Intellectual Property; Data Privacy. (a) Schedule 3.11(a) sets forth a complete and accurate list of all issued Patents, pending Patent applications, registered Marks, pending applications for registration of Marks, registered Copyrights, and pending applications for registration of Copyrights that are Owned Intellectual Property and all material unregistered Marks that are Owned Intellectual Property, including, for each item, (i) the record owner of such item, (ii) the jurisdiction in which such item has been issued or registered or is pending and (iii) the issuance, registration or application number and date of such item, as applicable, and (iv) and any action, filing and payment that must be taken or made within six (6) months after the Closing with respect to the foregoing. There is no Software that is Owned Intellectual Property. All of the Owned Intellectual Property that is the subject of an application, certificate, filing, registration, or other document issued by, filed with, or recorded by any Governmental Entity, quasi-governmental authority, or registrar has been maintained effective by the filing of all necessary filings, maintenance, and renewals, and timely payment of requisite fees. No loss or expiration of any Owned Intellectual Property is threatened, pending, or reasonably foreseeable, except for patents expiring at the end of their statutory terms, and not as a result of any act or omission by the Company (including failure by the Company to pay any required maintenance fees). (b) The Company owns all right, title, and interest in, or has a valid and enforceable written license or other permission to use, all Company Intellectual Property. The Company is the sole and exclusive owner of all Owned Intellectual Property, free and clear of all Liens other than Permitted Liens. All Owned Intellectual Property is valid, subsisting, and enforceable. (c) The Company, and the former and current conduct of the business of the Company and the products and services thereof, including the manufacture, making, use, offer for sale, sale, licensing, distribution, importation, and other commercial exploitation of such products and services and the Company Intellectual Property have not infringed, misappropriated, or otherwise violated, and do not infringe, misappropriate, or otherwise violate, any Intellectual Property rights or rights of publicity of any Person. The Company is not the subject of any pending legal proceeding that either alleges a claim of infringement, misappropriation, or other violation of any Intellectual Property or rights of publicity of any Person, or challenges the ownership, use, patenting, registration, validity, or enforceability of any Owned Intellectual Property, and no such claims have been asserted or threatened against the Company. No Person has notified the Company that any of such Person’s Intellectual Property rights or rights of publicity are infringed, misappropriated, or violated by the Company or that the Company requires a license to any of such Person’s Intellectual Property rights. (d) To the Sellers’ Knowledge, no Person has infringed, misappropriated, or otherwise violated, or is infringing, misappropriating, or otherwise violating, any Owned Intellectual Property. No written or oral claims alleging any infringement, misappropriation, or other violation have been made against any Person by the Company. (e) The Company has taken all necessary action to maintain and protect all of the Company Intellectual Property. The Company has taken commercially reasonable measures to protect the confidentiality of all Trade Secrets and other confidential information that is Owned Intellectual Property and any confidential information owned by any Person to whom the Company has a confidentiality obligation. No such Trade Secrets or confidential information have been disclosed by the Company to any Person other than pursuant to a written agreement restricting the disclosure and use of such Trade Secrets and confidential information by such Person. No Person is in violation of any such confidentiality agreements. (f) No Person (including current and former founders, employees, contractors, and consultants of the Company) has any right, title, or interest, directly or indirectly, in whole or in part, in any Company Intellectual Property. Except as set forth on Schedule 3.11(f), all Persons who have created any portion of, or otherwise would have any rights in or to, any Intellectual Property for or on behalf of the Company have executed valid and enforceable written assignments of such Intellectual Property and waivers of all moral rights to the Company, and Seller Holders have delivered true and complete copies of such assignments to Buyer. To the Sellers’ Knowledge, no Person is in violation of any such assignment agreements. (g) No funding, facilities, or personnel of any Governmental Entity or any university or other educational institution or research organization has been used in connection with the development of any Owned Intellectual Property and the Company and its predecessors have not participated in any standards setting organization. No Governmental Entity, university or other educational institution, research organization or standards setting organization has any right, title or interest in or to any Owned Intellectual Property. (h) All IT Systems are operational, fulfill the purposes for which they were acquired or developed, have security, back-ups, and disaster recovery arrangements in place and hardware and Software capacity, support, maintenance, and trained personnel which are sufficient in all material respects for the current and currently anticipated future needs of the business of the Company. The Company has disaster recovery, data back-up, and security plans and procedures and has taken reasonable steps consistent with industry standards for similarly situated businesses to safeguard the availability, security, and integrity of the Company IT Assets and all data and information stored thereon, including from unauthorized access and infection by any (i) back door, time bomb, drop dead device, or other Software routine designed to disable a computer program automatically with the passage of time or under the positive control of a Person other than the user of the program; (ii) virus, Trojan horse, worm, or other Software routine or hardware component designed to permit unauthorized access, to disable, erase, or otherwise harm Software, hardware, or data; and (iii) similar programs. The Company has maintained in the ordinary course of business all required licenses and service contracts, including the purchase of a sufficient number of license seats for all Software, with respect to the Company IT Assets. The Company IT Assets