Data Privacy and Cybersecurity Sample Clauses

Data Privacy and Cybersecurity. (a) (i) The Company and its Subsidiaries are and, since the Lookback Date, have been in material compliance with all applicable Privacy Laws, applicable binding industry standards (including PCI DSS) and the Company’s and its Subsidiaries’ publicly posted privacy policies and material contractual commitments relating to the Processing of Personal Information (collectively, together with such Privacy Laws, “Privacy Requirements”); and (ii) the Company and its Subsidiaries have posted a privacy policy for each online site and mobile application operated by or controlled by the Company or any such Subsidiary, in each case, that complies with all applicable Privacy Laws and accurately reflects their practices concerning the Processing of Personal Information in all material respects. (b) As of the date hereof and since the Lookback Date, there have been no claims, whether from a Governmental Authority or any other Person, received by, nor Proceedings or investigations pending or, to the Knowledge of the Company, threatened by any Governmental Authority or any other Person against, the Company or its Subsidiaries, in each case, with respect to the Processing of Personal Information (other than individual data subject requests received in the ordinary course of business) that is material to the Company and its Subsidiaries, taken as a whole. (c) The Company and its Subsidiaries since the Lookback Date, have (i) taken commercially reasonable measures to protect the integrity, physical and electronic security and continuous operation of the IT Assets owned or Controlled by the Company and its Subsidiaries and to protect the data (including Personal Information and Trade Secrets) stored thereon or Processed thereby against unauthorized access, theft, disclosure, misuse or loss (including implementing and maintaining organizational, physical and technical measures materially compliant with all applicable Privacy Requirements) and (ii) implemented and maintained commercially reasonable disaster recovery plans, procedures, backup equipment and facilities of a scope consistent with customary industry practice and materially compliant with all applicable Privacy Requirements, except as would not reasonably be expected, individually or in the aggregate, to be material to the Company or its Subsidiaries. (i) The IT Assets (A) are in good working order and condition and are sufficient for the operation of the business of the Company and its Subsidiaries as currently conduc...

Data Privacy and Cybersecurity. Each Party shall comply and shall ensure that its Personnel and other Representatives comply with, the provisions of any Data Protection Laws applicable to their conduct under or in connection with this Agreement. To the extent required under applicable Data Protection Laws with respect to the transfer of personal data, the Parties shall enter into (or to the extent required by such Data Protection Laws, cause their respective Affiliates to enter into) such other agreements as may be required by the applicable Data Protection Laws. Each Party shall implement adequate policies and commercially reasonable security measures regarding the integrity and availability of the information technology and software applications owned, operated, or outsourced by that Party, and the data and intellectual property thereon. In case one Party or its Affiliates experiences any of the following events, it shall, as soon as such Party is aware, use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within forty-eight (48) hours of a confirmed data breach involving the unauthorized access to or accidental or illicit destruction, loss, change, communication, or dissemination of information related to an identified or identifiable natural person provided by the other Party or its Affiliates or intellectual property; or any order issued by a judicial or administrative authority regarding data exchanged between the Parties under this Agreement. Each Party shall use reasonable efforts to notify the other Party immediately or, justified under the Data Protection Laws, at least within forty-eight (48) hours of receiving data subject requests related to an identified or identifiable natural person provided by the other Party or its Affiliates, such as access, rectification and deletion requests; and any complaint regarding the processing of data related to an identified or identifiable natural person provided by the other Party or its Affiliates, including allegations that the processing operations violate data subject rights.

Data Privacy and Cybersecurity. The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, data (including the data of their respective customers, employees, suppliers, vendors and any third party data maintained by or on behalf of them), and databases (collectively, “IT Systems”) are adequate in all material respects for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, to the Company’s Knowledge, there has been no security breach or attack or other compromise of or relating to any of the Company’s and its subsidiaries’ IT Systems. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification. Neither the Company nor its subsidiaries have received any written notice of any claims, investigations, or alleged violations of law with respect to Personal Data.

