Common use of Data Privacy and Security Clause in Contracts

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and has at all times been, in compliance in all material respects with all applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not been, to the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effect.

Appears in 2 contracts

Samples: Credit and Guaranty Agreement (ONE Group Hospitality, Inc.), Credit and Guaranty Agreement (ONE Group Hospitality, Inc.)

AutoNDA by SimpleDocs

Data Privacy and Security. 104Except as would not reasonably be expected to have, individually or in the aggregate, an FSI Material Adverse Effect: (a) Holdings FSI and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections written policies relating to the Processing of Personal Data as and regular virus scans, designed to ensure that software used in the operation extent required by applicable Law (“FSI Privacy and Data Security Policies”). Each of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings FSI and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and has at all times been, in compliance complied in all material respects with all applicable requirements of law Privacy Laws, the FSI Privacy and Contractual Obligations regarding Data Security Policies and contractual obligations entered into by FSI or its Subsidiaries relating to the receipt, collection, protectioncompilation, use, storage, useprocessing, processingsharing, safeguarding, security, disposal, destruction, disclosure, retention and or transfer of Personal Information and Data (collectively, the “FSI Privacy Requirements”). (b) As of the date hereof, FSI has not received notice of any pending Legal Proceedings, nor has there been any material Legal Proceedings against FSI or its Subsidiaries initiated by (i) any Person; (ii) has commercially reasonable safeguards the United States Federal Trade Commission, any state attorney general or similar state official; or (iii) any other Governmental Authority, in place to protect each case, alleging that any Processing of Personal Information Data by or on behalf of FSI or its Subsidiaries is in their possession or control from unauthorized access by other Personsviolation of any FSI Privacy Requirements. (c) There have not beenSince the incorporation of FSI, to the knowledge of the Credit Parties, any (i) there has been no material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability Processing of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is Data in the possession or control of Holdings FSI or its Subsidiaries and/or any of the service providers of FSI or its Subsidiaries and (ii) to FSI’s Knowledge, there have been no unauthorized intrusions or breaches of security into any FSI IT Systems under the control of FSI or its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings nor any FSI and its Subsidiaries own or have a binding Contract in place to use the FSI IT Systems as necessary to operate the business of FSI as currently conducted in all material respects. (e) Each of FSI and its Subsidiaries has received anyestablished data safeguards against the destruction, and there has not been any written complaint delivered to any regulatory loss, damage, corruption, alteration, loss of integrity, commingling or other governmental body or officialunauthorized access, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collectionacquisition, use, retention, storage, transfer, disposal, disclosure or other processing Processing of Personal Information, Data that are consistent with industry standards and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any the requirements of applicable Law. Each of FSI and its Subsidiaries that could reasonably be expected maintains backups of all data used to result in conduct the business of FSI and its Subsidiaries at a Material Adverse Effectreasonable frequency.

Appears in 1 contract

Samples: Merger Agreement (Flexible Solutions International Inc)

Data Privacy and Security. 104 (a) Holdings Parent and its Subsidiaries (with respect to the Business) comply and since the Look-Back Date, have complied in all material respects with all: (i) applicable Privacy Laws; (ii) contractual obligations relating to privacy, information security and data protection, including the privacy and security of all Personal Information; (iii) public-facing policies and statements of Parent or its Subsidiaries relating to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, or transfer of Personal Information; and (iv) all applicable industry standards including, without limitation, the Payment Card Industry Data Security Standard (“PCI-DSS”) and all other rules and requirements of payment card brands ((i) – (iv), collectively, the “Privacy Requirements”). Parent and its Subsidiaries display a privacy policy on each website and any mobile application owned, controlled or operated by Parent and its Subsidiaries, and comply, in all material respects, with all statements made in such privacy policies, in each case with respect to the Business. None of the disclosures made or contained in any such privacy policy has been inaccurate, misleading or deceptive or in material violation of the Privacy Requirements (including containing any material omission). (b) Since the Look-Back Date, Parent and its Subsidiaries have taken all appropriate organizational, physical, administrative, and technical measures required by the Privacy Requirements and consistent with standards prudent in the industry in which the Business operates to protect: (i) the integrity, security, and operations of all Transferred IT Assets related to or used in the Business; and (ii) all Personal Information owned, controlled, or stored by Parent and its Subsidiaries from and against data security incidents or other misuse. Parent and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections satisfying the requirements of applicable Privacy Requirements, to detect data security incidents and to protect Personal Information against loss, unauthorized access, use, modification, disclosure, or other misuse, in each case with respect to the Business. (c) Since the Look-Back Date, with respect to the Business, Parent and its Subsidiaries have: (i) regularly conducted reasonable vulnerability testing, risk assessments, and external audits of, and track security incidents related to, all systems and products (collectively, “Information Security Reviews”); (ii) timely corrected any material exceptions or vulnerabilities identified in such Information Security Reviews; (iii) made available to Buyer true and accurate copies of all Information Security Reviews; and (iv) timely installed software security patches and other fixes to identified material technical information security vulnerabilities. Parent and its Subsidiaries provide its employees with regular virus scanstraining on privacy and data security matters, designed consistent with generally accepted industry practices. (d) Since the Look-Back Date, Parent and its Subsidiaries have not shared, sold, rented or otherwise made available, and are not sharing, selling, renting or otherwise making available, to ensure that software used third parties any Personal Information for remuneration. (e) The Transferred IT Assets are adequate for, and operate and perform in all material respects in accordance with their documentation and functional specifications and otherwise as required in connection with, the operation of their business is materially free the Business as currently conducted. Since the Look-Back Date, the Transferred IT Assets have not malfunctioned or failed at any time in a manner that resulted in material or chronic disruptions to the operation of the Business. The Transferred IT Assets do not contain any computer code designed to (or intended to): (i) disrupt, disable, harm, disable or otherwise impede harm in any manner the operation ofof any software or hardware, or provide contain any unauthorized access tofeature (including any worm, a computer system or network bomb, backdoor, clock, timer or other device on which such code is stored disabling device, code, design or installedroutine) that causes the software or any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time, or (ii) compromise the privacy or data security of a user or damage or destroy upon command by any data or file without the user’s consentPerson. The information technology systems and databases used by Holdings Parent and its Subsidiaries are sufficient in all material respects for the needs of their business have implemented reasonable backup, security and in accordance disaster recovery technology consistent with customary generally accepted industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption , and, to the business of Holdings and its Subsidiaries or (y) to the knowledge Knowledge of the Credit PartiesSellers, no Person has gained unauthorized intrusions or breaches of security with respect access to any information technology systems and databases used by Holdings and its Subsidiariesof the Transferred IT Assets. (bf) Each of Holdings and its Subsidiaries (i) is, and has at all times beenSince the Look-Back Date, in compliance in all material respects connection with all applicable requirements of law and Contractual Obligations regarding the collectioneach third-party servicing, protection, storage, useoutsourcing, processing, disclosure, retention and transfer of or otherwise using Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not beencollected, to the knowledge of the Credit Partiesheld, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings the Business, to the extent required by applicable Privacy Laws, Parent and its Subsidiaries have entered into valid, binding and enforceable written data processing agreements with any such third party to: (i) comply with applicable Privacy Laws with respect to Personal Information; (ii) act only in accordance with the instructions of Parent and its Subsidiaries; (iii) take appropriate steps to protect and secure Personal Information from data security incidents; (iv) restrict use of Personal Information to those authorized or required under the servicing, outsourcing, processing, or similar arrangement; and (v) agree to the return or adequate disposal or destruction of Personal Information. (g) Since the Look-Back Date, there have been no material data security incidents, data breaches, ransomware incidents, or other adverse events or incidents related to any of its Subsidiaries and is the Business’ Transferred IT Assets, Personal Information, or other data in the possession custody or control of Holdings Parent and its Subsidiaries or any service providers acting on behalf of Parent and its Subsidiaries, nor have any such breaches or violations been threatened in writing. To Parent and its Subsidiaries have implemented a data breach response plan which has been tested on at least an annual basis. (h) Since the knowledge Look-Back Date, there have not been any Actions related to any data security incidents, ransomware incidents, or any violations of any Privacy Requirements filed against Parent and its Subsidiaries (with respect to the Business), and, to the Knowledge of the Credit PartiesSellers, there are no facts or circumstances exist that which could reasonably be expected to give rise to serve as the basis for any such unauthorized intrusion or breach, unauthorized access or use, or compromiseActions. (di) Neither Holdings nor The execution, delivery and performance of this Agreement, including any transfer of Personal Information by Parent and its Subsidiaries has received anyin connection with the transactions contemplated by this Agreement, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effectcomplies with all Privacy Requirements.

