Common use of Intellectual Property; Data Privacy Clause in Contracts

Intellectual Property; Data Privacy. (a) The Company and each of the other Group Companies own and possess, all right, title, and interest in and to, free and clear of all Liens, except for Permitted Liens, or have a valid and enforceable license to use, all Intellectual Property used in, held for use, or necessary to carry on the business now operated by them in each country in which they operate. Neither the Company nor any of the other Group Companies has received any notice of, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s Knowledge, no Person is infringing, misappropriating, or violating any material Intellectual Property owned by a Group Company. (b) Each Group Company (i) takes commercially reasonable measures to protect the confidentiality of material Intellectual Property owned by each Group Company, and (ii) owns all right, title and interest in and to material Intellectual Property developed or created by employees, contractors and consultants for, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereof. (c) Each Group Company uses commercially reasonable efforts to protect the confidentiality, integrity and security of the Company IT Systems and to prevent any unauthorized use, access, interruption, or modification of the Company IT Systems. The Company IT Systems are, in all material respects, sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, or other adverse events affecting any Company IT Systems, which, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to any of the foregoing or any material non-compliance with any Data Security Requirements.

Intellectual Property; Data Privacy. (a) The Section 4.20 of the Company Disclosure Schedule sets forth a complete and accurate list of all (i) patents and patent applications, (ii) trademark registrations, service mark registrations and applications for the foregoing, (iii) copyright registrations and applications and (iv) domain name registrations and social media identifiers, in each case, which are owned or purported by the Company to be owned by the Company or a Subsidiary of the Company as of the date hereof (collectively, the “Registered Intellectual Property” and, together with all Intellectual Property owned or purported by the Company to be owned by the Company or its Subsidiaries, the “Owned Intellectual Property”). Except as would not, individually or in the aggregate, reasonably be likely to be material to the Company and each its Subsidiaries, taken as a whole, the Company or a Subsidiary of the other Group Companies own and possess, all right, title, and interest in and to, free and clear of all Liens, except for Permitted LiensCompany owns, or have has a valid valid, subsisting and enforceable license or other right to use, all Intellectual Property that is used in, or held for useuse in the conduct of the businesses of the Company or any of its Subsidiaries as presently conducted, provided that the foregoing shall not be deemed to be a representation or necessary warranty with respect to carry on the business now operated by them infringement, misappropriation or other violation of the Intellectual Property rights any other Person. (b) To the Knowledge of the Company, the conduct of the businesses of the Company and each of its Subsidiaries as currently conducted does not infringe, misappropriate or otherwise violate, and the conduct of the businesses of the Company and each of its Subsidiaries during the since December 31, 2021 has not infringed, misappropriated or otherwise violated, any Intellectual Property rights of any Person. As of the date hereof, there is no Action pending or, to the Knowledge of the Company, threatened in each country writing that the Company or any of its Subsidiaries is infringing, misappropriating or otherwise violating the Intellectual Property rights of any Person. To the Knowledge of the Company, no Person is infringing any Owned Intellectual Property. No Registered Intellectual Property is the subject of any opposition, cancellation, inter partes review or similar Action in which they operateany jurisdiction. Neither the Company nor any of the other Group Companies has received its Subsidiaries is subject to any notice of, nor is there or has there been, any infringement, misappropriation injunction or other violation specific judicial, administrative or other administrative order that restricts or impairs its use or distribution of or conflict in any jurisdiction with rights of others with respect to any Owned Intellectual Property. No Person has alleged, nor, in an Action to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of its Subsidiaries is a party or, to the other Group Companies thereinKnowledge of the Company, and which infringementotherwise, misappropriationthat any Owned Intellectual Property is not owned by the Company or its Subsidiaries, violation or conflict (if is subject to the subject rights of any unfavorable decision, ruling third party or findingthat any Owned Intellectual Property is invalid or unenforceable. (c) or invalidity or inadequacyExcept as would not, individually or in the aggregate, would reasonably be expected likely to have be material to the Company and its Subsidiaries, taken as a Material Adverse Effect. To whole, the Company’s Knowledge, no Person is infringing, misappropriating, Company or violating any material Intellectual Property owned by a Group Company. (b) Each Group Company (i) takes commercially reasonable measures to protect the confidentiality one of material Intellectual Property owned by each Group Company, and (ii) its Subsidiaries exclusively owns all right, title and interest in and to material the Owned Intellectual Property developed or created by employeesfree and clear of all Liens (other than Permitted Liens), contractors and consultants forsuch rights are subsisting, or on behalf ofvalid and, such Group to the Knowledge of the Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereofenforceable. (cd) Each Group Company uses commercially reasonable efforts to protect The consummation of the confidentiality, integrity and security transactions contemplated by this Agreement will not alter or impair any rights of the Company IT Systems and or any of its Subsidiaries to prevent any unauthorized useOwned Intellectual Property or, access, interruption, or modification of the Company IT Systems. The Company IT Systems are, in all material respects, sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, or other adverse events affecting any Company IT Systems, whichexcept as would not, individually or in the aggregate, would reasonably be expected likely to be material to the Company and its Subsidiaries, taken as a whole, any other Intellectual Property that it uses in the conduct of its business. (e) Each current and former director, officer, employee, consultant or contractor of the Company or any of its Subsidiaries that has made a material contribution to the creation, invention, modification, or improvement of any Owned Intellectual Property for or on behalf of the Company or any of its Subsidiaries, in whole or in part, has signed a valid and enforceable written Contract pursuant to which all of their Intellectual Property and other rights in and to such contributions have been irrevocably assigned to the Company or one of its Subsidiaries, except to the extent such assignment occurred by operation of law, and, to the Knowledge of the Company, no such director, officer, employee, consultant or contractor is in material violation thereof. (f) None of the Company’s material computer software (the “Proprietary Software”) is licensed or made available by the Company or any of its Subsidiaries in any manner that, pursuant to the terms of any applicable “open source” or “free software” license, would require the Company to (i) disclose the source of any source code for any portion of such Proprietary Software; (ii) condition the use or distribution of such Proprietary Software on the granting to any Person of the right to make derivative works or other modifications to such Proprietary Software or portions thereof or any rights or immunities under any Owned Intellectual Property; (iii) conditions the use or distribution of such Proprietary Software on such Proprietary Software being made subject to the terms and conditions of any open source software license; or (iv) otherwise imposes an obligation on the Company or any of its Subsidiaries to distribute or otherwise make available any such Proprietary Software on a royalty-free basis. The Company and each of its Subsidiaries is and has been in material compliance with the terms and conditions of all licenses for such open source software. Neither the Company nor any of its Subsidiaries has received any written notice or request from any Person to disclose, distribute or license the Proprietary Software pursuant to an open source software license, or alleging noncompliance with any open source software license. (g) The Company and each of its Subsidiaries comply with, and have at all times since December 31, 2021 complied with, all Data Protection Requirements, except for violations that would not, individually or in the aggregate, reasonably be likely to have a Company Material Adverse Effect. (dh) Each Group The Company complies withand each of its Subsidiaries have established and maintain, and has at all times complied withhave since December 31, all 2021 maintained, commercially reasonable physical, technical, and administrative security measures and policies, compliant with Data Security Protection Requirements in all material respects. In , reasonably designed and implemented to protect the past three security, confidentiality, integrity, and availability of (3i) yearsinformation technology networks and systems, no Group including the software owned or controlled by the Company or such Subsidiary and used in the course of the operations of their respective businesses (the “IT Systems”), and (ii) Personal Information collected, used, processed or held for use by or on behalf of the Company or such Subsidiary in the course of the operations of their respective businesses. (i) Since December 31, 2021, neither the Company nor any of its Subsidiaries has experienced any material unauthorized disclosure, destruction, modification, or use of, or access to, any Personal Information or any security incident or breach of securitysecurity of the IT Systems that would in each instance require notification to any Person pursuant to any Data Protection Requirement, phishing incidentexcept as would not, ransomware individually or malware attackin the aggregate, reasonably likely to be material to the Company and its Subsidiaries, taken as a whole. (j) Neither the Company nor any of its Subsidiaries has received any subpoenas, demands, or other incident in which confidential or sensitive informationnotices from any Governmental Authority investigating, personally identifiable information, personal datainquiring into, or other protected information otherwise relating to individuals any actual or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject potential violation of any Data Protection Law and, to the Company’s Knowledge, neither the Company nor its Subsidiaries is under investigation by any Governmental Authority for any actual or potential violation of any Data Protection Law except for violations that would not, individually or in the aggregate, reasonably be likely to be material to the Company and its Subsidiaries, taken as a whole. No complaint, claim, enforcement action, proceeding, enforcement action (including or litigation of any fines or other sanctions)kind has been served on, or investigation with respect to initiated against, the Company or its Subsidiaries by any private party or Governmental Authority alleging any violation of the foregoing or any material non-compliance with any Data Security RequirementsProtection Requirement, except for violations that would not, individually or in the aggregate, reasonably be likely to be material to the Company and its Subsidiaries, taken as a whole.