Data Privacy and Cybersecurity. (a) Except for those matters that have not had and would not reasonably be expected to have, individually or in the aggregate, a Partnership Adverse Impact, Partnership, the Partnership Subsidiaries and the Partnership JVs (and the General Partner with respect to Partnership, its Subsidiaries or any Partnership JV) are in compliance with all applicable Privacy Laws. Partnership, the Partnership Subsidiaries and Partnership JVs (and the General Partner with respect to Partnership, its Subsidiaries or any Partnership JV) have not received any written notice of any claims, actions, suits, investigations or other Proceedings related to, or alleged violations of, or been charged with, violation of any Privacy Laws. (b) The Partnership, the Partnership Subsidiaries and the Partnership JVs (and the General Partner with respect to Partnership, its Subsidiaries or any Partnership JV) have caused to be implemented commercially reasonable administrative, physical, organizational, and technical safeguards, including disaster recovery and incident response plans, (i) to protect the integrity, continuous operation and security of the information technology systems (including hardware, computers, Software, websites, applications networks, systems, servers, and network, telecommunications, and peripheral devices, equipment, assets, systems and services) (collectively, “IT Systems”) owned, leased or used by or on behalf of Partnership or any of the Partnership Subsidiaries or the Partnership JVs (“Partnership IT Systems”), and (ii) to protect the confidentiality, integrity, and availability of all Trade Secrets and the Personal Information stored therein. (c) Except for those matters that have not had and would not reasonably be expected to have, individually or in the aggregate, a Partnership Adverse Impact, since January 1, 2018, (i) to the knowledge of the Partnership. there has been no unauthorized access to any Partnership IT Systems, nor any breach, loss, theft, or unauthorized or unlawful corruption, access to or Processing, or the rendering unavailable or not accessible (including through a ransomware attack) of Trade Secrets or Personal Information Processed by or on behalf of General Partner, Partnership or any Partnership Subsidiary nor (ii) has General Partner, Partnership, any Partnership Subsidiary or any Partnership JV notified, or been required by applicable Privacy Law or contract to notify in writing, any person or entity of any Personal Information or in...

Data Privacy and Cybersecurity. (a) Except as, individually or in the aggregate, has not had and would not reasonably be expected to have a Material Adverse Effect on the Company, the Company and its Subsidiaries are and have been in compliance with all applicable Privacy Requirements, and neither the Company nor any of its Subsidiaries has received any written notice or claim alleging any violation thereof, or been subject to any audit or investigation relating thereto. (b) The Company and its Subsidiaries have implemented commercially reasonable and appropriate technical, physical, and organizational measures and security systems and technologies to ensure the integrity and security of Personal Information and all Company data and to prevent any destruction, loss, alteration, corruption or misuse of or unauthorized disclosure or access thereto. Except as, individually or in the aggregate, has not had and would not reasonably be expected to have a Material Adverse Effect on the Company, neither the Company nor any of its Subsidiaries have experienced any data security breach or security incident in which Personal Information was or may have been stolen, lost, unavailable, destroyed, altered or improperly accessed, disclosed or used without authorization. To the knowledge of the Company, no circumstance has arisen in which any Privacy Law would require the Company or any of its Subsidiaries to notify a Person or Governmental Entity of a data security breach or security incident. (c) Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect on the Company, the performance of this Agreement by the Company will not violate any Privacy Requirements. Upon execution of this Agreement, each of the Company and its Subsidiaries shall continue to have the right to use and process any Personal Information collected, processed or used by it before the date of this Agreement in order to be able to conduct the ordinary course of its business.

Data Privacy and Cybersecurity. (a) Except as would not, and would not reasonably be expected to, individually or in the aggregate, be material to the Business, taken as a whole, the data, privacy and security practices of the Company and its Subsidiaries conform, and since January 1, 2021, have conformed, to all of the Data Privacy Requirements. To the Company’s Knowledge, no claims have been asserted or threatened in writing against the Company or any of its Subsidiaries alleging a violation of any Person’s privacy or Personal Information or data rights pursuant to a Data Privacy Requirement. (b) Except as would not, and would not reasonably be expected to, individually or in the aggregate, be material to the Company and its Subsidiaries, taken as a whole, (i) the IT Assets operate and perform in a manner that permits the Company and its Subsidiaries to conduct the Business without any error or omission in the processing of any transactions, and (ii) there has been no unauthorized use, access, interruption, disruption, modification, corruption or other breach of the security of any of the IT Assets and (iii) to the Knowledge of the Company, none of the IT Assets contain or have contained any “back door,” “drop dead device,” “time bomb,” “Trojan horse,” “virus” or “worm” or any other similar code designed or intended to have, or capable of, disrupting, disabling, harming or otherwise impeding in any manner the operation of, or providing unauthorized access to, a computer system or network or other device on which such code is stored or installed, or damaging or destroying any data or file without the user’s consent.

Data Privacy and Cybersecurity. (a) Except as, individually or in the aggregate, has not had and would not reasonably be expected to have a Material Adverse Effect on Parent, Parent and its Subsidiaries are and have been in compliance with all applicable Privacy Requirements, and neither Parent nor any of its Subsidiaries has received any written notice or claim alleging any violation thereof, or been subject to any audit or investigation relating thereto. (b) Parent and its Subsidiaries have implemented commercially reasonable and appropriate technical, physical, and organizational measures and security systems and technologies to ensure the integrity and security of Personal Information and all Parent data and to prevent any destruction, loss, alteration, corruption or misuse of or unauthorized disclosure or access thereto. Except as, individually or in the aggregate, has not had and would not reasonably be expected to have a Material Adverse Effect on Parent, neither Parent nor any of its Subsidiaries have experienced any data security breach or security incident in which Personal Information was or may have been stolen, lost, unavailable, destroyed, altered or improperly accessed, disclosed or used without authorization. To the knowledge of Parent, no circumstance has arisen in which any Privacy Law would require Parent or any of its Subsidiaries to notify a Person or Governmental Entity of a data security breach or security incident. (c) Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect on Parent, the performance of this Agreement by Parent will not violate any Privacy Requirements. Upon execution of this Agreement, each of Parent and its Subsidiaries shall continue to have the right to use and process any Personal Information collected, processed or used by it before the date of this Agreement in order to be able to conduct the ordinary course of its business.

