Information Technology; Data Security Sample Clauses
The Information Technology; Data Security clause establishes requirements and standards for protecting digital information and managing technology systems within an organization or contractual relationship. It typically outlines the measures parties must take to safeguard sensitive data, such as implementing encryption, access controls, and regular security assessments, and may specify protocols for responding to data breaches or unauthorized access. The core function of this clause is to mitigate the risk of data loss or cyberattacks, ensuring that confidential information remains secure and that both parties understand their responsibilities regarding data protection.
Information Technology; Data Security. (a) Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect: (i) the Company and each of its Subsidiaries have taken technical and organizational measures necessary to protect the Information Technology Systems and Data contained therein or transmitted thereby in connection with the operation of the Company’s and its Subsidiaries’ businesses; (ii) without limiting the foregoing, the Company and its Subsidiaries have used commercially reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with commercially reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity, disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, processing, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any Information Technology Systems or Data in the possession or control of the Company’s and its Subsidiaries’ businesses (“Breach”); and (iii) to the Knowledge of the Company, there has been no Breach, and the Company and the Subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any Breach.
(b) Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, (i) the Company and each of its Subsidiaries have complied, and are presently in compliance with, internal and external privacy policies, contractual obligations, binding industry standards, applicable Laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to data privacy, data security, or Breach notification requirements or the collection, use, processing, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its Subsidiaries of personal, personally identifiable data or equivalent term (“Data Security Obligations”, and such data, “Data”); and (ii) the Company has not received any written notification of or complaint regarding material non-compliance with any Data Security Obligations; and (iii) there is cur...
Information Technology; Data Security. (a) Except as would not reasonably be expected to be material to the Transferred Entities and the Business, taken as a whole, the IT Assets operate and perform substantially as needed by the Transferred Entities to adequately conduct the Business in substantially the same manner in all material respects as conducted as of the date of this Agreement.
(b) Except as would not reasonably be expected to be material to the Transferred Entities and the Business, taken as a whole, since the date that is one (1) year prior to the date hereof, the Business has not suffered a security incident with respect to any Personal Data processed or controlled by the Transferred Entities that required notice to be sent to affected individuals under applicable Data Protection Laws and which has resulted in, or could reasonably be expected to result in, any material Liability of the Transferred Entities or the Business. Seller and its Subsidiaries maintain and, since the date that is two (2) year prior to the date hereof, have maintained commercially reasonable physical, technical, and organizational security measures and policies designed to protect all Personal Data owned, stored, used, maintained or controlled by or on behalf of the Business from and against unlawful or unauthorized access, destruction, loss, use, modification and/or disclosure.
(c) Notwithstanding any other provisions in this Agreement, Purchaser acknowledges and agrees that the representations and warranties contained in this Section 4.16 and Section 4.17 are the sole and exclusive representations and warranties given by Seller with respect to cyber and data security, and no other provisions of this Agreement or any Ancillary Agreement shall be interpreted as containing any representation or warranty with respect thereto.
Information Technology; Data Security. (a) Except as would no reasonably be expected to be material to the Business, taken as a whole, (i) all IT Assets (x) are configured in accordance with, and perform in compliance with generally accepted industry security standards, and (y) are maintained by reasonably competent personnel, in accordance with standards set by the manufacturers or otherwise in accordance with generally accepted standards prudent in the industry, for proper operation, monitoring and use, (ii) all IT Assets are in good working condition to effectively perform all information technology operations necessary to conduct the Business and (iii) the Transferred Entities have not experienced, within the past three (3) years, any disruption to, or interruption in, the conduct of the Business attributable to a defect, bug, breakdown or other failure or deficiency of the IT Assets that has not been remediated in all material respects. Each Transferred Entity has taken commercially reasonable measures to provide for the back-up and recovery of the data and information necessary to the conduct of the Business (including such data and information that is stored on magnetic or optical media in the ordinary course) without material disruption to, or material interruption in, the conduct of the Business. No Transferred Entity is in breach of any Business Material Contract in any material respect relating to any IT Assets and, to the Knowledge of Seller, no Transferred Entity is aware of any event that, with the passage of time or the giving of notice, or both, would constitute a material breach of any Business Material Contract relating to any IT Assets.
(b) Each Transferred Entity takes commercially reasonable efforts designed to protect the confidentiality, integrity and security of its Personal Data, Business Technology, and the IT Assets against any unauthorized use, access, interruption, modification or corruption. Each Transferred Entity has implemented and maintained an information security program with respect to the Business that (i) complies and has at all times in the past three (3) years complied in all material respects with all applicable Data Protection Laws; (ii) identifies internal and external risks to the security of any proprietary or confidential information in its possession, including Personal Data; (iii) monitors and is designed to protect Personal Data, Business Technology and all IT Assets against any unauthorized use, access, interruption, modification or corruption;...
Information Technology; Data Security. (a) The Company Systems are sufficient in all material respects for the immediate and currently-anticipated needs of the Transferred Entities and the Business. In the last three (3) years, there have been no failures, breakdowns or continued substandard performance of any Company Systems which have caused the substantial disruption or interruption in or to the use of the Company Systems or the operation of the Business. The Transferred Entities take commercially reasonable steps designed to (i) safeguard the confidentiality, integrity and security of the Company Systems and the Data stored therein and (ii) ensure that all Company Systems are (A) fully functional and operate and run in a reasonable and efficient business manner in all material respects, and (B) free from any Malicious Code or material bugs. The Transferred Entities have implemented, maintained and tested adequate and commercially reasonable disaster recovery procedures and facilities for the Business and all data material to the Business has been regularly backed-up in an encrypted manner and tested for restoration. The Transferred Entities have used commercially reasonable efforts to implement security patches and upgrades that are generally available for the Company Systems.
(b) The Transferred Entities, in the last three (3) years have conducted commercially reasonable testing or audits regarding data privacy, data security, and administrative, physical, and technical safeguards, including with respect to Company Systems, at reasonable and appropriate intervals and has resolved or remediated in all material respects any issues or vulnerabilities identified. Sensitive Information is Processed by and on behalf of the Transferred Entities in an encrypted manner. The Transferred Entities utilize multi-factor authentication for all methods of remote access to Company Systems, email access, and active directory access, and all remote access software and personal computers and workstations included in the Company Systems have up to date patches for all software thereon and utilize anti-virus and full disk encryption. Each of the Transferred Entities has deployed encryption for storage and transmission of Sensitive Information with respect to all Company Systems, which encryption is consistent with the standards deployed in the industry by companies of comparable size in the same industries and geographies in which the Transferred Entities operate.
(c) The Transferred Entities have established a...