Appears in 1 contract

Samples: Purchase Agreement (Avanos Medical, Inc.)

Data Privacy and Security. 104 (a) Holdings A2iA and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) iscomply, and has at all times beenduring the past three (3) years have complied, in compliance in all material respects with all applicable requirements of law and Contractual Obligations regarding its internal privacy policies relating to the use, collection, protection, storage, use, processing, disclosure, retention disclosure and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not been, to the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information collected by A2iA or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or third parties acting on behalf of Holdings or any having authorized access to the records of its Subsidiaries and is in the possession A2iA or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings A2iA nor any of its Subsidiaries has received any, and there has not been any written complaint delivered regarding A2iA’s or its Subsidiaries’ collection, use or disclosure of Personal Information. Neither A2iA nor any of its Subsidiaries has experienced any material breach of security or unauthorized access by third parties to Personal Information in A2iA’s or its Subsidiaries’ possession, custody or control. (b) A2iA’s or its Subsidiaries’ operation of any regulatory websites used in connection with the business of A2iA and its Subsidiaries, the content thereof, and all data processed, collected, stored or other governmental body disseminated in connection therewith, comply in all material respects with all Applicable Laws, and do not violate any Person’s right of privacy or officialpublicity. A2iA and its Subsidiaries have posted privacy policies governing A2iA’s and its Subsidiaries’ use of data, foreign and disclaimers of liability, on its websites, and A2iA and its Subsidiaries have complied with such applicable privacy policies in all material respects. A2iA and its Subsidiaries have taken reasonable steps in accordance with normal industry practices to secure its websites and data from unauthorized access or domesticuse thereof by any Person. To the Sellers’ Knowledge, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings no website security measure implemented by A2iA or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Informationhas been penetrated, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings website maintained by A2iA or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effecthas been the target of any defacement, unauthorized access, denial-of-service assault or other attack by hackers.

Appears in 1 contract

Samples: Share Purchase Agreement (Mitek Systems Inc)