Data Privacy and Cybersecurity. (a) Copper and each of its Subsidiaries and, to the Knowledge of Copper, any Person acting for or on behalf of Copper or any of its Subsidiaries, is and has for the past three (3) years been in compliance with all Privacy Requirements, except where the failure to be in compliance, individually or in the aggregate, would not reasonably be expected to have a Material Adverse Effect on Copper. Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect on Copper, (i) neither Copper nor any of its Subsidiaries has received any written notice of any claims, charges, governmental investigations or regulatory inquiries against Copper or any of its Subsidiaries related to or alleging the violation of any Privacy Requirements by Copper or any of its Subsidiaries, and (ii) to the Knowledge of Copper, there are no facts or circumstances that could reasonably form the basis of any such claim, charge, governmental investigation or regulatory inquiry. (b) Except as, individually or in the aggregate, would not reasonably be expected to have a Material Adverse Effect on Copper, Copper and each of its Subsidiaries has (i) implemented and for the past three (3) years maintained reasonable and appropriate administrative, technical and organizational safeguards to protect the Copper IT Systems and all Personal Information and other confidential data in its possession or under its control against loss, theft, misuse or unauthorized access, use, modification, alteration, destruction or disclosure, and (ii) taken reasonable steps (including through contractual obligations, policies, procedures or otherwise) to ensure that any third party with access to any Personal Information collected by or on behalf of Copper or any of its Subsidiaries has implemented and maintains the same. (c) Except as, individually or in the aggregate, would not reasonably be expected to have a Material Adverse Effect on Copper, in the past three (3) years there have been no security breaches, unauthorized access to, use or disclosure of any Personal Information (i) in the possession or under the control of Copper or any of its Subsidiaries or (ii) Processed by or on behalf of Copper or any of its Subsidiaries. (d) Neither Copper nor any of its Subsidiaries is subject to any contractual requirement or other legal obligation that, following the Closing, would prohibit HoldCo from Processing any Personal Information in a manner substantially similar to the...

Data Privacy and Cybersecurity. (a) Except as has not had and would not reasonably be expected to have, individually or in the aggregate, a Studio Material Adverse Effect, since January 1, 2022: (i) the Studio Entities and their respective Subsidiaries have complied in all material respects with all applicable Laws, and their respective published policies and contractual obligations, in each case, concerning data privacy and data security (“Privacy Commitments”); and (ii) the Studio Entities and their respective Subsidiaries have not received any notice of any claims, investigations or alleged violations of such Privacy Commitments. (b) The Studio Entities and their respective Subsidiaries have implemented commercially reasonable security measures regarding the collection, use, disclosure, retention, processing, transfer, confidentiality, integrity and availability of Personal Information in its control and the integrity and availability of the Studio Entities’ IT Assets. Except as has not had and would not reasonably be expected to have, individually or in the aggregate, a Studio Material Adverse Effect, (i) since January 1, 2022, the Studio Entities and their respective Subsidiaries have not experienced any information security incident that has compromised the integrity or availability of their respective IT Assets, or the confidentiality, integrity and availability of the data thereon, and (ii) the Studio Entities’ and their respective Subsidiaries’ IT Assets do not contain any “time bombs,” “Trojan horses,” “back doors,” “trap doors,” worms, viruses, spyware, keylogger software or other vulnerability, faults or malicious code or damaging devices designed or reasonably expected to adversely impact the functionality of or permit unauthorized access to, or to disable or otherwise harm, any information technology or software applications.

Data Privacy and Cybersecurity. The Company and its Subsidiaries have established and implemented policies, programs, and procedures that are commercially reasonable to protect the confidentiality, integrity, and/or availability of the information in their possession, custody, or control and of their Software and their IT Assets in their possession, custody, or control. Upon the Closing, and to the knowledge of the Company, the Company and its Subsidiaries will continue to have the right to use personal information on the same basis that the Company and its Subsidiaries were entitled to use such information immediately prior to the Closing. Except as could not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect in respect of the Company, to the knowledge of the Company, (i) there has been no loss, damage, or unauthorized access, disclosure, transfer or use of any personal information or otherwise protected business information in the possession, custody, or control of the Company or any Subsidiary, or maintained or processed on any of their behalf and (ii) there have been no material outages or breaches of, and to their knowledge there are no bugs, defects, backdoors, or malicious code in, any Software used by the Company or any Subsidiary. Neither the Company nor any of its Subsidiaries has notified in writing, or been required to notify in writing, any Person of any personal data or network security-related incident, nor has the Company or any of its Subsidiaries received any written notice of any claims, investigations, or alleged violations of Law with respect to data security, personal data rights or privacy.