Intellectual Property; Data Privacy. (a) The Company Schedule 3.17 lists all patents, patent applications, trademarks, service marks, trade dress, logos, slogans, internet domain names, copyrights and Software that are used in each Seller’s businesses or in which any Seller claims any ownership rights. Each Seller is the owner of the other Group Companies own and possess, all right, titleor duly licensed to use its Intellectual Property Assets, and interest in and to, free and clear of all Liens, except for Permitted Liens, or have a valid and enforceable license to use, all Intellectual Property Assets exist, have been maintained in good standing and, as applicable, have been properly assigned or licensed to each Seller. No other Person has or, to Seller’s Knowledge, claims the right to use in connection with similar or closely related goods and in the same geographic area, any mark that is identical or confusingly similar to any trademark, service mark, trade dress, logo, slogan, internet domain name or copyright owned or used inby any Seller. No other Person has or, held for useto Seller’s Knowledge, claims ownership rights in any Intellectual Property Asset, except to the extent that such Intellectual Property Asset has been properly licensed to or necessary to carry on the business now operated by them in each country in which they operateSeller. Neither the Company nor any Each Seller’s use of the Intellectual Property Assets does not infringe, misappropriate or otherwise violate any intellectual property of any other Group Companies Person, and, to Seller’s Knowledge, no Person has received claimed any notice of, nor is there or has there been, any such infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effectviolation. To the CompanySeller’s Knowledge, no other Person is infringing, misappropriating, misappropriating or otherwise violating any material Intellectual Property owned by a Group CompanyAsset. Each Seller has used commercially reasonable efforts to secure their trade secrets and other proprietary non-public information. Each Seller has, and after the Closing the Purchaser will have, the legal right to use all copies of all Software currently used in their businesses. The Intellectual Property Assets constitute all of the Intellectual Property and Intellectual Property Licenses necessary for each Seller to conduct their businesses as currently conducted. (b) Each Group Company (i) takes Seller has used commercially reasonable measures efforts to protect safeguard the confidentiality information technology systems utilized in their businesses, including the implementation of material Intellectual Property owned by each Group Companypolicies and procedures to ensure that such systems are free from disabling codes or instructions, time, copy protection device, clock, counter or other limiting design or routing and (ii) owns all right, title and interest in and to material Intellectual Property developed or created by employees, contractors and consultants for, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open sourceback door,” “copylefttime bomb,” “Trojan horse,” “worm,” “drop dead device,” “virus” or similar license in other Software or hardware that permit unauthorized access or the unauthorized disablement or erasure of data or other Software. To Seller’s Knowledge, there have been no successful unauthorized intrusions or breaches of the security of such systems. Within the last twelve (12) months preceding the Closing, there have been no failures, breakdowns, continued substandard performance or other adverse events affecting any manner of each Seller’s information technology systems that (A) requires any disclosure, distribution has materially disrupted the use of such information technology systems or licensing the conduct of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Companyeach Seller’s exploitation thereofbusinesses. (c) Each Group Company uses commercially reasonable efforts to protect the confidentialitySeller is operating and, integrity since January 1, 2019, has operated in material compliance with all Information Privacy and security of the Company IT Systems and to prevent any unauthorized useSecurity Laws. To Seller’s Knowledge, access, interruption, or modification of the Company IT Systems. The Company IT Systems are, each Seller has experienced no incidences in all material respects, sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, which Personal Information or other adverse events affecting any Company IT Systems, which, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons data was or may have been stolen or improperly accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company Seller has received any notices basis to believe that any such theft or complaints from improper access has occurred. Each Seller maintains data security measures that are consistent with applicable industry practices and standards and any Person applicable requirements under Contracts to which any Seller is party or been the subject of by which they are bound. Each Seller engages independent external auditors to review periodically such Seller’s security practices against various applicable standards (e.g., SSAE 16, ISO 27001, Payment Card Industry (PCI) standards), and each Seller has remediated any material claim, proceeding, enforcement action deficiencies noted during such testing. Each Seller utilizes enhanced controls (including any fines or other sanctions)encryption at rest and during transmission) for “special” categories of Personal Information, or investigation with respect based on the confidential nature of such information and the regulatory requirements to any of the foregoing or any material non-compliance with any Data Security Requirementsprotect such information.

Intellectual Property; Data Privacy. (a) The Company and each Section 3.12(a) of the other Group Companies own and possessDisclosure Schedule contains a list of all issued patents, all right, titlepatent applications, and interest registrations and applications for registration of other Intellectual Property Rights, in each case that are included in the Business Intellectual Property Rights (the “Registered Business Intellectual Property Rights”), including, as applicable, the respective registration and application numbers, the record owner (and if different, beneficial owner), the registration and application date, the jurisdiction in which such item is registered or applied for, and for Internet domain-name registrations, the expiry date and registrar. Other than software provided under the Transition Services Agreement, if any, no software owned by Seller or any of the Retained Subsidiaries is used in and tomaterial to the Business. (b) Seller or one of its Subsidiaries is the exclusive owner of all material Business Intellectual Property Rights, free and clear of all Liens, except for any Liens (other than Permitted Liens). All Registered Business Intellectual Property Rights are subsisting, and to the knowledge of Seller, valid and enforceable. (c) Except as set forth on Section 3.12(c) of the Disclosure Schedule, (i) no Actions are pending or since January 1, 2021 have been brought or threatened in writing against Seller or any of its Subsidiaries that challenge the ownership, registration, scope, validity, or have a valid and enforceable license to use, all Intellectual Property used in, held for use, or necessary to carry on the business now operated by them in each country in which they operate. Neither the Company nor enforceability of any of the other Group Companies has received any notice ofmaterial Business Intellectual Property Rights, nor is there or that allege that the conduct of the Business infringes, misappropriates, dilutes or otherwise violates or has there beeninfringed, misappropriated, diluted or otherwise violated the Intellectual Property Rights of any infringementthird party, misappropriation (ii) the conduct of the Business as it is conducted as of the date of this Agreement does not infringe, misappropriate, dilute or other violation of or conflict otherwise violate in any jurisdiction with rights of others with material respect, and since January 1, 2021 has not infringed, misappropriated diluted or otherwise violated in any material respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid Rights of any third party, (iii) no Actions are pending or inadequate to protect the interests of the Company in since January 1, 2021 have been brought or threatened in writing by Seller or any of the other Group Companies thereinits Subsidiaries that allege that any third party has infringed, misappropriated, diluted or otherwise violated any Business Intellectual Property Rights in any material respect, and which infringement, misappropriation, violation or conflict (if iv) to the subject knowledge of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s KnowledgeSeller, no Person third party is infringing, misappropriating, diluting or otherwise violating any Business Intellectual Property Right in any material respect. (d) Seller and its Subsidiaries have taken reasonable measures consistent with industry standards to enforce, protect and maintain the material Business Intellectual Property Rights, including implementing and enforcing a reasonable quality control program designed to ensure their and their licensees’ use of Trademarks contained in the Business Intellectual Property Rights are in accordance with the standards and specifications established and employed by Seller and its Subsidiaries in the operation of the Business. All current and former officers, directors, employees, consultants and contractors of Seller and its Subsidiaries who have developed material Intellectual Property Rights that are purported to be owned by a Group Company. (b) Each Group Company (i) takes any Purchased Subsidiary after giving effect to Pre-Closing Transfers have assigned ownership of such Intellectual Property Rights to Seller or its applicable Subsidiary, except where such ownership vests in Seller or its applicable Subsidiary by operation of applicable law, and no current or former officer, director, employee, consultant, or independent contractor of Seller or any of its Subsidiaries owns any material Business Intellectual Property Rights. Seller and its Subsidiaries have taken commercially reasonable measures to protect the confidentiality of all material trade secrets and other material confidential information included in the Business Intellectual Property Rights and all confidential information of third parties used in the Business which they are required to maintain confidential by contract or Applicable Law. No such material trade secrets and other material confidential information has been disclosed by Seller or any of its Subsidiaries to any Person (i) other than to Persons who are subject to a contractual, legal or enforceable ethical obligation to maintain the confidentiality thereof, or (ii) in violation of any contract to which Seller or any of its Subsidiaries are party. (e) The Business Intellectual Property Rights constitute all of the Intellectual Property Rights owned by Seller and its Subsidiaries that are used or held for use in the conduct of the Business (other than the Seller Marks). Except as set forth on Section 3.12(e) of the Disclosure Schedule, the Purchased Assets include all Contracts, if any, to which Seller or one of its Retained Subsidiaries is party pursuant to which Seller or any of its Retained Subsidiaries is granted a license under or right to use third-party Intellectual Property Rights used in the Business (other than with respect to IT Systems to be provided under the Transition Services Agreement). The execution, delivery and performance by Seller of the Transaction Documents to which it is a party and the consummation of the transactions contemplated hereby and thereby do not and will not result in the loss, termination or impairment of, or trigger any requirement to pay additional royalties or other consideration for the continued use by Buyer or any Purchased Subsidiary of, any material Intellectual Property owned by each Group Company, Rights used in the conduct of the Business (other than the Seller Marks and (ii) owns all right, title and interest in and IT Systems to material Intellectual Property developed or created by employees, contractors and consultants for, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities be provided under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereofthe Transition Services Agreement). (cf) Each Group Company uses The IT Systems are sufficient, and operate and perform in all material respects as needed, for the conduct the Business as currently conducted, and are, to the knowledge of Seller, free from any Malicious Code. The IT Systems are in good working condition and have not malfunctioned or failed since January 1, 2021 in any way that has materially impacted the operation of the Business. Seller and its Subsidiaries have implemented and maintain commercially reasonable efforts measures designed to protect the confidentiality, integrity and security of the Company IT Systems and to prevent any against unauthorized use, access, interruption, modification and corruption as well as to protect the integrity, accuracy, authenticity, readability, accessibility, availability, or modification confidentiality of data (including Personal Data) Processed by or on behalf