Data Privacy and Security. 104 (a) Holdings Each of the Company and its Subsidiaries have implemented commercially reasonable proceduresis compliant in all material respects, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to past three (or intended to): (i3) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient years has complied in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no with, all (xi) failure or other substandard performance of any such information technology system or database that has caused any material disruption Data Protection Laws applicable to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings Company and its Subsidiaries, (ii) the Company Privacy and Data Security Policies, and (iii) all contracts to which the Company is a party or otherwise bound as of the date hereof concerning the privacy, security or Processing of Personal Data. (b) Each of Holdings the Company and its Subsidiaries maintains and implements, and has in the last three years implemented and maintained, commercially reasonable technical and organizational security measures, plans, procedures, controls, and programs, including a written information security program to (i) isidentify and address internal and external risks to the privacy and security of Personal Data in its possession or control; (ii) implement, monitor, and has at all times beenimprove adequate and effective administrative, technical, and physical safeguards to protect such Personal Data and the operation, integrity, and security of Company IT Systems involved in the Processing of Personal Data; and (iii) provide notification in compliance in all material respects with applicable Data Protection Laws or Company Privacy and Data Security Policies in the case of any Security Incident. The Company has a written contract in place with all applicable vendors, processors, or other third parties that Process any Personal Data for or on behalf of the Company or its Subsidiaries, and such contract complies with the requirements of law and Contractual Obligations regarding the collectionapplicable Data Security Laws, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Personsall material respects. (c) There The Company and its Subsidiaries have not beentransferred or permitted the transfer of Personal Data originating in the European Economic Area (“EEA”) or United Kingdom (“UK”) outside the EEA or UK, to except where such transfers have materially complied with the knowledge requirements of the Credit Partiesapplicable Data Protection Laws. (d) To the Company’s Knowledge, any material unauthorized intrusions or breaches the execution, delivery, and performance of this Agreement and the consummation of the security transactions contemplated hereby do not and will not result in a material violation or breach of any of the information technology systems Data Protection Laws or Company Privacy and databases, Data Security Policies (as currently existing or as existing at any material unauthorized access or use of time during which any Personal Information Data was collected or other information stored Processed by or contained therein or accessed or processed thereby, or any material compromise of for the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings Company or any of its Subsidiaries). (e) Since January 1, 2019, the Company and its Subsidiaries that relate have not experienced any material data or security breach leading to the protection unlawful use, loss, denial or loss of use, alteration, destruction, compromise, unauthorized access or disclosure (a “Security Incident”) of Personal Information. No Person hasData transmitted, to the knowledge of the Credit Parties, made any illegal stored or unauthorized use of Personal Information that was controlled otherwise Processed by or on behalf of Holdings the Company. The Company has not notified and, to the Company’s Knowledge, since January 1, 2020 there have been no facts or circumstances that would require the Company to notify individuals, other affected parties, law enforcement, or any Governmental Entity of any Security Incident. The Company and its Subsidiaries and is have not received any notices, correspondence, subpoenas, demands or other communication in writing from any Governmental Entity, or any material written complaint from any other Person in connection with any alleged violation of any Data Protection Law, and, to the possession Company’s Knowledge, there has not been any audit, investigation or control enforcement action (including any fines or other sanctions), in each case relating to, any actual, alleged, or suspected Security Incident or violation of Holdings any Data Protection Laws involving the Company or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effect.

Appears in 1 contract

Samples: Merger Agreement (Houghton Mifflin Harcourt Co)

Data Privacy and Security. 104 (a) Holdings The Company and its Subsidiaries have at all times for the past two (2) years complied with, and are currently in compliance with, all applicable Privacy Laws, Privacy and Data Security Policies (as defined below) and contractual commitments relating to the Processing of Personal Data (collectively, the “Privacy Requirements”). The Company and its Subsidiaries have implemented adequate written policies relating to the Processing of Personal Data as and to the extent required by applicable Law (“Privacy and Data Security Policies”). (b) There is no pending, nor has there been for the past two (2) years, any Proceeding against the Company or any of its Subsidiaries initiated by (i) any Person, (ii)the United States Federal Trade Commission, any state attorney general or similar state official, (iii) any other Governmental Entity, foreign or domestic, or (iv) any regulatory or self-regulatory entity, alleging that any violation of any Privacy Requirement by the Company or its Subsidiaries with respect to any Processing of Personal Data by or on behalf of the Company or any of its Subsidiaries. (c) There has been no breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or any of its Subsidiaries or, to the Company’s knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Company or any of its Subsidiaries, or any unauthorized intrusions, breaches of security or other data security incidents with respect to the Company IT Systems. (d) The Company and its Subsidiaries own or have license to use the Company IT Systems as necessary to operate the Business as currently conducted and the Company IT Systems operate and perform in a manner that permits the Company and its Subsidiaries to conduct the Business as currently conducted. To the Company’s knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the Software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person. (e) The Company has taken commercially reasonable organizational, physical, administrative and technical measures required by Privacy Requirements, and consistent with standards prudent in the industry in which the Company operates, designed to protect the integrity, security and operations of the Company IT Systems. The Company and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections implementing data backup, disaster avoidance, recovery and regular virus scansbusiness continuity procedures, and have satisfied the requirements of applicable Privacy Laws designed to ensure that software used in the operation of their business is materially free of any code designed detect data security incidents and to (or intended to): (i) disruptprotect Personal Data against loss and against unauthorized access, disableuse, harmmodification, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network disclosure or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiariesmisuse. (bf) Each The consummation of Holdings and its Subsidiaries (i) is, and has at all times been, in compliance in all material respects with all any of the transactions contemplated hereby or pursuant to any Ancillary Document will not violate any applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other PersonsPrivacy Requirements. (cg) There have not beenbeen any Proceedings related to any unauthorized intrusions, to the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed therebydata security incidents, or any material compromise violations of any Privacy Requirements, that have been asserted against the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings Company or any of its Subsidiaries that relate to the protection of Personal Information. No Person hasand, to the knowledge of Company’s knowledge, neither the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings Company nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domesticinformation relating to, or notice of any auditProceedings with respect to, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings any alleged violations by the Company or any of its Subsidiaries by of any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse EffectPrivacy Requirements.

Appears in 1 contract

Samples: Business Combination Agreement (Redwoods Acquisition Corp.)