have not suffered any material failure at any time. (i) The Company is in possession of all documentation and other materials relating to the Software used in the business of the Company that is reasonably necessary for the use, maintenance, enhancement, development, and other exploitation of such Software as used in, or currently under development for, the business of the Company, including installation and user documentation, engineering specifications, flow charts, programmers’ notes, and know-how. (j) The consummation of the transactions contemplated hereby will not result in the loss or impairment of the Company’s right to own or use any Company Intellectual Property. Immediately subsequent to the Closing, the Company Intellectual Property will be owned or available for use by the Company on terms and conditions identical to those under which the Company owns or uses the Company Intellectual Property immediately prior to the Closing, without payment of additional fees. (k) Except as set forth in Schedule 3.11(k), the Company is and within the past 5 years has been in compliance in all material respects with all applicable Privacy and Security Requirements. The Company, and to the Sellers’ Knowledge any third-party Processing Protected Data or managing technology that houses Protected Data on behalf of the Company, has not experienced any Security Breaches, and the Company is not aware of any notices or complaints from any Person regarding such a Security Breach. The Company has not received any notices or complaints from any Person regarding the unauthorized Processing of Protected Data or non-compliance with applicable Privacy and Security Requirements. (l) The Company has valid and legal rights to Process all Protected Data that is Processed by or on behalf of the Company in connection with the use and/or operation of its products, services and business, and the execution, delivery, or performance of this Agreement will not affect these rights or violate any applicable Privacy and Security Requirements. The Company has implemented, and has required all third parties that receive Protected Data from or on behalf of Company to implement, reasonable physical, technical and administrative safeguards consistent with industry standards for similarly situated businesses that are designed to protect Protected Data from unauthorized access by any Person, and to ensure compliance in all material respects with all applicable Privacy and Security Requirements. (m) Neither the Company, nor any applicably IT Assets or Protected Data, were impacted or compromised by the cyberattack on Kaseya Limited that occurred in July 2021 the (“Kaseya Incident”). The Company has, and applicable Persons that provide services to the Company have, implemented measures to protect applicable IT Assets and Protected Data from the effects of the Kaseya Incident, including but not limited to having had deployed the Sophos anti-malware and end-point detection and response solution for a period of twelve (12) months prior to the Closing Date. The Company has, and applicable Persons that provide services to the Company have, performed testing, including but not limited to a compromise assessment, and completed any maintenance, upgrades, installations, including to the extent not already implemented, administrative level password rotations and enabling multifactor authentication on all administrative IT Assets, to ensure that the Kaseya Incident did not cause an intrusion into, or compromise of, such IT Assets and Protected Data.
Appears in 1 contract
Intellectual Property; Data Privacy. (a) Schedule 3.11(a) sets forth a complete and accurate list of 3.17 lists all issued Patentspatents, pending Patent patent applications, registered Markstrademarks, pending applications for registration service marks, trade dress, logos, slogans, internet domain names, copyrights and Software that are used in each Seller’s businesses or in which any Seller claims any ownership rights. Each Seller is the owner of Marks, registered Copyrightsor duly licensed to use its Intellectual Property Assets, and pending applications for registration of Copyrights that are Owned all Intellectual Property and all material unregistered Marks that are Owned Intellectual PropertyAssets exist, including, for each item, (i) the record owner of such item, (ii) the jurisdiction have been maintained in which such item has been issued or registered or is pending and (iii) the issuance, registration or application number and date of such itemgood standing and, as applicable, have been properly assigned or licensed to each Seller. No other Person has or, to Seller’s Knowledge, claims the right to use in connection with similar or closely related goods and (iv) in the same geographic area, any mark that is identical or confusingly similar to any trademark, service mark, trade dress, logo, slogan, internet domain name or copyright owned or used by any Seller. No other Person has or, to Seller’s Knowledge, claims ownership rights in any Intellectual Property Asset, except to the extent that such Intellectual Property Asset has been properly licensed to or by each Seller. Each Seller’s use of the Intellectual Property Assets does not infringe, misappropriate or otherwise violate any intellectual property of any other Person, and, to Seller’s Knowledge, no Person has claimed any such infringement, misappropriation or other violation. To Seller’s Knowledge, no other Person is infringing, misappropriating or otherwise violating any Intellectual Property Asset. Each Seller has used commercially reasonable efforts to secure their trade secrets and any actionother proprietary non-public information. Each Seller has, filing and payment that must be taken or made within six (6) months after the Closing with respect the Purchaser will have, the legal right to the foregoinguse all copies of all Software currently used in their businesses. There is no Software that is Owned The Intellectual Property. All Property Assets constitute all of the Owned Intellectual Property that is the subject of an application, certificate, filing, registration, or other document issued by, filed with, or recorded by any Governmental Entity, quasi-governmental authority, or registrar has been maintained effective by the filing of all necessary filings, maintenance, and renewals, and timely payment of requisite fees. No loss or expiration of any Owned Intellectual Property is threatened, pending, or reasonably foreseeable, except Licenses necessary for patents expiring at the end of each Seller to conduct their statutory terms, and not businesses as a result of any act or omission by the Company (including failure by the Company to pay any required maintenance fees)currently conducted.