of Seller, and have implemented commercially reasonable data backup, data storage, system redundancy and disaster avoidance and recovery systems and procedures consistent with customary industry practices and Applicable Law. Since January 1, 2021, there has been no Security Incident or other unauthorized access to the IT Systems, or, to the knowledge of the Company IT SystemsSeller, to information technology systems of third parties who store or Process Personal Data for or on behalf of the Business, that has resulted in any unauthorized access, use, disclosure, deletion, modification, corruption or encryption of any material data, Personal Data or information of the Business contained therein or processed thereby. (g) Since January 1, 2021, Seller and its Subsidiaries that Process Personal Data on behalf of the Business and, have in all material respects complied with and comply with (i) all Privacy Laws, (ii) written policies, notices, statements, and procedures of Seller and its Subsidiaries relating to privacy, security or the Processing of Personal Data, (iii) contractual commitments of Seller and its Subsidiaries related to the Processing of Personal Data, and (iv) any consent received by Seller and its Subsidiaries from any Governmental Authority or the subjects of such Personal Data pertaining to the Processing thereof (clauses (i) to (iv) collectively, the “Privacy Requirements”). (h) The Business (i) is not under investigation by any Governmental Authority for any violation of any Privacy Requirements; and (ii) since January 1, 2021, has not received any written notice, correspondence, communications, actions, claim lawsuit, investigation, audit request or report from any person or Governmental Authority related to any Security Incident or alleging any violation of the Privacy Requirements and no proceedings are pending or, to the knowledge of Seller, threatened in writing against the Seller or any of its Business related to any Security Incident or alleging a violation of the Privacy Requirements. To the knowledge of the Seller, there are no facts that could reasonably give rise to clauses (i) or (ii). (i) The Company IT Systems areexecution, delivery and performance of this Agreement and the transactions contemplated under this Agreement will not breach any Privacy Requirement, and will not, to the knowledge of Seller, give rise to any right of termination or other restriction on the right of the Buyer to Process any personal Data as necessary to conduct the Business in the same manner as it is currently conducted in all material respects, sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, or other adverse events affecting any Company IT Systems, which, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. (dj) Each Group Company complies with, The Seller and has at all times complied with, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, its Subsidiaries maintain insurance coverage containing industry standard policy terms and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation limits that are appropriate with respect to the risk of liability relating to any Security Incident, and, except as set forth on Section 3.12(j) of the foregoing or any Disclosure Schedule, no claims have been made under such insurance policy(ies) with respect to Security Incidents that have had a material non-compliance with any Data Security Requirementsadverse impact on the Business, taken as a whole.

Intellectual Property; Data Privacy. (a) The Either the Company and each of the other Group Companies own and possess, all right, title, and interest in and to, free and clear of all Liens, except for Permitted Liensor a Company Subsidiary owns, or have a valid and enforceable license is licensed or otherwise possesses all rights necessary to use, all Intellectual Property used inin their respective businesses as currently conducted (collectively, held for usethe “Company Intellectual Property”). (b) Section 3.13(b)(i) of the Company Disclosure Letter sets forth all Company Registered Intellectual Property. All required filings and fees related to such Company Registered Intellectual Property have been timely filed with and paid to the relevant Governmental Entities and authorized registrars. Section 3.13(b)(ii) of the Company Disclosure Letter sets forth all Intellectual Property owned or purported to be owned by the Company or any Company Subsidiary that is not Company Registered Intellectual Property and which is material to the businesses of the Company and Company Subsidiaries as currently conducted (collectively, together with the Company Registered Intellectual Property, the “Company Owned Intellectual Property”). (c) There are no pending or, to the knowledge of the Company, threatened claims in writing by any Person alleging infringement or necessary misappropriation by the Company or any Company Subsidiary arising from their use of the Company Intellectual Property, and to carry on the business now operated by them in each country in which they operate. knowledge of the Company, the conduct of the businesses of the Company and Company Subsidiaries and their products and services do not infringe, misappropriate, dilute or otherwise violate any Intellectual Property rights of any Person. (d) Neither the Company nor any Company Subsidiary has made any claim during the past three (3) years of any misappropriation or infringement by any third party of its rights to or in connection with the use of any Company Intellectual Property; and (ii) to the knowledge of the other Group Companies has received any notice of, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s Knowledge, no Person is infringing, misappropriating, infringing or violating misappropriating any material Company Intellectual Property owned by a Group CompanyProperty. (be) Each Group The Company (i) takes commercially and the Company Subsidiaries have taken reasonable measures to protect the confidentiality of their material Trade Secrets including requiring employees, contractors and other Persons having access thereto to execute written nondisclosure agreements. To the knowledge of the Company, none of the material Trade Secrets of the Company and the Company Subsidiaries have been disclosed or authorized to be disclosed by the Company or the Company Subsidiaries to any third party other than pursuant to a valid and enforceable nondisclosure agreement. To the knowledge of the Company, no third party to any nondisclosure agreement with the Company or any Company Subsidiary is in material breach, violation or default. (f) Each Person who contributed, developed or conceived any Company Owned Intellectual Property owned has done so pursuant to a valid and enforceable written agreement that (i) protects the confidential information disclosed by each Group Company, the Company and its Subsidiaries and (ii) owns all rightgrants the Company and its Subsidiaries exclusive ownership of the Person’s contribution, title development or conception and interest waives any non-assignable interests in and such contribution, development or conception, such as moral rights. (g) During the three (3) years prior to material the date hereof, to the knowledge of the Company, there has been no act or omission in respect of the use or enforcement of the Company Owned Intellectual Property developed that would reasonably be expected to result in the abandonment, cancellation or created by employeesunenforceability of any such Intellectual Property. (h) No source code for any Company Proprietary Software has been delivered, contractors and consultants forlicensed, or on behalf of, such Group Company. No Group Company has disclosed made available to any third party escrow agent or other Person who is not an employee of the Company or a Company Subsidiary. Neither the Company nor any Company Subsidiary has any duty or obligation to deliver, license, or make available the source code for any Company Proprietary Software to material software owned by any Group Company. escrow agent or other Person who is not an employee of the Company or any Company Subsidiary. (i) No material software owned by any Group Company Proprietary Software is subject to any “open source,” “copyleft” or similar other obligation or condition (including any obligation or condition under any “open source” license such as the GNU Public License, Lesser GNU Public License, or Mozilla Public License) that has been or is used in any the businesses of the Company and its Subsidiaries in a manner that would (Ai) requires any require or condition the use or distribution of such Company Proprietary Software on the disclosure, licensing, or distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group portion of such Company to grant to Proprietary Software or (ii) otherwise impose any Person any rights or immunities under any Intellectual Propertylimitation, restriction, or (C) imposes condition on the right or ability of the Company or any economic limitations on Company Subsidiary to use or distribute any Group Company’s exploitation thereofCompany Proprietary Software. (cj) Each Group To the knowledge of the Company, the Company uses commercially reasonable efforts Proprietary Software does not contain any program routine, device, code or instructions (including any code or instructions provided by third parties) or other undisclosed feature, including, without limitation, a time bomb, virus, lock-out device, drop-dead device, malicious logic, worm, Trojan horse, bug, error, defect or trap door, that is designed to protect access, modify, delete, damage, disable, deactivate, interfere with, or otherwise harm the confidentialityCompany Proprietary Software or any of the Company’s information technology systems, integrity data or other electronically stored information, or computer programs or systems. (k) The Company and security the Company Subsidiaries, and to the knowledge of the Company IT Systems all of its and their providers of information technology services, have (i) complied in all material respects with their respective published privacy policies and internal privacy policies and guidelines and all applicable Laws relating to prevent any unauthorized useprivacy, accessdata protection, interruptionuser data or Personal Data, or modification including Personal Data of customers, employees, contractors and third parties who have provided information to the Company IT Systems. The or any Company IT Systems areSubsidiary; and (ii) implemented and maintained, in all material respects, sufficient for the immediate a comprehensive security plan that includes industry standard administrative, technical and currently anticipated future needs of the businesses of the Group Companies. There have been no physical safeguards to ensure that Personal Data is protected against loss, damage, unauthorized intrusionsaccess, failuresunauthorized use, breakdowns, continued substandard performanceunauthorized modification, or other adverse events affecting any misuse. To the knowledge of the Company, within the past five (5) years there has been no material loss, damage, unauthorized access, unauthorized use, unauthorized modification, or other breach of security of Personal Data maintained by or on behalf of the Company IT Systems, which, individually or in and the aggregate, would reasonably be expected to have a Material Adverse Effect. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements in all material respectsSubsidiaries. In Within the past three (3) years, no Group Person has made any material claim or commenced any Action with respect to, and the Company has and the Company Subsidiaries have not, to the knowledge of the Company, experienced any material incident relating to, any actual or suspected loss, damage, unauthorized access, unauthorized use, unauthorized modification, or breach of securitysecurity of Personal Data maintained or processed by or on behalf of the Company and the Company Subsidiaries. Except for disclosures of information permitted or required by privacy Laws or authorized by the provider of Personal Data, phishing incidentto the knowledge of the Company, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group neither the Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to nor any of the foregoing Company Subsidiaries has shared, sold, rented or otherwise made available, and does not share, sell, rent or otherwise make available, to third parties any Personal Data. (l) The Company and the Company Subsidiaries have implemented business continuity and disaster recovery plans and have arranged for back-up data processing services adequate to meet their data processing needs in the event that the computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries or any of their material non-compliance with components is rendered temporarily or permanently inoperative as a result of a natural or other disaster. The computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries have not suffered any Data Security Requirementsfailures, errors or breakdowns within the past three years that have caused any material disruption or interruption in the business of the Company and the Company Subsidiaries. The computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries have not suffered any failures, errors or breakdowns within the past three (3) years that have caused any material disruption or interruption in the business of the Company or the Company Subsidiaries.