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): The Sellers (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or last three (3) years have been and are in material compliance with all Data Protection Requirements; (ii) compromise the have developed and implemented public privacy or notices and internal data security or privacy policies and procedures (copies of a user or damage or destroy any data or file without the user’s consent. The information technology systems which have been made available to Purchaser); (iii) have maintained commercially reasonable and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Partiesnecessary administrative, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) isphysical, and has at all times been, in compliance in all material respects with all applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable technical safeguards in place designed to protect the confidentiality, integrity, and availability of Personal Information in their possession or control from control, and to prevent the loss and unauthorized access by other Personsuse, access, alteration, destruction or disclosure of such Personal Information; and (iv) trained their employees to follow these policies and procedures. (b) No Seller has been subject to or received notice of any Action, Order, or written complaint regarding the unauthorized or unlawful protection, collection, access, use, storage, disposal, disclosure, or transfer of Personal Information or the violation of any Data Protection Requirements, nor, to Sellers’ Knowledge, is any Action or Order threatened against a Seller. (c) There The Sellers have not beensuffered, to the knowledge of the Credit Partiesdiscovered, any material unauthorized intrusions or breaches of the security been notified of any of the information technology systems and databasesunauthorized acquisition, any material unauthorized use, disclosure, access to, or use breach of any Personal Information that (i) constitutes a breach or other information stored a data security incident under any Data Protection Requirements; or contained therein (ii) materially compromises (individually or accessed in the aggregate) the security or processed thereby, or any material compromise privacy of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of such Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings nor any No Seller has reported a breach or compromise of its Subsidiaries has received any, and there has not been any written complaint delivered Personal Information to any regulatory Person, either voluntarily or other governmental body based on Data Protection Requirements. (e) No Seller has filed a claim for coverage relating to any data security or official, foreign or domesticprivacy matter covered under an insurance policy issued to, or on behalf of, a Seller. 33 (f) Each Seller has performed an annual security risk assessment. Each Seller has addressed and remediated all critical and high risk threats and deficiencies identified in such security risk assessments. (g) The consummation of the transactions contemplated hereby does not violate any auditData Protection Requirements. Immediately following the Closing, proceeding, investigation (whether formal or informal), or claim against or relating the surviving entity will own and continue to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding have the collection, use, retention, storage, transfer, disposal, disclosure or other processing of right to use all Personal Information, Information on materially identical terms and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected conditions as the Sellers enjoyed immediately prior to result in a Material Adverse Effectthe Closing Date.

Appears in 1 contract

Samples: Asset Purchase Agreement (Ideanomics, Inc.)

Data Privacy and Security. 104 (ai) Holdings Since the Date of Inception, the Processing of any Personal Data by any Seller and its Subsidiaries have implemented commercially reasonable procedureshas not materially violated, including firewall protections and regular virus scansdoes not materially violate, designed to ensure that software used any applicable Privacy and Data Security Requirements. There is no Action pending, asserted in the operation writing or threatened in writing against any Seller or any of their business is materially free Subsidiaries alleging a violation of any code designed Privacy and Data Security Requirement or any Person’s right of privacy or publicity, and, to (or intended to): the Knowledge of the Sellers, no valid basis exists for any such Action. Neither the Sellers nor its Subsidiaries have (i) disrupt, disable, harm, or otherwise impede in received any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, written communications from or (ii) compromise to the privacy or data security Knowledge of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for Sellers, been the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance subject of any such information technology system investigation by a data protection authority or database that has caused any material disruption to the business other Governmental Entity, in each of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries clause (i) is, and has at all times been, in compliance in all material respects with all applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect ), regarding data security or the Processing of Personal Information in their possession Data. The execution and performance of this Agreement by the Sellers will not materially breach or control from unauthorized access by other Persons. (c) There have not been, to the knowledge of the Credit Parties, otherwise cause any material unauthorized intrusions or breaches of violation on the security part of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings Seller or any of its Subsidiaries that relate to of any applicable Privacy and Data Security Requirements. (ii) To the protection of Personal Information. No Person hasextent required by the Privacy and Data Security Requirements, to the knowledge each of the Credit Parties, made any illegal or unauthorized use of Sellers and their Subsidiaries have contractually obligated all data processors that Process Personal Information that was controlled by Data for or on behalf of Holdings the Sellers or any of its their Subsidiaries to contractual terms relating to the protection and is in the possession use of IT Assets, or control of Holdings Personal Data or any of its Subsidiariesconfidential information thereon, that obligate such data processors to comply with all applicable Privacy and Data Security Requirements and to take reasonable steps to protect and secure Personal Data or confidential information from loss, theft, misuse or unauthorized use, access, modification or disclosure. To the knowledge Knowledge of the Credit PartiesSellers, there have not been any material violations of such contractual obligations. (iii) To the Knowledge of the Sellers, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, Person has gained unauthorized access to, engaged in unauthorized Processing, disclosure or use, or compromise. accidentally or unlawfully destroyed, lost or altered (di) Neither Holdings nor any Personal Data or confidential information related to the business of the Sellers or their Subsidiaries or (ii) any IT Assets that Process Personal Data related to the business of the Sellers or their Subsidiaries, its Subsidiaries has received anyrespective Personal Data processors, and there has not been any written complaint delivered to any regulatory customers, subcontractors or other governmental body or official, foreign or domesticvendors, or any auditother Persons on its behalf. Neither the Sellers nor their Subsidiaries has notified or, proceedingas of date of this Agreement, investigation (whether formal plans to notify, either voluntarily or informal)as required by applicable Privacy and Data Security Requirements, any affected individual, any third party, any Governmental Entity or claim against the media of any breach or relating to Holdings non-permitted use or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation Data of the Sellers or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effecttheir Subsidiaries.

