Data Security Obligations. (i) The Company and each of its subsidiaries have complied and are presently in compliance with all internal and external privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations” and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) of there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation. The Company and each of its subsidiaries have taken all technical and organizational measures necessary to protect the information technology systems and Data used in connection with the operation of the Company’s and its subsidiaries’ businesses. Without limiting the foregoing, the Company and its subsidiaries have used reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s and its subsidiaries’ businesses (“Breach”). There has been no such Breach, and the Company and its subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, any such Breach.
Appears in 2 contracts
Samples: Underwriting Agreement (Napco Security Technologies, Inc), Underwriting Agreement (Napco Security Technologies, Inc)
Data Security Obligations. (iA) The Company and each of its subsidiaries have complied complied, and are presently presently, and since the Company’s and its subsidiaries inception have been, in compliance in all material respects, with all applicable internal and external privacy policies, contractual obligations, industry standards, applicable lawsstate, federal and international data privacy and security laws and regulations, including without limitation and to the extent applicable, the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, the European Union General Data Protection Regulation (EU 2016/679), the California Consumer Privacy Act, and other statutes, judgments, orders, rules and regulations of any applicable court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to obligations regarding the collection, use, transfer, import, export, storage, protection, disposal and disposal, disclosure or other processing by the Company or and its subsidiaries of Personal Data (collectively, the “Data Security Obligations”); (B) neither the Company nor any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations” and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware regarding, or are aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance by the Company or any of its subsidiaries with any Data Security ObligationObligation or has any knowledge of any event or conditions that would reasonably be expected to result in any such non-compliance; and (iiiC) of there is no pending, or to the knowledge of the Company, threatened, action, suit or proceeding by or before any applicable court or governmental agency, authority or body pending or threatened alleging non-compliance by the Company or any of its subsidiaries with any Data Security Obligation. The ; (D) neither the Company and each nor any of its subsidiaries have taken all technical and organizational measures necessary has conducted or paid for, in whole or in part, any investigation, remediation, or other corrective action pursuant to protect the information technology systems and any Data used in connection Security Obligation; (E) to ensure compliance with the operation of the Company’s and its subsidiaries’ businesses. Without limiting the foregoingData Security Obligations, the Company and its subsidiaries have used reasonable efforts taken steps reasonably necessary in accordance with industry standard practices (including, without limitation, implementing and monitoring compliance with adequate measures with respect to establish technical and maintain, physical security) designed to ensure compliance in all material respects with their policies and have established, maintained, implemented procedures relating to data privacy and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distributionthe collection, use, transfer, import, export, storage, protection, disposal, disclosure or other processing of Personal Data that is subject to the Data Security Obligations (the “Policies”) to protect such Personal Data against loss and unauthorized access, disablementuse, misappropriation or modification, disclosure or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s misuse; and its subsidiaries’ businesses (“Breach”). There has been no such Breach, and F) the Company and its subsidiaries have not been notified made all disclosures of their then-current Policies to users or customers required by applicable laws and have no regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any event applicable laws and regulatory rules or condition that would reasonably be expected to result in, any such Breachrequirements.
Appears in 2 contracts
Samples: Underwriting Agreement (Applied Genetic Technologies Corp), Underwriting Agreement (Applied Genetic Technologies Corp)
Data Security Obligations. (iA) The Company and each of its subsidiaries have complied complied, and are presently presently, and since the Company’s and its subsidiaries inception have been, in compliance in all material respects, with all applicable internal and external privacy policies, contractual obligations, industry standards, applicable lawsstate, federal and international data privacy and security laws and regulations, including without limitation, the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, the European Union General Data Protection Regulation (EU 2016/679), the California Consumer Privacy Act, and other statutes, judgments, orders, rules and regulations of any applicable court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to obligations regarding the collection, use, transfer, import, export, storage, protection, disposal and disposal, disclosure or other processing by the Company or and its subsidiaries of Personal Data (collectively, the “Data Security Obligations”); (B) neither the Company nor any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations” and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware regarding, or are aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance by the Company or any of its subsidiaries with any Data Security ObligationObligation or has any knowledge of any event or conditions that would reasonably be expected to result in any such non-compliance; and (iiiC) of there is no pending, or to the knowledge of the Company, threatened, action, suit or proceeding by or before any applicable court or governmental agency, authority or body pending or threatened alleging non-compliance by the Company or any of its subsidiaries with any Data Security Obligation. The ; (D) neither the Company and each nor any of its subsidiaries have taken all technical and organizational measures necessary has conducted or paid for, in whole or in part, any investigation, remediation, or other corrective action pursuant to protect the information technology systems and any Data used in connection Security Obligation; (E) to ensure compliance with the operation of the Company’s and its subsidiaries’ businesses. Without limiting the foregoingData Security Obligations, the Company and its subsidiaries have used reasonable efforts at all times taken steps reasonably necessary in accordance with industry standard practices (including, without limitation, implementing and monitoring compliance with adequate measures with respect to establish technical and maintain, physical security) designed to ensure compliance in all material respects with their policies and have established, maintained, implemented procedures relating to data privacy and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distributionthe collection, use, transfer, import, export, storage, protection, disposal, disclosure or other processing of Personal Data that is subject to the Data Security Obligations (the “Policies”) to protect such Personal Data against loss and unauthorized access, disablementuse, misappropriation or modification, disclosure or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s misuse; and its subsidiaries’ businesses (“Breach”). There has been no such Breach, and F) the Company and its subsidiaries have not been notified made all disclosures of their then-current Policies to users or customers required by applicable laws and have no regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any event applicable laws and regulatory rules or condition that would reasonably be expected to result in, any such Breachrequirements.
Appears in 1 contract
Samples: Underwriting Agreement (Applied Genetic Technologies Corp)