Intellectual Property; Data Privacy. (a) The Company Schedule 4.13 sets forth a list of all United States and foreign: (i) issued Patents and Patent applications, (ii) Trademark registrations (including material domain names) and Trademark applications, and (iii) Copyright registrations and Copyright applications, in each case, that are owned by or filed in the name of the other Group Companies own and possess, all right, title, and interest in and to, free and clear of all Liens, except for Permitted Liens, Company or have a valid and enforceable license to use, all Intellectual Property used in, held for use, or necessary to carry on the business now operated by them in each country in which they operate. Neither the Company nor any of the other Group Companies has received any notice of, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any its Subsidiaries (such Intellectual Property, northe “Registered IP”). All material Registered IP is in effect and subsisting, and, to the Knowledge of the Company, valid and enforceable. All necessary registration, maintenance and renewal fees in connection with any material item of Registered IP have been paid, and to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property no material Registered IP has been adjudged invalid or inadequate to protect the interests of the unenforceable by a Governmental Authority. The Company or any one of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s Knowledge, no Person is infringing, misappropriating, or violating any material Intellectual Property owned by a Group Company. (b) Each Group Company (i) takes commercially reasonable measures to protect the confidentiality of material Intellectual Property owned by each Group Company, and (ii) its Subsidiaries exclusively owns all right, title and interest in and to each item of material Owned IP. The Company and its Subsidiaries own, in each case free of all Liens other than Permitted Liens, or have a license to or other right to use, all of the Intellectual Property developed used in the conduct of their respective businesses; provided that the foregoing is not a representation or created warranty with respect to infringement, misappropriation or any other violation of Intellectual Property (which is addressed below in this Section 4.13). (b) No Proceeding is (i) pending or threatened in writing against the Company or any of its Subsidiaries alleging that any of the Company or any of its Subsidiaries is infringing, misappropriating or otherwise violating any Person’s Intellectual Property (including in the form of any unsolicited offers to license any Person’s Intellectual Property) or (ii) pending or threatened in writing by employeesany of the Company or any of its Subsidiaries alleging that any Person is infringing, contractors misappropriating or otherwise violating any Owned IP. The conduct of the businesses of the Company and consultants forits Subsidiaries as currently conducted does not infringe, misappropriate or otherwise violate, and in the past five (5) years has not infringed, misappropriated, or on behalf ofotherwise violated, such Group the Intellectual Property of any Person and (b) to the Knowledge of the Company, no Person is infringing, misappropriating or otherwise violating any Owned IP. (c) The Company and each of its Subsidiaries have taken actions reasonable under the circumstances to maintain and protect all of the Owned IP (including the secrecy and confidentiality of all material Trade Secrets included therein). No Group Company Each Person who has disclosed participated in the authorship, conception, creation, reduction to practice, or development of any third party any source code Intellectual Property owned or purported to material software be owned by the Company or its Subsidiaries has executed and delivered to the Company or the applicable Subsidiary a valid and enforceable written contract (or has obligations by operation of law) providing for (i) the confidentiality and non-disclosure by such Person of all material Trade Secrets included in the Owned IP and (ii) the assignment by such Person to the Company or the applicable Subsidiary of all right, title, and interest in and to such Intellectual Property. To the Knowledge of the Company, no Person is in material breach of any Group Company. No contract referenced in this section. (d) None of the software included in the material software owned by any Group Company Owned IP is subject to any “open source,” ”, “copyleft” or similar analogous license (including any license approved by the Open Source Initiative and listed at xxxx://xxx.xxxxxxxxxx.xxx/licenses, GPL, AGPL or other open source software license) in any a manner or relation that (A) requires any disclosure, public distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for the Company or any Group Company of its Subsidiaries to grant to any Person third party any rights or immunities under any Intellectual PropertyOwned IP (including any patent non-asserts or patent licenses), or (C) imposes impose any present economic limitations on any Group the Company’s or its Subsidiaries’ commercial exploitation thereof. No material source code included in the Owned IP has been disclosed, licensed, released, distributed, or made available to or for any Person, and no Person has been granted any rights thereto, and no Person has agreed to disclose, license, release, deliver, or otherwise grant any right thereto under any circumstance (in each case other than to employees, contractors or consultants of the Company or its Subsidiaries in the ordinary course of business pursuant to written confidentiality or non-disclosure agreements or similar obligations by operation of law). No material source code included in the Owned IP has been escrowed. (ce) Each Group The Company uses and its Subsidiaries maintain and enforce commercially reasonable efforts policies and procedures regarding cyber-security, data privacy, protection and security. The Company and its Subsidiaries are, and since January 1, 2019 have been, in compliance in all material respects with (i) all applicable Laws, regulations, and generally accepted industry standards, (ii) their own published or binding internal policies, and (iii) agreements the Company or any of its Subsidiaries have entered into or are otherwise bound, in each case of (i) through (iii) to the extent governing or relating to data privacy, data security, or the use and processing of personal information and applicable to the Company or any of its Subsidiaries (collectively, “Data Security Requirements”). No Proceeding is pending or threatened in writing against the Company or any of its Subsidiaries alleging a violation of any Person’s privacy rights or personal information or any Data Security Requirement in connection with the conduct of their respective businesses. There has been (1) no notice issued by or on behalf of the Company or its Subsidiaries to any Governmental Authority or any other Person, and (2) to the Knowledge of the Company, no circumstance requiring the Company or any of its Subsidiaries to notify a Governmental Authority or any other Person, in each case of (1) and (2) in respect of any Security Incident or actual or alleged violation of any Data Security Requirements. (f) The Company and each of its Subsidiaries have taken commercially reasonable actions to protect the confidentiality, integrity and security of the Company Company’s and each of its Subsidiaries’ IT Systems Assets against any unauthorized use or access and to prevent the Knowledge of the Company, since January 1, 2019 there have been no material Security Incidents with respect to any of the Company’s or its Subsidiaries’ IT Assets (or any data or other information or transactions stored or contained therein or processed or transmitted thereby). The IT Assets are sufficient for the conduct of the business of the Company and its Subsidiaries as currently conducted in all material respects. The Company and each of its Subsidiaries have taken commercially reasonable measures, consistent with current industry standards for similarly sized and situated companies, designed (i) to preserve and maintain the performance, security, confidentiality and integrity of the IT Assets (and all data or other information or transactions stored or contained therein or processed or transmitted thereby) in all material respects against any unauthorized use, access, interruption, modification or modification of the Company corruption, and (ii) to ensure that all IT Systems. The Company IT Systems are, Assets are (A) functional and operate and run in a reasonable and efficient business manner in all material respects, sufficient for the immediate and currently anticipated future needs (B) free from any material virus, malware or material programming, design or documentation error or corruption of the businesses of the Group Companiesmaterial defect. There Since January 1, 2019, there have been no unauthorized intrusions, failures, breakdowns, breakdowns or continued substandard performance, performance of any IT Assets that have caused the material disruption or other adverse events affecting any Company IT Systems, which, individually or material interruption in the aggregate, would reasonably be expected to operation of the business of the Company or any of its Subsidiaries that have a Material Adverse Effect. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements not been remedied in all material respects. In the past three (3) yearsThe Company and its Subsidiaries have implemented, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, maintained and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to any of the foregoing or any material non-compliance with any Data Security Requirementstested commercially reasonable disaster recovery procedures and facilities for their businesses.