Appears in 1 contract

Samples: Asset Purchase Agreement (Silvergate Capital Corp)

Data Privacy and Security. 104 (a) Holdings Section 3.27(a) of the Company Disclosure Schedule contains a description of the types of Personal Data currently Processed by or for the Company and its Subsidiaries have implemented commercially reasonable procedureseach Subsidiary, including firewall protections and regular virus scans, designed to ensure that software used the countries in which the operation of their business is materially free of any code designed to (or intended to): Company has (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, operations or (ii) compromise customers. The Company and the Subsidiaries have for the past three (3) years complied in all material respects with all applicable Information Privacy and Security Laws, all of the Company Privacy Policies, and all their contractual obligations to any Person regarding privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiariestheir Processing of Personal Data. (b) Each The Company and the Subsidiaries have not received any written or, to the Company’s Knowledge, other notice of Holdings any claims, audits, investigations by regulatory authorities or any data protection authorities, or written or, to the Company’s Knowledge, other allegations of violations of Information Privacy and Security Laws by the Company or any Subsidiary or with respect to Personal Data Processed by, or under the control of, the Company or any Subsidiary. The Company and the Subsidiaries and, to the Knowledge of the Company, their respective customers have not received any written or, to the Company’s Knowledge, other complaints or claims from any Person alleging any violation of applicable Information Privacy and Security Laws by the Company or any Subsidiary in their Processing of Personal Data. (c) Where the Company or a Subsidiary uses a data processor to Process Personal Data on behalf of the Company or such Subsidiary, and where, individually or in the aggregate, such use would reasonably be expected to be material to the Company and its Subsidiaries, taken as a whole, such data processor is subject to obligations under one or more Contracts with the Company or such Subsidiary to (i) comply in all material respects with applicable Laws; and (ii) use reasonable measures to protect and secure Personal Data within such Data Processor’s control from unauthorized access, use, disclosure, and other Processing. (d) The Company and its Subsidiaries (i) is, maintain and has at all times been, are in material compliance with a written information security program in compliance in all material respects with all applicable requirements Information Privacy and Security Laws that: (i) includes reasonable and appropriate administrative, technical and physical safeguards designed to safeguard the security, confidentiality, and integrity of law Company Data; (ii) designed to protect against unauthorized access to the Internal Systems and Contractual Obligations regarding Company Data (including on the collectionsystems of third parties with access to such Internal Systems or Company Data); and (iii) provides for the back-up and recovery of the material Company Data Processed using Internal Systems without material disruption or interruption to the conduct of the Company’s and the Subsidiaries’ respective businesses. The Company and each Subsidiary has, protectionat all times in the past three (3) years, storagecomplied in all material respects with such information security program. During the past three (3) years, use(i) to the Knowledge of the Company, processingneither the Company nor the Subsidiaries, disclosurenor any third party acting on their behalf, retention and transfer of Personal Information has suffered or incurred a material Data Security Incident, and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not been, to neither the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of Company nor any of the information technology systems and databases, Subsidiaries has notified any material unauthorized access or use Person of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromiseData Security Incident. (d) Neither Holdings nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effect.

Appears in 1 contract

Samples: Merger Agreement (Progress Software Corp /Ma)

Data Privacy and Security. 104 (a) Holdings The Company and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in for the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient past four years complied in all material respects for with all applicable Information Privacy and Security Laws, all of the needs Company Privacy Policies, and all their obligations set forth in a Contract to any Person regarding data privacy data security, or the Processing of their business Personal Data. (b) The Company uses commercially reasonable effort to require third parties that Process Personal Data on behalf of the Company or its Subsidiaries to (i) comply with applicable Information Privacy and in accordance with customary industry standards Security Laws; and practices. There has been no (xii) failure take reasonable steps to protect and secure Personal Data from unauthorized access, use, disclosure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings Processing. (c) The Company and its Subsidiaries have not received any notice of any claims, audits, investigations (including investigations by regulatory authorities or (y) to any data protection authorities), or allegations of violations of Information Privacy and Security Laws by the knowledge of the Credit Parties, unauthorized intrusions Company or breaches of security any Subsidiary or with respect to Personal Data Processed by, or under the control of, the Company or any information technology systems of its Subsidiaries. The Company, any of its Subsidiaries and databases used their respective customers have not received any complaints or claims from any Person with respect to the Processing of Personal Data by Holdings the Company and any of its Subsidiaries. (bd) Each The Company and each of Holdings and its Subsidiaries (i) is, has established and has at all times been, is in compliance in all material respects with a written information security program that complies with all applicable requirements of law Information Privacy and Contractual Obligations regarding Security Laws that: (i) includes reasonable and appropriate administrative, technical and physical safeguards designed to safeguard the collectionsecurity, protectionconfidentiality, storage, use, processing, disclosure, retention and transfer integrity of Personal Information and Data; (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from protects against unauthorized access by other Persons. (c) There have not beento Personal Data. For the past four years, to neither the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of Company nor its Subsidiaries, nor any third party acting on their behalf by Processing Personal Data, has suffered or incurred a material Data Security Incident. To For the knowledge of past four years, neither the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings Company nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domesticnotified, or been required to notify under any auditapplicable Information Privacy or Security Laws, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any Person of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse EffectData Security Incident.

Appears in 1 contract

Samples: Stock Purchase Agreement (Progress Software Corp /Ma)

