Data Security; Privacy. The Company and each Company Subsidiary: (i) have complied and are presently in compliance in all material respects with all internal and external written privacy policies, contractual obligations, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other applicable legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal, disclosure or other processing by or on behalf of the Company or any Company Subsidiary of personal data, personal information, personally identifiable information, and any similar term as defined by applicable law (“Data Security Obligations”, and such data and information, “Personal Data”); (ii) maintain and have maintained commercially reasonable policies and procedures designed to ensure the Company’s, and the Company Subsidiaries’ compliance with the Data Security Obligations except to the extent it would not be reasonably expected to have a Material Adverse Effect, (iii) have not received any notification of or complaint regarding, and are unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation. There is no action, suit, investigation or proceeding by or before any court or Governmental Entity or authority pending or threatened in writing against the Company or any Company Subsidiary alleging non-compliance with any Data Security Obligation.
Data Security; Privacy. Except as would not, individually or in the aggregate, have a Material Adverse Effect: (i) the Company and the Company Subsidiaries have complied and are presently in compliance with all internal and external written privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other applicable legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any Company Subsidiary of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations,” and such data, “Personal Data”); (ii) the Company and the Company Subsidiaries maintain and have maintained commercially reasonable policies and procedures designed to ensure the Company’s, and the Company Subsidiaries’, compliance with the Data Security Obligations; (iii) neither the Company nor any Company Subsidiary has received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iv) there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending, or, to the Company’s knowledge, threatened in writing against the Company or any Company Subsidiary alleging non-compliance with any Data Security Obligation.
Data Security; Privacy. Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, (i) to the Knowledge of the Company and its Subsidiaries, since July 3, 2021, there has been no security breach or incident, unauthorized access or disclosure, or other compromise of the Company’s and its Subsidiaries’ information technology and computer systems, networks, equipment, hardware, software, data and databases, including all personally identifiable information and sensitive and confidential data maintained, processed or stored by the Company and its Subsidiaries (collectively, “IT Systems and Data”), and any such personally identifiable information and sensitive and confidential data of the Company and its Subsidiaries that is processed or stored by third parties on behalf of the Company and its Subsidiaries, except for those that have been remedied; (ii) the Company and its Subsidiaries have implemented and maintain controls, policies, procedures, and technological safeguards designed to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards, or as required by applicable laws or statutes; and (iii) the Company and its Subsidiaries are presently in compliance with, and since July 3, 2021 have complied with, all applicable laws or statutes relating to privacy and security of IT Systems and Data.
Data Security; Privacy. The software, systems, networks, databases and other information technology assets (“IT Assets”) used by the Company are adequate for the operation of their businesses as currently conducted and are, to the knowledge of the Company, free of defects, malware, viruses or other corruptants. The Company takes, and has taken, commercially reasonable actions (including implementing organizational, physical, administrative and technical measures) to protect and maintain the integrity, security, operation and redundancy of the IT Assets used by or on behalf of the Company, whether proprietary or those of third parties (including all data, including personal and confidential data, stored thereon and processed thereby), and there have been no violations, outages, breaches, interruptions, or unauthorized accesses to same, other than those that would not reasonably be expected to have a Material Adverse Effect. Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect: (i) the Company has complied and is in compliance with all internal and external privacy policies, contractual obligations, industry standards, applicable laws, statutes, judgments, Orders, rules and regulations of any Governmental Entity and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”); (ii) the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Security Obligation; and (iii) there is no action, suit or proceeding by or before any Governmental Entity pending or threatened against the Company alleging non-compliance with any Data Security Obligation.