Intellectual Property; Data Privacy. (a) The Company and each Schedule 3.16(a) of the other Group Companies own and possessSeller Disclosure Letter lists all Registered Owned Intellectual Property, all rightindicating for each item the registration or application number, titlethe filing or registration date, the record (and, if different, beneficial) owner, and interest in the applicable filing jurisdiction. All material Registered Owned Intellectual Property is subsisting, and toto Seller’s Knowledge, free and clear of all Liens, except for Permitted Liens, or have a is valid and enforceable license and is not subject to useany Liens other than Permitted Liens. As of the date of this Agreement, no Registered Owned Intellectual Property is subject to any pending Action or outstanding Order concerning the validity, enforceability, ownership, registration, use or scope of any such Intellectual Property. (b) Seller and its Subsidiaries have (and, as of immediately prior to the Closing, the Company will have) sufficient rights to all Intellectual Property used inand Technology that is Related to the Business to conduct the Business, held for usein all material respects, or necessary to carry on as presently conducted, and the business now operated use and exploitation of all such intellectual Property following the Closing by them in each country in which they operate. Neither the Company nor any will be on substantially the same terms as the terms applicable to Seller and its Subsidiaries prior to the Contribution. (c) To Seller’s Knowledge, the conduct of the other Group Companies Business does not infringe, dilute, misappropriate or otherwise violate the Intellectual Property of any third party, and has received not infringed, diluted, misappropriated or otherwise violated the Intellectual Property of any notice of, nor third party during the three (3) year period immediately preceding the date of this Agreement. There is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, norno Action pending or, to the CompanySeller’s Knowledge, are there threatened alleging that the conduct of the Business is infringing, diluting, misappropriating or otherwise violating, or has infringed, diluted, misappropriated or otherwise violated any facts or circumstances which would render any Person’s Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effectrights. To the CompanySeller’s Knowledge, no Person is infringing, misappropriatingdiluting, misappropriating or otherwise violating any material Intellectual Property rights owned by a Group CompanySeller and its Subsidiaries and Related to the Business. (bd) Each Group Company (i) takes Seller and its Subsidiaries have taken commercially reasonable measures to protect the confidentiality of material the Trade Secrets that are Related to the Business, and, to Seller’s Knowledge, there has been no unauthorized access, use or disclosure of such Trade Secrets. All former and current officers, directors, employees, consultants, agents, and independent contractors of the Seller and its Subsidiaries who have contributed to or participated in the conception and development of Intellectual Property owned Related to the Business have entered into valid and binding proprietary rights agreements with the relevant Seller or Subsidiary vesting ownership of such Intellectual Property in such Seller or Subsidiary, except where such ownership is vested by each Group Company, operation of law. (i) The IT Assets that are Related to the Business operate and perform in all material respects in accordance with their documentation and functional specifications and otherwise as required for the operations of the Business and have not materially malfunctioned or failed within the past five (5) years; (ii) owns all rightno Person has gained unauthorized access to such IT Assets, title and interest there has been no other security breach or other similar event affecting any such IT Assets which has resulted in and to material Intellectual Property developed or created by employeesthe unauthorized access, contractors and consultants foruse, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution modification, encryption, loss or licensing destruction of any such software, whether in source code form Company Data or not, any other material information or data stored or contained therein; and (Biii) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereof. (c) Each Group Company uses Seller and its Subsidiaries have implemented commercially reasonable efforts measures to protect the confidentiality, integrity and security of such IT Assets, as well as reasonable data backup, system redundancy, and disaster avoidance and recovery technology and procedures, consistent with industry practices. (f) In the collection and Processing of any Personal Data Related to the Business, Seller and its Subsidiaries are, and to Seller’s Knowledge, its and their Personal Data Processors and Personal Data Suppliers are, in compliance with and since January 1, 2016 have complied with, all applicable Privacy Commitments in all material respects. Without limiting the foregoing, Seller and its Subsidiaries have, and to Seller’s Knowledge, its and their Personal Data Suppliers have, collected all Personal Data Related to the Business lawfully including acquiring all necessary consents from data subjects and otherwise have all requisite legal authority to Process, use and hold such Personal Data in the manner it is Processed by such Persons without breaching any of the Privacy Commitments in any material respect. Seller and its Subsidiaries have adopted and maintain appropriate technical and organizational security measures designed to prevent the unlawful Processing of Personal Data and unauthorized access, accidental loss or destruction of or damage to Personal Data in its, or its Subsidiaries’ possession or control, which measures are in compliance in all material respects with the Privacy Commitments. (g) To the extent that Seller or its Subsidiaries Process any financial account numbers (such as credit cards, bank accounts, PayPal accounts, debit cards), passwords, CCV data, or other related data in connection with their operation of the Business, each of Seller and its Subsidiaries has implemented information security procedures, processes and systems that have at all times met all applicable Laws related to the Processing of cardholder data, including those established by applicable Governmental Entities, and the Payment Card Industry Standards Council (including the Payment Card Industry Data Security Standard). (h) To the extent Related to the Business, Seller and its Subsidiaries present, and since January 1, 2016 have presented, a Privacy Policy which complies with Privacy Laws to Data Subjects prior to the collection of any Personal Data, and no such Privacy Policy is or has been inaccurate, materially misleading or materially deceptive. (i) Seller and its Subsidiaries have not transferred or permitted the transfer of Personal Data Related to the Business originating in the European Economic Area or the United Kingdom outside the European Economic Area or the United Kingdom, except where such transfers have complied with the requirements of Privacy Laws and the Company IT Systems and to prevent any unauthorized use, access, interruption, or modification Privacy Policies. (j) In the operation of the Company IT SystemsBusiness, Seller and its Subsidiaries do not sell, rent or otherwise make available to any Person any Personal Data, except in a manner that complies in all material respects with the applicable Privacy Commitments. The Company IT Systems areexecution, delivery and performance of this Agreement and the transactions contemplated herein comply, and will comply, in all material respects, sufficient for the immediate and currently anticipated future needs with all Privacy Commitments of the businesses of Seller and its Subsidiaries. Immediately following the Group Companies. There Transactions, the Company will be permitted to Process, collect, store, use and disclose Personal Data held by the Company to the same extent the Seller and its Subsidiaries would have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, or other adverse events affecting any Company IT Systems, which, individually or in able to do so had the aggregate, would reasonably be expected to have a Material Adverse EffectTransactions not occurred. (dk) Each Group Company complies withSince January 1, and 2016, neither Seller nor any of its Subsidiaries has at all times complied withreceived any written (i) notice Related to the Business that Seller or any of its Subsidiaries is or has been in breach of any Privacy Commitment, all or (ii) request, complaint or objection to any collection or use of Personal Data Security Requirements in all material respects. In Related to the past three Business from any data protection authority or third party (3including data subjects) yearsthat remains unresolved. (l) Since January 1, no Group Company 2016, neither Seller nor any of its Subsidiaries has experienced any material breach of securityunauthorized access to, phishing incident, ransomware or malware attack, deletion or other incident misuse of, any Personal Data Related to the Business in its possession or control (a “Security Incident”) or made or been required to make any disclosure, notification or take any other action under any applicable Privacy Laws in connection with any Security Incident. Since January 1, 2016, Seller and its Subsidiaries have made all notifications to customers or individuals required to be made by Seller or its Subsidiaries under any applicable Privacy Laws arising out of or relating to any event of unauthorized access to or disclosure or acquisition of any Personal Data Related to the Business by any Person of which confidential the Company or sensitive informationits Subsidiaries have knowledge. (m) No Action before any court, personally identifiable information, personal data, administrative body or other protected information relating Governmental Entity (whether of a criminal, civil or administrative nature) has been filed or commenced against Seller or its Subsidiaries nor threatened against Seller or its Subsidiaries in writing, alleging any failure to individuals comply with any Privacy Laws Related to the Business. To Seller’s Knowledge, since January 1, 2016, no action has been filed, commenced or natural persons was threatened against any Personal Data Supplier or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation Personal Data Processor with respect to any of Personal Data Processed for Seller or its Subsidiaries Related to the foregoing or any material non-compliance with any Data Security RequirementsBusiness.

