Common use of Data Protection and Cybersecurity Clause in Contracts

Data Protection and Cybersecurity. (a) For the purposes of this Section 6.23 and Section 10.3, the terms “personal data breach” and “processing” (and its cognates) shall have the meaning given to them in the GDPR. (b) Each Target Company (i) has implemented and maintains appropriate technical and organizational measures designed to protect Personal Data relating to the business of the Target Company against personal data breaches and cybersecurity incidents and (ii) complies in all material respects with all contractual obligations to which it is bound relating to the privacy, security, processing, transfer and confidentiality of Personal Data. (c) Except as would not, individually or in the aggregate, be material to the Target Companies, taken as a whole, since January 1, 2020, no Target Company has (i) suffered, or has discovered, any security breach of or, to the Knowledge of the Company, intrusion into any Target Company’s computer networks, the IT Systems or any other computer networks or systems containing Personal Data or a Target Company’s data, (ii) been subject to any actual, pending or, to the Knowledge of the Company, threatened in writing investigations, notices or requests from any Governmental Authority in relation to their data processing or cybersecurity activities, and (iii) received any actual, pending or, to the Knowledge of the Company, threatened claims from individuals alleging any breach of, or exercising their rights under, Data Protection Laws.

Data Protection and Cybersecurity. (a) For the purposes of this Section 6.23 6.22 and Section 10.3, the terms “personal data breach” and “processing” (and its cognates) shall have the meaning given to them in the GDPR. (b) Each Target Company (i) has implemented and maintains appropriate technical and organizational measures designed to protect Personal Data relating to the business of the Target Company against personal data breaches and cybersecurity incidents and (ii) complies in all material respects with all contractual obligations to which it is bound relating to the privacy, security, processing, transfer and confidentiality of Personal Data. (c) Except as would not, individually or in the aggregate, be material to the Target Companies, taken as a whole, since January 1, 2020, no Target Company has (i) suffered, or has discovered, any security breach of or, to the Knowledge of the Company, intrusion into any Target Company’s computer networks, the IT Systems or any other computer networks or systems containing Personal Data or a Target Company’s data, (ii) been subject to any actual, pending or, to the Knowledge of the Company, threatened in writing investigations, notices or requests from any Governmental Authority in relation to their data processing or cybersecurity activities, and (iii) received any actual, pending or, to the Knowledge of the Company, threatened claims from individuals alleging any breach of, or exercising their rights under, Data Protection Laws.

Data Protection and Cybersecurity. (a) For the purposes of this Section 6.23 and Section 10.34.15, the terms “personal data breach” and “processing” (and its cognates) shall have the meaning given to them in the GDPR. (b) Each Target Company MGO (i) has implemented and maintains appropriate technical and organizational measures designed to protect Personal Data relating to the business of the Target Company MGO against personal data breaches and cybersecurity incidents and (ii) complies in all material respects with all contractual obligations to which it is bound relating to the privacy, security, processing, transfer and confidentiality of Personal Data. (c) Except as would not, individually or in the aggregate, be material to the Target CompaniesMGO, taken as a whole, since January 1, 20202021, no Target Company none of MGO or any MGO Subsidiary has (i) suffered, or has discovered, any security breach of or, to the Knowledge of the CompanyMGO, intrusion into any Target Companyof MGO’s computer networks, the IT Systems or any other computer networks or systems containing Personal Data or a Target CompanyMGO’s data, (ii) been subject to any actual, pending or, to the Knowledge of the CompanyMGO, threatened in writing investigations, notices or requests from any Governmental Authority in relation to their data processing or cybersecurity activities, and (iii) received any actual, pending or, to the Knowledge of the CompanyMGO, threatened claims from individuals alleging any breach of, or exercising their rights under, Data Protection Laws.