Data Privacy & Cybersecurity. (a) Except as would not be material to the Company Group, taken as a whole, (i) each member of the Company Group is, and at all times since January 1, 2021, has been, in compliance with all Privacy Obligations; (ii) the Company and the Company Subsidiaries have used commercially reasonable efforts to ensure that all service providers, data processors and other third parties that process any Personally Identifiable Information on behalf of the Company or any of the Company Subsidiaries are bound by written agreements including any terms required by applicable Privacy Laws and requiring such third parties to comply with applicable Privacy Laws and (iii) neither the execution of this Agreement by the Company nor the consummation of the Transactions will result in a breach or violation of any Privacy Obligation by the Company or any Company Subsidiary. Except as would not be material to the Company Group, taken as a whole, neither the Company nor any Company Subsidiary has received any written or, to the Knowledge of the Company, threatened notices or complaints from any person or Governmental Authority alleging, or been subject to any audits or investigations concerning, and no Action is pending or, to the Knowledge of the Company, threatened alleging any failure to comply with any Privacy Obligations. (b) Except as would be material to the Company Group, taken as a whole, (i) the Systems operate and perform in accordance with their written documentation and functional specifications and, since January 1, 2021, otherwise have not malfunctioned, failed or experienced any breakdowns that resulted in continued substandard performance, or that caused disruption to or interruption of the business of the Company or any Company Subsidiary; (ii) each member of the Company Group has implemented and maintains commercially reasonable backup and data recovery, disaster recovery, encryption and business continuity policies, plans, procedures, facilities, and other reasonable technical and organizational measures, designed to prevent any failure, malfunction, breakdown, performance reduction, loss, theft, interruption, or unauthorized access, use, exfiltration, destruction, alteration, disclosure, modification, corruption, intrusion, breach of any security, or other adverse event affecting any Systems owned or controlled by, or, to the extent used in the operation of the business of the Company Group, licensed or leased to, the Company or any Company Subsidiary or any sensitive or confidential information, including Personally Identifiable Information, in the possession or control of the Company or any Company Subsidiary (each, a “Data Breach”); (iii) there has been no actual or alleged Data Breach affecting any Systems owned or controlled by or, to the Knowledge of the Company, licensed or leased to the Company or any Company Subsidiary; and (iv) no circumstances have arisen that would require the Company or any Company Subsidiary to notify a Governmental Authority or any other person of a Data Breach affecting any Systems owned or controlled by or, to the Knowledge of the Company, licensed or leased to the Company or any Company Subsidiary. Except as would not have a Company Material Adverse Effect, to the Knowledge of the Company, the Systems are free from any disabling codes or instructions, spyware, malware, Trojan horses, worms, viruses or other Software routines or devices that could be reasonably expected to permit or cause a Data Breach or any such Systems to be erased, inoperable, or otherwise incapable of being used.
Appears in 4 contracts
Samples: Merger Agreement (Nordson Corp), Merger Agreement (Nordson Corp), Merger Agreement (Nordson Corp)