Intellectual Property; Data Privacy. (a) The Company and each of the other Group Companies own and possess, all right, title, and interest in and to, free and clear of all Liens, except for Permitted Liensexclusively owns, or have has a valid and enforceable license right to use, all Intellectual Property used in, held for use, or necessary to carry on operate the business now operated by them of the Company, free and clear of all liens, charges or encumbrances, and without any Known conflict with, or infringement of, the rights of others, including prior employees or consultants, in each country in which they operate. Neither the Company nor any of the case other Group Companies has received any notice ofthan matters that could not reasonably be expected to have, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, either individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. The Company has not received any written communications alleging that the Company has infringed or otherwise violated, or by conducting its business, would infringe or otherwise violate, and the conduct of the Company’s business as now conducted and as presently proposed to be conducted does not (and would not) infringe or otherwise violate, any of the Intellectual Property rights or processes of any other Person. To the Company’s Knowledge, no Person is infringing, misappropriating, infringing or otherwise violating any material the Company Intellectual Property. The Company Intellectual Property owned by a Group Companyis valid, subsisting and enforceable, and the Company has taken reasonable measures to protect, maintain and enforce the Company Intellectual Property. The Company Intellectual Property is not subject to any order, writ, decree or settlement that restricts the use or ownership thereof. (b) Each Group Company (i) takes commercially reasonable measures to protect the confidentiality of material Intellectual Property owned by each Group Company, and (ii) owns all right, title and interest in and to material Intellectual Property developed or created by employees, contractors and consultants for, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereof. (c) Each Group Company uses commercially reasonable efforts to protect the confidentiality, integrity and security of the Company IT Systems and to prevent any unauthorized use, access, interruption, or modification of the Company IT Systems. The Company IT Systems arecomplies, in with all material respectsData Privacy Requirements (as hereinafter defined), sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusionsother than failures to comply that could not reasonably be expected to have, failures, breakdowns, continued substandard performance, or other adverse events affecting any Company IT Systems, which, either individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. (d) Each Group . The Company complies withhas not received any communications alleging that the Company is in violation of any Data Privacy Requirements, and has at all times complied withto the Company’s Knowledge, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced is not subject to any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to any Data Privacy Requirements. For purposes of this Section 2.8, “Data Privacy Requirements” means (i) all federal or statute statutes, rules or regulations concerning the privacy or security of personal information, including protected health information (ii) the Company’s written privacy policies and procedures, and (iii) all contractual requirements of the foregoing Company with respect to the privacy or any material non-compliance security of personal information, including with any respect to the Payment Card Industry Data Security RequirementsStandard (PCI DSS).

Intellectual Property; Data Privacy. (a) Part 3.8(a) of the Company Disclosure Schedule sets forth a complete and correct list, as of the date of this Agreement, of all Company Registered IP, except for those Patents that are licensed by Company to Purchaser under that certain License Agreement by and between the Company and Genzyme Corporation, dated as of November 8, 2017 (“Purchaser Licensed Patents”). Except for the Purchaser Licensed Patents, Part 3.8(a) of the Company Disclosure Schedule identifies (i) the name of the applicant/registrant, (ii) the jurisdiction of application/registration, (iii) the application, Patent or registration number and (iv) any other co-owners, for each item of Company Registered IP. Each of the Patents and Patent applications, which are owned or purported to be owned by the Company or one of its Subsidiaries and included in the Company Registered IP, properly identifies by name each and every inventor of the inventions claimed therein as determined in accordance with applicable Legal Requirements of the United States of America and, to the knowledge of the Company, the applicable foreign jurisdiction. All Company Registered IP owned or purported to be owned, in whole or in part, by the Company (the “Owned Company Registered IP”), and to the knowledge of the Company, all Company Registered IP exclusively licensed to the Company is subsisting and, to the knowledge of the Company, valid, enforceable, and in full force and effect. With respect to the Owned Company Registered IP other than Purchaser Licensed Patents, all other Company Registered IP for which the Company has responsibility for prosecution and maintenance activities, and, to the knowledge of the Company, all other Company Registered IP, all necessary registration, maintenance, renewal and other relevant filing fees due through the Closing Date have been timely paid and all necessary documents and certificates in connection therewith have been timely filed with the relevant Patent, Trademark, Copyright, Internet domain name or other authorities in the United States of America or to Company’s knowledge, the applicable foreign jurisdiction, as the case may be, for the purpose of maintaining such Company Registered IP in full force and effect. As of the date of this Agreement, no interference, opposition, reissue, reexamination or other proceeding of any nature (other than pre-issuance patent prosecution activities being conducted before a Governmental Body in the ordinary course of business) is pending or, to the knowledge of the Company, threatened, in which the use, scope, validity, enforceability or ownership of any Company Registered IP is being or has been contested or challenged. The Company and its Subsidiaries have complied with all Legal Requirements regarding the duty of disclosure, candor and good faith in connection with each of the other Group Companies own and possess, all right, title, and interest Patent included in and to, free and clear of all Liens, except for Permitted Liens, or have a valid and enforceable license to use, all Intellectual Property used in, held for use, or necessary to carry on the business now operated by them in each country in which they operate. Neither the Company nor any of the other Group Companies has received any notice of, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s Knowledge, no Person is infringing, misappropriating, or violating any material Intellectual Property owned by a Group CompanyRegistered IP. (b) Each Group The Company (i) takes commercially reasonable measures to protect or one of its Subsidiaries, as the confidentiality case may be, is the sole and exclusive owner of material Intellectual Property owned by each Group Company, and (ii) owns all right, title and interest in and to all Company Registered IP owned or purported to be owned by the Company or any of its Subsidiaries and all other Company IP, and possesses legally enforceable rights, pursuant to valid written agreements, to use all other Table of Contents material Intellectual Property developed Rights used by or created necessary for the conduct of the business as presently conducted by the Company and its Subsidiaries, in each case, free and clear of all Encumbrances other than Permitted Encumbrances. The Company or one of its Subsidiaries, as the case may be, has executed valid and enforceable written agreements with each of its former and current directors, officers, employees, consultants and independent contractors who were or are, as applicable, engaged in creating or developing any material Company IP, pursuant to which each such Person has: (i) agreed to hold all Know-How and consultants forconfidential information of the Company and its Subsidiaries in confidence both during and after such Person’s employment or retention, as applicable; and (ii) presently assigned to the Company or on behalf ofone of its Subsidiaries, as applicable, all of such Group Person’s rights, title and interest in and to all material Intellectual Property Rights created or developed for the Company or its Subsidiaries in the course of such Person’s employment or retention thereby. To the knowledge of the Company. No Group Company has disclosed to any third , no party any source code to material software owned by any Group Company. No material software owned by any Group Company thereto is subject to any “open source,” “copyleft” in default or similar license in any manner that (A) requires any disclosure, distribution or licensing breach of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereofagreements. (c) Each Group No funding, facilities or personnel of any Governmental Body or any university, college, research institute or other educational institution has been or is being used to create, in whole or in part, any material Company uses commercially reasonable efforts to protect the confidentiality, integrity and security IP (other than as disclosed on Part 3.8(a) of the Company IT Systems Disclosure Schedule), except for any such funding or use of facilities or personnel that does not result in such Governmental Body or institution obtaining ownership rights to such Company IP and does not require or otherwise obligate the Company or its Subsidiaries to prevent grant or offer to any unauthorized usesuch Governmental Body or educational institution any license or other right to such Company IP (except for use rights during the term of the applicable agreement between the Company or one of its Subsidiaries and such Governmental Body or educational institution), access, interruption, or modification including the right to receive royalties for the practice of such Company IP (other than pursuant to any In-bound License disclosed on Part 3.8(d) of the Company IT SystemsDisclosure Schedule). The No current or former employee, consultant or independent contractor of the Company IT Systems arewho contributed to the creation or development of any material Company IP has, to the knowledge of the Company, performed services for a Governmental Body or any university, college, research institute or other educational institution related to the Company’s or its Subsidiaries’ business as presently conducted during a period of time during which such employee, consultant or independent contractor was also performing services for the Company or its Subsidiaries. (d) Part 3.8(d) of the Company Disclosure Schedule sets forth each agreement pursuant to which the Company or one of its Subsidiaries (i) is granted a license or is assigned, granted, or provided or otherwise receives or is conveyed any right (including a right to receive a license or be free from suit), under any Intellectual Property Right owned by any third party that is used by and material to the Company or its Subsidiaries in its or their business as currently conducted, other than (A) any material transfer agreements, clinical trial agreements, nondisclosure agreements, services agreements, commercially available Software-as-a-Service offerings or off-the-shelf software licenses, in all each case, with an annual cost of no more than $250,000 and which do not impose restrictions or non-asserts with respect to any Intellectual Property Rights material respectsto and either owned by or exclusively licensed to the Company or any of its Subsidiaries, sufficient and (B) any such agreements where the only Intellectual Property Rights granted to the Company or any of its Subsidiaries are non-exclusive rights granted solely for the immediate purpose of enabling Company’s use or exploitation of the services or deliverables provided to Company pursuant to such agreements, (each such agreement covered Table of Contents by subclause (i), an “In-bound License”), or (ii) grants to any third party a license or assigns, grants, or otherwise provides or conveys any right (including a right to receive a license or be free from a suit) under any material Company IP or material Intellectual Property Right licensed to the Company under an In-bound License, other than (A) any material transfer agreements, clinical trial agreements, nondisclosure agreements or services agreements or non-exclusive outbound licenses entered into in the ordinary course of business, in each case, which do not transfer ownership of Intellectual Property Rights from the Company or any of its Subsidiaries or grant rights or impose restrictions or non-asserts with respect to any Intellectual Property Rights owned by or exclusively licensed to the Company or any of Subsidiaries (except for non-exclusive rights granted solely for the purpose of providing services or conducting activities within the scope of such agreements), in each case, with an annual cost of no more than $250,000 and which do not transfer ownership of Intellectual Property Rights from the Company or any of its Subsidiaries or grant rights or impose restrictions or non-asserts with respect to any Intellectual Property Rights owned by or exclusively licensed to the Company or any of its Subsidiaries, or (B) any such agreement granting non-exclusive rights granted solely for the purpose of providing services or conducting activities within the scope of such agreements (each such agreement covered by subclause (ii), an “Out-bound License”). (e) To the knowledge of the Company: (i) the operation of the business of the Company and its Subsidiaries as currently anticipated future needs conducted has not infringed any valid and enforceable Intellectual Property Rights of any Person, or misappropriated or otherwise violated any Intellectual Property Rights owned by any Person, and is not infringing any valid and enforceable Intellectual Property Rights of any Person, or misappropriating or otherwise violating any Intellectual Property Rights owned by any other Person; and (ii) no Person has infringed, misappropriated, or otherwise violated, or is infringing, misappropriating or otherwise violating any Company IP or any Intellectual Property Rights exclusively licensed to the Company or its Subsidiaries. As of the date of this Agreement, no Legal Proceeding is pending (or, to the knowledge of the Company, is threatened) (A) against the Company or its Subsidiaries alleging that the operation of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, Company and its Subsidiaries infringes or constitutes the misappropriation or other adverse events affecting violation of any Intellectual Property Rights of another Person (B) by the Company or its Subsidiaries that another Person has infringed, misappropriated or otherwise violated or is infringing, misappropriating or otherwise violating any Company IT SystemsIP or any Intellectual Property Rights exclusively licensed to the Company or its Subsidiaries. Since January 1, which2014 and, individually to the knowledge of the Company, prior to such date, neither the Company nor any of its Subsidiaries has received any written notice or in other written communication alleging that the aggregateoperation of the business of the Company and its Subsidiaries has infringed, would reasonably be expected to have a Material Adverse Effectmisappropriated or otherwise violated or is infringing, misappropriating or otherwise violating any Intellectual Property Right of another Person. (df) Each Group The Company complies withand its Subsidiaries have taken reasonable security and other measures, including measures against unauthorized disclosure, to protect and maintain the secrecy, confidentiality, and has at all times complied withvalue of the Know-How and other confidential information included in the Company IP. No trade secret, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attackKnow-How, or proprietary information material to the business of the Company and its Subsidiaries as presently conducted has been authorized to be disclosed or, to the knowledge of the Company, has been actually disclosed by the Company to any Person other incident in which confidential than pursuant to a non-disclosure agreement or sensitive other agreement adequately restricting the disclosure and use of such Intellectual Property Rights or information, personally identifiable informationand excluding any know-how or proprietary information disclosed by the Company in publications or public filings, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to any of the foregoing or any material non-compliance with any Data Security Requirementsas required under applicable securities laws.