Data Privacy and Security. 104 (a) Holdings The Company and each of its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and during the three (3) years immediately prior to the date hereof has at all times been, in compliance in all material respects with (i) all applicable requirements Information Privacy and Security Laws, (ii) all Contracts or terms of law use to which it is a party or otherwise apply to the Company or a Subsidiary relating to data privacy, data use, data protection and Contractual Obligations regarding data security, including with respect to the collection, protectionstorage, storagetransmission, transfer (including cross-border transfers), disclosure, destruction, amendment and use of, and individual access to, Personal Information, and (iii) the Payment Card Industry Data Security Standard (PCI-DSS). Each of the Company and its Subsidiaries has adopted and published privacy notices and policies to any website, mobile application or other electronic platform and complied with those notices and policies. Each of the Company and its Subsidiaries has all necessary authority, consents and authorizations to receive, access, use and disclose the Personal Information in each of the Company’s or any Subsidiary’s possession or under its control in connection with the operation of the Business. Each of the Company and its Subsidiaries has implemented and maintains reasonable administrative, technical and physical safeguards to ensure that Personal Information is protected against loss, damage and unauthorized access, use, processingmodification, or other misuse. During the three (3) years immediately prior to the date hereof, there has been no loss, damage or unauthorized access, use, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession modification, or control from unauthorized access by other Persons. (c) There have not been, to the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use misuse of any Personal Information maintained by or other information stored or contained therein or accessed or processed thereby, on behalf of the Company or any material compromise of its Subsidiaries, including any loss, damage or unauthorized access, use or disclosure for which the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings Company or any of its Subsidiaries that relate is required under applicable Laws to the protection of Personal Informationnotify a Person. No Person has(including any Governmental Authority) has provided any notice, made any Claim or, to the knowledge of the Credit PartiesCompany’s knowledge, made commenced any illegal investigation, litigation or proceeding with respect to loss, damage or unauthorized use access, use, disclosure, modification, or other misuse of any Personal Information that was controlled maintained by or on behalf of Holdings the Company or any of its Subsidiaries and, to the Company’s knowledge, there is no reasonable basis for any such notice, Claim or investigation, litigation or proceeding. The (A) collection, storage, processing, transfer, sharing and is destruction of Personal Information in connection with the possession transactions contemplated by this Agreement and (B) execution, delivery and performance of this Agreement and the other agreements and instruments contemplated hereby and the consummation of the transactions contemplated hereby and thereby complies with the Company’s applicable privacy notices and policies and with all applicable Information Privacy and Security Laws. The Company or control of Holdings or any one of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breachas applicable, unauthorized access or use, or compromise. (d) Neither Holdings nor any of its Subsidiaries has received anyat all times made all disclosures to, and there obtained any necessary consents and authorizations from, users, customers, employees, contractors and other applicable Persons required by applicable Information Privacy and Security Laws and has not been filed any written complaint delivered required registrations with the applicable data protection authority, including any consents or authorizations necessary to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding operate the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse EffectBusiness.

Appears in 1 contract

Samples: Stock Purchase Agreement (Advisory Board Co)

AutoNDA by SimpleDocs

Data Privacy and Security. 104 (a) Holdings Except as is not and its Subsidiaries have implemented commercially reasonable procedureswould not, including firewall protections and regular virus scans, designed to ensure that software used individually or in the operation of their business is materially free of any code designed aggregate, reasonably be expected to (or intended to): be material to the Business, taken as a whole, the Transferred Company and the Selling Entities, in connection with the Business, are in compliance with (i) disruptall applicable Laws relating to the privacy, disablesecurity, harmcollection, safeguarding, storage, transfer, use, disclosure, processing, erasure, or otherwise impede in any manner the operation ofdestruction (collectively, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or “Processing”) of Personal Information (“Privacy Laws”) and (ii) compromise all contractual requirements by which the privacy or data security Transferred Company and the Selling Entities, in connection with the Business, are bound that are applicable to Processing of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its SubsidiariesPersonal Information. (b) Each of Holdings The Transferred Company and its Subsidiaries Selling Entities maintain commercially reasonable measures to (i) is, and has at all times been, protect the Personal Information in compliance the possession or control of the Transferred Company or any Selling Entity in all material respects connection with all applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, Business from unauthorized use, processing, disclosure, retention and transfer of Personal Information access or modification and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not been, to maintain the knowledge integrity and security of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems IT Systems and databases, any material unauthorized access or use of any Personal Information or other all information stored or contained therein or accessed or processed transmitted thereby, or any material compromise of the confidentialityagainst unauthorized use, integrityaccess, interruption, modification, or availability corruption, or the occurrence of an Information Security Incident. The Processing of Personal Information and maintenance of IT Systems by the Transferred Company and the Selling Entities in connection with the Business are done in a manner consistent in all material respects with the Transferred Company’s and Selling Entities’ applicable policies. (c) Except as is not and would not, individually or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Partiesaggregate, no facts or circumstances exist that could reasonably be expected to give rise be material to any such unauthorized intrusion the Business, taken as a whole, no Information Security Incident relating to the Business or breachthe Transferred Company has occurred since January 1, unauthorized access 2021 or use, or compromiseis continuing. (d) Neither Holdings the Transferred Company nor any part of its Subsidiaries the Business that owns the Transferred Assets has received anybeen, and there has is not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceedingcurrently under, investigation (whether formal or informal)similar proceeding) by any Governmental Entity in respect of a violation of Privacy Laws that is or would, individually or claim in the aggregate, reasonably be expected to be material to the Business, taken as a whole. There are no claims pending against or relating to Holdings the Transferred Company or any of its Subsidiaries Selling Entity by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding Governmental Entity related to the collection, use, retention, storage, transfer, disposal, disclosure or other processing Processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any related alleged, suspected, or actual violations of its Subsidiaries that could Privacy Laws, except as would not, individually or in the aggregate, reasonably be expected to result in a Material Adverse Effectbe material to the Business.

Appears in 1 contract

Samples: Equity and Asset Purchase Agreement (Martin Marietta Materials Inc)

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and has at all times been, in compliance in all material respects with all applicable requirements of law and Contractual Obligations regarding the collection, protection, storage, use, processing, disclosure, retention and transfer of Personal Information and (ii) has commercially reasonable safeguards in place to protect Personal Information in their possession or control from unauthorized access by other Persons. (c) There have not been, to the knowledge of the Credit Parties, any material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromise. (d) Neither Holdings nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effect.

Appears in 1 contract

Samples: Credit and Guaranty Agreement (ONE Group Hospitality, Inc.)

