary in accordance with industry standard practices to protect such information against loss and against unauthorized use, access, misappropriation, modification, disclosure or other misuse, except in each case to the extent that the failure to do so would not reasonably be expected to have a Material Adverse Effect on the Company and its subsidiaries, taken as a whole. To the knowledge of the Company, except as disclosed in the Registration Statement, the Disclosure Package and the Prospectus or as would not individually or in the aggregate have a Material Adverse Effect on the Company and its subsidiaries, taken as a whole, there has been no unauthorized access to such information. The Company and its subsidiaries have taken or will take all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectEffect on the Company and its subsidiaries, taken as a whole, as soon as they take effect.

Cybersecurity; Data Protection. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have taken all necessary actions to materially prepare to comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations in the European Union with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effecteffect.

Cybersecurity; Data Protection. The Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, data and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conductedconducted and as proposed to be conducted in the Registration Statement, the Disclosure Package, and to the Company’s knowledge Prospectus, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, back doors, drop dead devices, malware and other corruptants. The Company and its subsidiaries have established, implemented and maintained commercially reasonable and appropriate controls, policies, procedures, and technological safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and material data (including all personal, personally identifiable, household, sensitive, confidential or regulated data or information (“Personal Company Data”)) used in connection with their respective businesses, and, to in compliance with all applicable laws and regulatory standards in all material respects. To the knowledge of the Company’s knowledge, there have been no material breaches, violations, outages outages, security incidents or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost any IT Systems or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the sameCompany Data. The Company and its subsidiaries own or have a valid right to access and use all IT Systems and Company Data, and have complied in all material respects and are presently in material compliance with all applicable laws or statutes and all statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority, binding industry standards, internal and external policies and notices, contractual obligations and any other legal obligations, in each case relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized collection, use, accesstransfer, misappropriation import, export, storage, protection, disposal, disclosure or modification except where such other processing by or on behalf of the Company or any of its subsidiaries of Company Data (“Data Security Obligations”). Neither the Company nor any of its subsidiaries have received any notification of or complaint regarding, or otherwise have knowledge of any facts that would indicate, any material non-compliance would not, individually by the Company or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and any of its subsidiaries have taken all necessary actions to materially comply with any Data Security Obligation. There is no action, suit, investigation or proceeding against the European Union General Data Protection Regulation if and Company or any of its subsidiaries by or before any court or governmental agency, authority or body pending or, to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as knowledge of the date hereof as becoming effective within 12 months after Company, threatened, against the date hereof, and for which Company or any of its subsidiaries alleging material non-compliance with any Data Security Obligations by the same would be reasonably likely to create a material liability) as soon they take effect except where such non-compliance would not, individually Company or in the aggregate, reasonably be expected to have a Material Adverse Effectany of its subsidiaries.

Cybersecurity; Data Protection. The Company and its subsidiaries’ Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with, with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge of the Company are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and its subsidiaries have maintained or caused to be implemented and maintained commercially reasonable controls, policies, procedures, and safeguards designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their respective its businesses, and, to the Company’s knowledge, and there have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification except where such non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. The Company and its subsidiaries have has taken all necessary actions to materially comply with the European Union General Data Protection Regulation if and to the extent applicable (and to prepare to materially comply with all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereofhereof (“Privacy Laws”), and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon they take effect except where . The Company has not received written notice of any claim, action, suit, proceeding, hearing, enforcement, investigation, arbitration or other action from or by any court or arbitrator or governmental or regulatory authority or third party alleging any material violation of any Privacy Laws or policies and procedures relating to data privacy and security and the collection, use, disclosure and other processing of Personal Data and, to the Company’s knowledge, no such non-compliance would notclaim, individually action, suit, proceeding, hearing, enforcement, investigation, arbitration or in the aggregate, reasonably be expected to have a Material Adverse Effectother action is threatened.