Intellectual Property; Data Privacy. (a) The Either the Company or a Company Subsidiary owns, and each of the other Group Companies own and possess, has all right, title, and interest in and toin, free and clear of all Liens, except for Permitted Liensduly licenses, or have a valid and enforceable license otherwise possesses all rights necessary to use, all Intellectual Property used inin their respective businesses as currently conducted (collectively, held for usethe “Company Intellectual Property”). (b) Section 3.14(b)(i) of the Company Disclosure Letter sets forth all Company Registered Intellectual Property. All required filings and fees related to such Company Registered Intellectual Property have been timely filed with and paid to the relevant Governmental Entities and authorized registrars. Section 3.14(b)(ii) of the Company Disclosure Letter sets forth all Intellectual Property owned or purported to be owned by the Company or any Company Subsidiary that is not Company Registered Intellectual Property and which is material to the businesses of the Company and Company Subsidiaries as currently conducted (collectively, together with the Company Registered Intellectual Property, the “Company Owned Intellectual Property”). (c) There are no pending or, to the knowledge of the Company, threatened claims in writing by any Person alleging infringement or necessary misappropriation by the Company or any Company Subsidiary arising from their use of the Company Intellectual Property, and to carry on the business now operated by them in each country in which they operate. knowledge of the Company, the conduct of the businesses of the Company and Company Subsidiaries and their products and services do not infringe, misappropriate, dilute or otherwise violate any Intellectual Property rights of any Person. (d) Neither the Company nor any Company Subsidiary has made any claim during the past three (3) years of any misappropriation or infringement by any third party of its rights to or in connection with the use of any Company Intellectual Property; and (ii) to the knowledge of the other Group Companies has received any notice of, nor is there or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of the Company or any of the other Group Companies therein, and which infringement, misappropriation, violation or conflict (if the subject of any unfavorable decision, ruling or finding) or invalidity or inadequacy, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect. To the Company’s Knowledge, no Person is infringing, misappropriating, infringing or violating misappropriating any material Company Intellectual Property owned by a Group CompanyProperty. (be) Each Group The Company (i) takes commercially and the Company Subsidiaries have taken reasonable measures to protect the confidentiality of their material Trade Secrets including requiring employees, contractors and other Persons having access thereto to execute written nondisclosure agreements. To the knowledge of the Company, none of the material Trade Secrets of the Company and the Company Subsidiaries have been disclosed or authorized to be disclosed by the Company or the Company Subsidiaries to any third party other than pursuant to a valid and enforceable nondisclosure agreement. To the knowledge of the Company, no third party to any nondisclosure agreement with the Company or any Company Subsidiary is in material breach, violation or default. (f) Each Person who contributed, developed or conceived any Company Owned Intellectual Property owned has done so pursuant to a valid and enforceable written agreement that (i) protects the confidential information disclosed by each Group Company, the Company and its Subsidiaries and (ii) owns all rightgrants the Company and its Subsidiaries exclusive ownership of the Person’s contribution, title development or conception and interest waives any non-assignable interests in and such contribution, development or conception, such as moral rights. (g) During the three (3) years prior to material the date hereof, to the knowledge of the Company, there has been no act or omission in respect of the use or enforcement of the Company Owned Intellectual Property developed that would reasonably be expected to result in the abandonment, cancellation or created by employeesunenforceability of any such Intellectual Property. (h) No source code for any Company Proprietary Software has been delivered, contractors and consultants forlicensed, or on behalf of, such Group Company. No Group Company has disclosed made available to any third party escrow agent or other Person who is not an employee of the Company or a Company Subsidiary. Neither the Company nor any Company Subsidiary has any duty or obligation to deliver, license, or make available the source code for any Company Proprietary Software to material software owned by any Group Company. escrow agent or other Person who is not an employee of the Company or any Company Subsidiary. (i) No material software owned by any Group Company Proprietary Software is subject to any “open source,” “copyleft” or similar other obligation or condition (including any obligation or condition under any “open source” license such as the GNU Public License, Lesser GNU Public License, or Mozilla Public License) that has been or is used in any the businesses of the Company and its Subsidiaries in a manner that would (Ai) requires any require or condition the use or distribution of such Company Proprietary Software on the disclosure, licensing, or distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group portion of such Company to grant to Proprietary Software or (ii) otherwise impose any Person any rights or immunities under any Intellectual Propertylimitation, restriction, or (C) imposes condition on the right or ability of the Company or any economic limitations on Company Subsidiary to use or distribute any Group Company’s exploitation thereofCompany Proprietary Software. (cj) Each Group The Company uses commercially reasonable efforts Proprietary Software does not contain any program routine, device, code or instructions (including any code or instructions provided by third parties) or other undisclosed feature, including, without limitation, a time bomb, virus, lock-out device, drop-dead device, malicious logic, worm, Trojan horse, bug, error, defect or trap door, that is designed to protect access, modify, delete, damage, disable, deactivate, interfere with, or otherwise harm the confidentialityCompany Proprietary Software or any of the Company’s information technology systems, integrity data or other electronically stored information, or computer programs or systems. (k) The Company and security the Company Subsidiaries, and to the knowledge of the Company IT Systems all of its and their providers of information technology services, have (i) complied in all material respects with their respective published privacy policies and internal privacy policies and guidelines and all applicable Laws relating to prevent any unauthorized useprivacy, accessdata protection, interruptionuser data or Personal Data, or modification including Personal Data of customers, employees, contractors and third parties who have provided information to the Company IT Systems. The or any Company IT Systems areSubsidiary; and (ii) implemented and maintained, in all material respects, sufficient for the immediate a comprehensive security plan that includes industry standard administrative, technical and currently anticipated future needs of the businesses of the Group Companies. There have been no physical safeguards to ensure that Personal Data is protected against loss, damage, unauthorized intrusionsaccess, failuresunauthorized use, breakdowns, continued substandard performanceunauthorized modification, or other adverse events affecting any misuse. There has been no material loss, damage, unauthorized access, unauthorized use, unauthorized modification, or other breach of security of Personal Data maintained by or on behalf of the Company IT Systems, which, individually or in and the aggregate, would reasonably be expected to have a Material Adverse Effect. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements in all material respectsSubsidiaries. In Within the past three (3) years, no Group Person has made any material claim or commenced any Action with respect to, and the Company has and the Company Subsidiaries have not, to the knowledge of the Company, experienced any material incident relating to, any actual or suspected loss, damage, unauthorized access, unauthorized use, unauthorized modification, or breach of securitysecurity of Personal Data maintained or processed by or on behalf of the Company and the Company Subsidiaries. Except for disclosures of information permitted or required by privacy Laws or authorized by the provider of Personal Data, phishing incidentto the knowledge of the Company, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group neither the Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to nor any of the foregoing Company Subsidiaries has shared, sold, rented or otherwise made available, and does not share, sell, rent or otherwise make available, to third parties any Personal Data. (l) The Company and the Company Subsidiaries have implemented business continuity and disaster recovery plans and have arranged for back-up data processing services adequate to meet their data processing needs in the event that the computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries or any of their material non-compliance with components is rendered temporarily or permanently inoperative as a result of a natural or other disaster. The computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries have not suffered any Data Security Requirements.failures, errors or breakdowns within the past three years that have caused any material disruption or interruption in the business of the Company and the Company Subsidiaries. The computer systems, networks, hardware, software, databases, websites, and equipment of the Company or the Company Subsidiaries have not suffered any failures, errors or breakdowns within the past three (3) years that have caused any material disruption or interruption in the business of the Company or the Company Subsidiaries