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and Company has at all times beensince January 1, in compliance 2018 complied in all material respects with all applicable requirements of law Privacy Laws, Privacy and Contractual Obligations regarding Data Security Policies (as defined below), and contractual commitments concerning the collectionPayment Card Industry Data Security Standards (if any) (collectively, protection, storage, use, processing, disclosure, retention and transfer the “Privacy Requirements”). The Company has implemented adequate written policies relating to the Processing of Personal Information Data as and to the extent required by applicable Law (“Privacy and Data Security Policies”). (b) There is no pending, nor has there been since January 1, 2018 any material Proceedings against the Company initiated by (i) any Person; (ii) has commercially reasonable safeguards the United States Federal Trade Commission, any state attorney general or similar state official; (iii) any other Governmental Entity, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging that any Processing of Personal Data by or on behalf of the Company is in place to protect Personal Information in their possession or control from unauthorized access by other Personsviolation of any Privacy Requirements. (c) There have not beenSince January 1, 2018, there has been no material breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or, to the knowledge Company’s knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Credit PartiesCompany, or any material unauthorized intrusions or breaches of security into the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromiseCompany systems. (d) Neither Holdings nor The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of its Subsidiaries any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person. (e) The Company has received anytaken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and there has not been any written complaint delivered to any regulatory (ii) the confidential data owned by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other governmental body or officialmisuse. The Company has implemented reasonable procedures, foreign or domesticsatisfying the requirements of applicable Privacy Laws in all material respects, or any audit, proceeding, investigation (whether formal or informal), or claim to detect data security incidents and to protect Personal Data against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collectionloss and against unauthorized access, use, retention, storage, transfer, disposalmodification, disclosure or other processing misuse. (f) In connection with each third-party service provider whose services are material to the Company and involve the Processing of Personal InformationData on behalf of the Company, and no the Company has in accordance with Privacy Laws, since January 1, 2018, entered into valid data processing agreements with any such complaintthird party in accordance with applicable Privacy Laws. (g) The consummation of any of the transactions contemplated hereby, audit, proceeding, investigation will not violate any applicable Privacy Requirements. (h) There have not been any Proceedings related to any data security incidents or claim has any violations of any Privacy Requirements that have been threatened asserted in writing against Holdings the Company, and, to the Company’s knowledge, the Company has not received any written correspondence relating to, or written notice of any Proceedings with respect to, alleged violations by the Company of, Privacy Requirements. (i) The Company has not transferred any Personal Data from the European Union or United Kingdom to a jurisdiction outside the European Economic Area or United Kingdom, other than in accordance with Articles 45 and 46(2) of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effectthe GDPR.

Appears in 1 contract

Samples: Business Combination Agreement (Alpha Healthcare Acquisition Corp.)

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and Company has at all times beensince January 1, in compliance 2019 complied in all material respects with all applicable requirements of law Privacy Laws, Privacy and Contractual Obligations regarding Data Security Policies (as defined below), and contractual commitments concerning the collectionPayment Card Industry Data Security Standards (if any) (collectively, protection, storage, use, processing, disclosure, retention and transfer the “Privacy Requirements”). The Company has implemented adequate written policies relating to the Processing of Personal Information Data as and to the extent required by applicable Law (“Privacy and Data Security Policies”). (b) There is no pending, nor has there been since January 1, 2019 any material Proceedings against the Company initiated by (i) any Person; (ii) has commercially reasonable safeguards the United States Federal Trade Commission, any state attorney general or similar state official; (iii) any other Governmental Entity, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging that any Processing of Personal Data by or on behalf of the Company is in place to protect Personal Information in their possession or control from unauthorized access by other Personsviolation of any Privacy Requirements. (c) There have not beenSince January 1, 2019, there has been no material breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or, to the knowledge Company’s knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Credit PartiesCompany, or any material unauthorized intrusions or breaches of security into the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is in the possession or control of Holdings or any of its Subsidiaries. To the knowledge of the Credit Parties, no facts or circumstances exist that could reasonably be expected to give rise to any such unauthorized intrusion or breach, unauthorized access or use, or compromiseCompany systems. (d) Neither Holdings nor The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of its Subsidiaries any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person. (e) The Company has received anytaken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and there has not been any written complaint delivered to any regulatory (ii) the confidential data owned by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other governmental body or officialmisuse. The Company has implemented reasonable procedures, foreign or domesticsatisfying the requirements of applicable Privacy Laws in all material respects, or any audit, proceeding, investigation (whether formal or informal), or claim to detect data security incidents and to protect Personal Data against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collectionloss and against unauthorized access, use, retention, storage, transfer, disposalmodification, disclosure or other processing misuse. (f) In connection with each third-party service provider whose services are material to the Company and involve the Processing of Personal InformationData on behalf of the Company, and no the Company has in accordance with Privacy Laws, since January 1, 2018, entered into valid data processing agreements with any such complaintthird party in accordance with applicable Privacy Laws. (g) The consummation of any of the transactions contemplated hereby, audit, proceeding, investigation will not violate any applicable Privacy Requirements. (h) There have not been any Proceedings related to any data security incidents or claim has any violations of any Privacy Requirements that have been threatened asserted in writing against Holdings the Company, and, to the Company’s knowledge, the Company has not received any written correspondence relating to, or written notice of any Proceedings with respect to, alleged violations by the Company of, Privacy Requirements. (i) The Company has not transferred any Personal Data from the European Union or United Kingdom to a jurisdiction outside the European Economic Area or United Kingdom, other than in accordance with Articles 45 and 46(2) of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effectthe GDPR.

Appears in 1 contract

Samples: Business Combination Agreement (Alpha Healthcare Acquisition Corp Iii)