Data Security; Privacy. (a) Except as described in Section 3.21(a) of the Company Disclosure Schedule, in connection with the Company’s collection, use, disclosure, storage and other Processing of all Personal Information (and that of any third party engaged by the Company, including any subservicer), the Company is, and to the Knowledge of the Company, any third party to the extent acting at the discretion or on the behalf of the Company, and since the Look-Back Date has been, in compliance with (i) all Privacy Laws applicable to the Company, (ii) any applicable privacy and security policies of the Company concerning the collection, dissemination, storage or use of Personal Information or other Company Proprietary Information, including any privacy disclosures posted to websites or other media maintained or published by the Company and, as applicable, the privacy policies of any one or more third parties with which the Company is required to comply, (iii) all contractual commitments that the Company has entered into or is otherwise bound with respect to privacy and/or data security, and (iv) applicable industry standards (e.g., PCI DSS) (collectively, the “Data Privacy and Security Requirements”).
(b) The Company (i) solely owns and possesses all right, title and interest in and to the Business Data, free and clear of any restrictions other than those imposed by applicable Privacy Laws, or (ii) has the right to use, exploit, publish, reproduce, distribute, license, sell, and create derivative works of such Business Data, in whole or in part, in the manner in which the Company receives and uses such Business Data. The Data Privacy and Security Requirements will not prohibit New PubCo or Suntuity from Processing Personal Information or Business Data after the Closing Date, in the same manner in which the Company Processes such Personal Information and other Business Data prior to the Closing Date or cause New PubCo or Suntuity to incur liability in connection with the receipt or Processing of such Personal Information or Business Data. The Company maintains commercially reasonable security measures to protect all Personal Information under its control from unauthorized access, use, disclosure, modification, deletion or other Processing. The Company has not suffered any breach that has resulted in any unauthorized access to, use of, disclosure of or other loss of any Personal Information. Except as described in Section 3.21(b) of the Company Disclosure Schedule, since the Look-Back...
Data Security; Privacy. (a) Except as has not had and would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect: (i) Company and each of its Subsidiaries are in compliance, and have since January 1, 2023 complied, with all applicable Data Privacy Laws; (ii) neither Company nor any of its Subsidiaries has, since January 1, 2023, received any written notice from any applicable Governmental Authority alleging any violation of applicable Data Privacy Laws by Company, any of its Subsidiaries or, to the knowledge of Company, any third-party service providers, outsourcers, processors or other third parties who process, store or otherwise handle Personal Data for or on behalf of Company or any of its Subsidiaries (“Company Data Processors”), nor has Company or any of its Subsidiaries been threatened in writing to be charged with any such violation by any Governmental Authority; (iii) Company and each of its Subsidiaries have, since January 1, 2023, taken commercially reasonable steps (including, as appropriate, implementing reasonable technical, physical or administrative safeguards) designed to protect Personal Data in their possession or under their control against loss and unauthorized access, use, modification or disclosure, and, to the knowledge of Company, since January 1, 2023, there has been no incident of the same, or of the same with respect to any Personal Data maintained or otherwise processed for or on behalf of Company or its Subsidiaries; (iv) Company and each of its Subsidiaries have, since January 1, 2023, taken commercially reasonable steps with respect to Company Data Processors to obligate such persons to comply in all material respects with applicable Data Privacy Laws and to take reasonable steps to protect and secure Personal Data from loss or unauthorized use, access, modification or disclosure; and (v) the execution, delivery and performance of this Agreement complies with all applicable Data Privacy Laws and Company’s and each of its Subsidiaries’ applicable published policies, statements, and notices relating to privacy, data protection or information security regarding Personal Data.
(b) Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, (i) to the Knowledge of the Company and its Subsidiaries, since January 1, 2023, there has been no security breach or incident, unauthorized access or disclosure, or other compromise of the Company’s and its Subsidiaries’ ...