Intellectual Property; Data Privacy. (a) The Each of the Company and each its Subsidiaries owns, is licensed to use, pursuant to valid, enforceable and binding Contracts, or otherwise has the right to use all Intellectual Property used, held for use or necessary for the operation of the other Group Companies own business of the Company and possessits Subsidiaries (collectively, all right, title, and interest in and to, the “Company Intellectual Property”) free and clear of all Liens, except for Liens (other than Permitted Liens, or have ). The Company has provided to Buyer a valid true and enforceable license to use, all Intellectual Property used in, held for use, or necessary to carry on the business now operated by them in each country in which they operate. Neither the Company nor any complete list of the other Group Companies has received any notice of, nor is there following which are owned or has there been, any infringement, misappropriation or other violation of or conflict in any jurisdiction with rights of others with respect purported to any Intellectual Property, nor, to the Company’s Knowledge, are there any facts or circumstances which would render any Intellectual Property invalid or inadequate to protect the interests of be owned by the Company or any of the other Group Companies thereinits Subsidiaries: (i) patents and patent applications, (ii) registered trademarks and applications therefor, (iii) registered copyrights and applications therefor, and which infringement(iv) domain name registrations ((i) - (iv), misappropriationthe “Company Registered IP”). The execution, violation delivery and performance of this Agreement by the Company and the consummation by the Company of the transactions contemplated herein do not and will not encumber, impair or conflict extinguish any of the Company Intellectual Property. (if b) (i) None of the Company Intellectual Property owned or purported to be owned by the Company or any of its Subsidiaries (the “Company Owned Intellectual Property”) (A) has been adjudged invalid or unenforceable in whole or in part, or (B) is the subject of any unfavorable decisioncancelation or reexamination proceeding or any other proceeding challenging its ownership, ruling use, registrability, validity and enforceability, and (ii) to the Knowledge of the Company, all Company Registered IP is subsisting, in full force and effect, and, to the Knowledge of the Company, valid and enforceable, and all renewal fees and other maintenance fees have been paid. There exist no material contractual restrictions on the disclosure, use, license or findingtransfer of any Company Owned Intellectual Property. (i) The conduct of the business of the Company and its Subsidiaries does not infringe upon, misappropriate or invalidity otherwise violate, and has not, since the Company Incorporation Date infringed upon, misappropriated, or inadequacyotherwise violated, the Intellectual Property rights of any Third Party and (ii) no Legal Action is pending, asserted in writing, or to the Knowledge of the Company, threatened against the Company or any of its Subsidiaries that the conduct of the business of the Company or its Subsidiaries infringes upon, misappropriates or otherwise violates the Intellectual Property rights of any Third Party. To the Knowledge of the Company, no Person is infringing upon, misappropriating or otherwise violating, or has, since the Company Incorporation Date, infringed upon, misappropriated, or otherwise violated, any Intellectual Property owned or purported to be owned by the Company or any of its Subsidiaries. (d) The Company and its Subsidiaries have taken reasonable steps in accordance with normal industry practice to maintain and protect the confidentiality of all Company Intellectual Property that is material to the business of the Company and its Subsidiaries and the value of which is contingent upon maintaining the confidentiality thereof. None of the Company Owned Intellectual Property that is material to the business of the Company and its Subsidiaries and the value of which is contingent upon maintaining the confidentiality thereof, has been disclosed other than to Third Parties that are bound by customary, written confidentiality agreements entered into in the ordinary course of business consistent with past practice and that are, to the Knowledge of the Company, valid and enforceable. (e) All Persons who have contributed, developed or conceived any Company Owned Intellectual Property have done so pursuant to a valid and enforceable Contract (subject to enforceability exceptions for bankruptcy and insolvency and subject to principles of equity) that protects the confidential information of the Company and its Subsidiaries and assigns to the Company (or one of its Subsidiaries, as applicable) exclusive ownership of the Person’s contribution, development or conception, other than Intellectual Property excluded by Law or non-assignable moral rights. (f) Except as would not, individually or in the aggregate, would reasonably be expected to have a Company Material Adverse Effect. To , (i) the Company and its Subsidiaries have sufficient rights to use all Software, including middleware, databases, and systems, information technology equipment, and associated documentation used or held for use in connection with the operation of the business of the Company and its Subsidiaries (“IT Assets”), (ii) in each case, the IT Assets operate and perform in all material respects in accordance with their documentation and functional specifications and are sufficient or configurable to effectively perform all operations necessary for the current operation of the business of the Company and its Subsidiaries, and all IT Assets are owned or licensed under valid licenses and operated by and are under the control of the Company and its Subsidiaries, (iii) the IT Assets have not materially malfunctioned or failed since the Company Incorporation Date and, to the Knowledge of the Company’s Knowledge, do not contain any viruses, bugs, faults or other devices or effects that (A) enable or assist any Person to access without authorization or disable or erase the IT Assets, or (B) otherwise materially adversely affect the functionality of the IT Assets, (iv) the Company and its Subsidiaries have taken commercially reasonable steps to provide for the remote-site back-up of data and information critical to the conduct of the business of the Company and its Subsidiaries and have in place commercially reasonable disaster recovery and business continuity plans, procedures and facilities, (v) no Person is infringinghas gained unauthorized access to any IT Assets since the Company Incorporation Date, misappropriating(vi) the Company and its Subsidiaries have maintained, continue to maintain, and caused their vendors to maintain, safeguards, security measures and procedures against the unauthorized access, disclosure, destruction, loss, or violating alteration of customer data or information (including any material Intellectual Property owned by a Group Companypersonal or device-specific information) in its possession or control that comply with any applicable contractual and legal requirements and meet industry standards, and (vii) the Company and its Subsidiaries have in place with the third-party owners and operators of all data centers which provide services related to the business of the Company and its Subsidiaries written agreements that ensure that such Third Parties adhere to and are in compliance with commercially reasonable standards and requirements. (bg) Each Group of the Company and its Subsidiaries is in compliance in all material respects with all applicable Laws pertaining to (i) takes commercially reasonable measures to protect the confidentiality of material Intellectual Property owned by each Group Companydata security, cybersecurity, privacy, and (ii) owns all rightthe collection, title and interest in and to material Intellectual Property developed or created by employeesstorage, contractors and consultants for, or on behalf of, such Group Company. No Group Company has disclosed to any third party any source code to material software owned by any Group Company. No material software owned by any Group Company is subject to any “open source,” “copyleft” or similar license in any manner that (A) requires any disclosure, distribution or licensing of any such software, whether in source code form or not, (B) creates obligations for any Group Company to grant to any Person any rights or immunities under any Intellectual Property, or (C) imposes any economic limitations on any Group Company’s exploitation thereof. (c) Each Group Company uses commercially reasonable efforts to protect the confidentiality, integrity and security of the Company IT Systems and to prevent any unauthorized use, access, interruptiondisclosure, or modification processing, security, and transfer of personal data, to the Company IT Systemsextent that it is subject to same. The Company IT Systems areand its Subsidiaries do not have any premises, employees or tangible assets, and does not conduct any business activities, in all material respects, sufficient for the immediate and currently anticipated future needs of the businesses of the Group Companies. There have been no unauthorized intrusions, failures, breakdowns, continued substandard performance, or any country other adverse events affecting any Company IT Systems, which, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effectthan Hong Kong. (d) Each Group Company complies with, and has at all times complied with, all Data Security Requirements in all material respects. In the past three (3) years, no Group Company has experienced any material breach of security, phishing incident, ransomware or malware attack, or other incident in which confidential or sensitive information, personally identifiable information, personal data, or other protected information relating to individuals or natural persons was or may have been accessed, disclosed, destroyed, lost, altered, or exfiltrated in an unauthorized manner, and no Group Company has received any notices or complaints from any Person or been the subject of any material claim, proceeding, enforcement action (including any fines or other sanctions), or investigation with respect to any of the foregoing or any material non-compliance with any Data Security Requirements.