Data Privacy and Security. 104 (a) Holdings The Company has implemented written policies relating to the Processing of Personal Data as and its Subsidiaries have implemented commercially reasonable procedures, including firewall protections to the extent required by applicable Law (“Privacy and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consentData Security Policies”). The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption to the business of Holdings and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems and databases used by Holdings and its Subsidiaries. (b) Each of Holdings and its Subsidiaries (i) is, and Company has at all times been, in compliance complied in all material respects with all applicable requirements of law Privacy Laws, the Privacy and Contractual Obligations regarding Data Security Policies and contractual obligations entered into by the Company relating to the receipt, collection, protectioncompilation, use, storage, useprocessing, processingsharing, safeguarding, security, disposal, destruction, disclosure, retention and or transfer of Personal Information Data (collectively, the “Privacy Requirements”). The Company owns or has a binding Contract in place to use the Company IT Systems as necessary to operate the business of the Company as currently conducted in all material respects. The Company has established data safeguards against the destruction, loss, damage, corruption, alteration, loss of integrity, commingling or unauthorized access, acquisition, use, disclosure or other Processing of Personal Data that are consistent with industry standards and the requirements of applicable Law. The Company maintains backups of all data used to conduct the business of the Company at a reasonable frequency. (b) The Company has not received written notice of any pending Proceedings, nor to the knowledge of the Company has there been any Proceedings against the Company initiated by (i) any Person; (ii) has commercially reasonable safeguards the United States Federal Trade Commission, any state attorney general or similar state official; or (iii) any other Governmental Entity, in place to protect each case, alleging that any Processing of Personal Information Data by or on behalf of the Company is in their possession or control from unauthorized access by other Personsviolation of any Privacy Requirements. (c) There have not been, to To the knowledge of the Credit PartiesCompany, any material during the past seven (7) years, (i) there has been no unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability Processing of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is Data in the possession or control of Holdings or the Company and/or any of its Subsidiaries. To the knowledge service providers of the Credit Parties, Company and (ii) there have been no facts unauthorized intrusions or circumstances exist that could reasonably be expected to give rise to breaches of security into any such unauthorized intrusion or breach, unauthorized access or use, or compromiseCompany IT Systems under the control of the Company. (d) Neither Holdings nor any of its Subsidiaries has received any, and there has not been any written complaint delivered to any regulatory or other governmental body or official, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collection, use, retention, storage, transfer, disposal, disclosure or other processing of Personal Information, and no such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in a Material Adverse Effect.

Appears in 1 contract

Samples: Merger Agreement (Big Cypress Acquisition Corp.)

Data Privacy and Security. 104 (a) Holdings and its Subsidiaries have Each Group Company has implemented commercially reasonable procedures, including firewall protections and regular virus scans, designed to ensure that software used in the operation of their business is materially free of any code designed to (or intended to): (i) disrupt, disable, harm, or otherwise impede in any manner the operation of, or provide unauthorized access to, a computer system or network or other device on which such code is stored or installed, or (ii) compromise the privacy or data security of a user or damage or destroy any data or file without the user’s consent. The information technology systems and databases used by Holdings and its Subsidiaries are sufficient in all material respects for the needs of their business and in accordance with customary industry standards and practices. There has been no (x) failure or other substandard performance of any such information technology system or database that has caused any material disruption written policies relating to the business Processing of Holdings Personal Data as and its Subsidiaries or (y) to the knowledge of the Credit Parties, unauthorized intrusions or breaches of security with respect to any information technology systems extent required by applicable Law (“Privacy and databases used by Holdings and its Subsidiaries. (b) Data Security Policies”). Each of Holdings and its Subsidiaries (i) is, and Group Company has at all times been, in compliance complied in all material respects with all applicable requirements of law Privacy Laws, the Privacy and Contractual Obligations regarding Data Security Policies and contractual obligations entered into by a Group Company relating to the receipt, collection, protectioncompilation, use, storage, useprocessing, processingsharing, safeguarding, security, disposal, destruction, disclosure, retention and or transfer of Personal Information and Data (collectively, the “Privacy Requirements”). (b) As of the date hereof, the Company has not received notice of any pending Proceedings, nor has there been any material Proceedings against any Group Company initiated by (i) any Person; (ii) has commercially reasonable safeguards the United States Federal Trade Commission, any state attorney general or similar state official; or (iii) any other Governmental Entity, in place to protect each case, alleging that any Processing of Personal Information Data by or on behalf of a Group Company is in their possession or control from unauthorized access by other Personsviolation of any Privacy Requirements. (c) There have not been, to Since the knowledge incorporation of the Credit PartiesCompany, any except as set forth on Section 3.20(c) of the Company Disclosure Schedules, (i) there has been no material unauthorized intrusions or breaches of the security of any of the information technology systems and databases, any material unauthorized access or use of any Personal Information or other information stored or contained therein or accessed or processed thereby, or any material compromise of the confidentiality, integrity, or availability Processing of Personal Information or the physical, technical, administrative, or organizational safeguards put in place by Holdings or any of its Subsidiaries that relate to the protection of Personal Information. No Person has, to the knowledge of the Credit Parties, made any illegal or unauthorized use of Personal Information that was controlled by or on behalf of Holdings or any of its Subsidiaries and is Data in the possession or control of Holdings or any Group Company and/or any of its Subsidiaries. To the knowledge service providers of any Group Company and (ii) to the Credit PartiesCompany’s knowledge, there have been no facts unauthorized intrusions or circumstances exist that could reasonably be expected to give rise to breaches of security into any such unauthorized intrusion or breach, unauthorized access or use, or compromiseCompany IT Systems under the control of any Group Company. (d) Neither Holdings nor any Each Group Company owns or has a binding Contract in place to use the Company IT Systems as necessary to operate the business of its Subsidiaries each Group Company as currently conducted in all material respects. (e) Each Group Company has received anyestablished data safeguards against the destruction, and there has not been any written complaint delivered to any regulatory loss, damage, corruption, alteration, loss of integrity, commingling or other governmental body or officialunauthorized access, foreign or domestic, or any audit, proceeding, investigation (whether formal or informal), or claim against or relating to Holdings or any of its Subsidiaries by any private party or any regulatory or other governmental body or official, foreign or domestic, regarding the collectionacquisition, use, retention, storage, transfer, disposal, disclosure or other processing Processing of Personal Information, Data that are consistent with industry standards and no the requirements of applicable Law. Each Group Company maintains backups of all data used to conduct the business of such complaint, audit, proceeding, investigation or claim has been threatened in writing against Holdings or any of its Subsidiaries that could reasonably be expected to result in Group Company at a Material Adverse Effectreasonable frequency.

Appears in 1 contract

Samples: Business Combination Agreement (Amplitude Healthcare Acquisition Corp)

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!