Data Security; Privacy. NECS shall maintain a data security program that includes physical, technical, and managerial procedures that are up-to-date and generally accepted in the industry to prevent unauthorized use or disclosure of Customer Property and other Confidential Information of Customer. NECS will have the right to suspend Customer’s access to the Services on an emergency basis: (a) in the event that NECS detects any actual or apparent theft, unauthorized access or use of the Services, or other malicious activity by Customer or any third party; and/or (b) to maintain data integrity within the Services. The parties shall each comply with all applicable privacy laws and regulations relating to the protection of personal or personally identifiable information of all third parties. Customer hereby consents to NECS’s use of Customer’s personally identifiable information: (i) for the purpose of providing the Services to Customer; (ii) as provided in Section 3.3; and (iii) in the manner described in the NECS privacy policy governing the Application Service.
Data Security; Privacy. The software, systems, networks, databases and other information technology assets (“IT Assets”) used by the Company and its Subsidiaries are adequate for the operation of their businesses as currently conducted and are free of defects, malware, viruses or other corruptants. The Company and its Subsidiaries take, and have taken, commercially reasonable actions (including implementing organizational, physical, administrative and technical measures) to protect and maintain the integrity, security, operation and redundancy of the IT Assets used by or on behalf of the Company and its Subsidiaries, whether proprietary or those of third parties (including all data, including personal and confidential data, stored thereon and processed thereby), and there have been no violations, outages, breaches, interruptions, or unauthorized accesses to same, other than those that would not reasonably be expected to have a Material Adverse Effect.
Data Security; Privacy. The software, systems, networks, databases, websites, applications and other information technology assets (“IT Assets”) used by or on behalf of the Company, the Target and their respective Subsidiaries are adequate for the operation of their businesses as currently conducted and are free of material defects, malware, viruses or other corruptants. The Company, the Target and their respective Subsidiaries take, and have taken, reasonable actions (including implementing organizational, physical, administrative and technical measures) to protect and maintain the integrity, security, operation and redundancy of the IT Assets used by or on behalf of the Company, the Target and their respective Subsidiaries (including all data, including Personal Information and confidential data, stored thereon and processed thereby), and there have been no material violations, outages, breaches, interruptions, or unauthorized accesses to same, except as would not, individually or in the aggregate, would not reasonably be expected to have a Material Adverse Effect.
Data Security; Privacy. (a) Except as individually or in the aggregate would not reasonably be expected to have a Material Adverse Effect, (i) no Loan Party or any of its Subsidiaries has lost or had stolen any cardholder account information, information related to cardholder accounts (including social security numbers) or merchant information and (ii) each Loan Party and each of its Subsidiaries has complied with all applicable laws, requirements of Governmental Authorities and the requirements of all PCI Compliance Programs related to data security, and the protection, use, storage, handling and processing of personal information, including credit card information.
(b) Except as individually or in the aggregate would not reasonably be expected to have a Material Adverse Effect, (i) each applicable Loan Party and each of its Subsidiaries has complied with all Requirements of Law related to data security, and the protection, use, storage, handling and processing of Personal Information, (ii) each applicable Loan Party and each of its Subsidiaries has implemented and is in compliance with technical and organizational measures to assure the integrity and security of (x) transactions executed through its gateway, platform and computer systems and (y) all confidential or proprietary data, including Personal Information, possessed or retained by or on behalf of any Loan Party or any of its Subsidiaries, (iii) there has been no actual or alleged breach of security or unauthorized access to or acquisition, use, loss, destruction, compromise or disclosure of any Personal Information, confidential or proprietary data or any other such information maintained or stored by, or on behalf of, any Loan Party or any of its Subsidiaries involving data of merchants, suppliers, customers, clients, cardholders or other Persons and (iv) there have been no facts or circumstances that would require any Loan Party or any of its Subsidiaries to give notice to any merchants, suppliers, customers, clients, cardholders or other Persons of any actual or perceived data security breaches pursuant to the requirements of all PCI Compliance Programs or applicable Requirements of Law requiring notice of such a breach.
(c) Except as individually or in the aggregate would not reasonably be expected to have a Material Adverse Effect, (i) the Borrower and its Subsidiaries are in compliance with all Requirements of Law, contractual obligations, and internal and published corporate policies and procedures governing the ...
