Privacy and Data Protection The Company and its subsidiaries have operated their business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company and its subsidiaries have been and are in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business; the Company and its subsidiaries have been and are in compliance in all material respects with internal policies and procedures designed to ensure compliance with the Health Care Laws that govern privacy and data security and take, and have taken reasonably appropriate steps designed to assure compliance in all material respects with such policies and procedures. The Company and its subsidiaries have taken reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company, its subsidiaries and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company and its subsidiaries (the “Company IT Assets”) are adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company and its subsidiaries as now operated and as currently proposed to be conducted as described in the Registration Statement, the General Disclosure Package and the Prospectus. The Company and its subsidiaries have used reasonable efforts to establish, and have established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company and its subsidiaries. The Company and its subsidiaries have not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents would not, individually or in the aggregate, be material to the Company or any of its subsidiaries; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party. The Company and its subsidiaries have not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.
Data Protection The Administrator shall implement and maintain a comprehensive written information security program that contains appropriate security measures to safeguard the personal information of the Trust’s shareholders, employees, directors and/or officers that the Administrator receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver’s license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.
Cybersecurity and Data Protection The Company and its Subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate in all material respects for, and operate and perform as required in connection with, the operation of the business of the Company and its Subsidiaries as currently conducted and, to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect. The Company and its Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with the business of the Company and its Subsidiaries as currently conducted, and, to the knowledge of the Company, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except for such failures as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect. The Company and its Subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification, except for such failures as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Effect.
Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and members of its Group may presently have and, following the Effective Time, may gain access to or possession of confidential or proprietary information of, or personal information relating to, Third Parties (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or members of such Party’s Group, on the other hand, prior to the Effective Time; or (ii) that, as between the two Parties, was originally collected by the other Party or members of such Party’s Group and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause the members of its Group and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary information of, or personal information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or members of the other Party’s Group, on the one hand, and such Third Parties, on the other hand.
Cyber Security; Data Protection The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Compliance with Data Privacy Laws The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Whistleblower Protections and Trade Secrets Notwithstanding anything to the contrary contained herein, nothing in this Agreement prohibits Executive from reporting possible violations of federal law or regulation to any United States governmental agency or entity in accordance with the provisions of and rules promulgated under Section 21F of the Securities Exchange Act of 1934 or Section 806 of the Xxxxxxxx-Xxxxx Act of 2002, or any other whistleblower protection provisions of state or federal law or regulation (including the right to receive an award for information provided to any such government agencies). Furthermore, in accordance with 18 U.S.C. § 1833, notwithstanding anything to the contrary in this Agreement: (i) Executive shall not be in breach of this Agreement, and shall not be held criminally or civilly liable under any federal or state trade secret law (x) for the disclosure of a trade secret that is made in confidence to a federal, state, or local government official or to an attorney solely for the purpose of reporting or investigating a suspected violation of law, or (y) for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal; and (ii) if Executive files a lawsuit for retaliation by the Company for reporting a suspected violation of law, Executive may disclose the trade secret to Executive’s attorney, and may use the trade secret information in the court proceeding, if Executive files any document containing the trade secret under seal, and does not disclose the trade secret, except pursuant to court order.
Environment, Health, and Safety (i) The Seller, and its predecessors and Affiliates has complied with all Environmental, Health, and Safety Laws, and no action, suit, proceeding, hearing, investigation, charge, complaint, claim, demand, or notice has been filed or commenced against any of them alleging any failure so to comply. Without limiting the generality of the preceding sentence, each of the Seller, and its predecessors and Affiliates has obtained and been in compliance with all of the terms and conditions of all permits, licenses, and other authorizations which are required under, and has complied with all other limitations, restrictions, conditions, standards, prohibitions, requirements, obligations, schedules, and timetables which are contained in, all Environmental, Health, and Safety Laws.
Privacy Act To protect Customer Information (as defined below) and to comply as may be necessary with the requirements of the Xxxxx-Xxxxx-Xxxxxx Act, the relevant state and federal regulations pursuant thereto and state privacy laws, the parties wish to include the confidentiality and non-disclosure obligations set forth herein.