(b) The Company owns all rightEach Seller has used commercially reasonable efforts to safeguard the information technology systems utilized in their businesses, titleincluding the implementation of policies and procedures to ensure that such systems are free from disabling codes or instructions, and interest intime, or has a valid and enforceable written license copy protection device, clock, counter or other permission to uselimiting design or routing and any “back door,” “time bomb,” “Trojan horse,” “worm,” “drop dead device,” “virus” or other Software or hardware that permit unauthorized access or the unauthorized disablement or erasure of data or other Software. To Seller’s Knowledge, all Company Intellectual Propertythere have been no successful unauthorized intrusions or breaches of the security of such systems. The Company is Within the sole and exclusive owner last twelve (12) months preceding the Closing, there have been no failures, breakdowns, continued substandard performance or other adverse events affecting any of all Owned Intellectual Property, free and clear each Seller’s information technology systems that has materially disrupted the use of all Liens other than Permitted Liens. All Owned Intellectual Property is valid, subsisting, and enforceablesuch information technology systems or the conduct of each Seller’s businesses.
(c) The CompanyEach Seller is operating and, since January 1, 2019, has operated in material compliance with all Information Privacy and the former and current conduct of the business of the Company and the products and services thereofSecurity Laws. To Seller’s Knowledge, including the manufacture, making, use, offer for sale, sale, licensing, distribution, importation, and other commercial exploitation of such products and services and the Company Intellectual Property have not infringed, misappropriated, or otherwise violated, and do not infringe, misappropriate, or otherwise violate, any Intellectual Property rights or rights of publicity of any Person. The Company is not the subject of any pending legal proceeding that either alleges a claim of infringement, misappropriation, each Seller has experienced no incidences in which Personal Information or other violation of any Intellectual Property sensitive data was or rights of publicity of any Person, may have been stolen or challenges the ownership, use, patenting, registration, validity, or enforceability of any Owned Intellectual Propertyimproperly accessed, and no such claims have been asserted or threatened against the Company. No Person Seller has notified the Company any basis to believe that any such theft or improper access has occurred. Each Seller maintains data security measures that are consistent with applicable industry practices and standards and any applicable requirements under Contracts to which any Seller is party or by which they are bound. Each Seller engages independent external auditors to review periodically such Seller’s security practices against various applicable standards (e.g., SSAE 16, ISO 27001, Payment Card Industry (PCI) standards), and each Seller has remediated any deficiencies noted during such testing. Each Seller utilizes enhanced controls (including encryption at rest and during transmission) for “special” categories of Personal Information, based on the confidential nature of such Person’s Intellectual Property rights or rights of publicity are infringed, misappropriated, or violated by information and the Company or that the Company requires a license to any of such Person’s Intellectual Property rights.
(d) To the Sellers’ Knowledge, no Person has infringed, misappropriated, or otherwise violated, or is infringing, misappropriating, or otherwise violating, any Owned Intellectual Property. No written or oral claims alleging any infringement, misappropriation, or other violation have been made against any Person by the Company.
(e) The Company has taken all necessary action to maintain and protect all of the Company Intellectual Property. The Company has taken commercially reasonable measures regulatory requirements to protect the confidentiality of all Trade Secrets and other confidential information that is Owned Intellectual Property and any confidential information owned by any Person to whom the Company has a confidentiality obligation. No such Trade Secrets or confidential information have been disclosed by the Company to any Person other than pursuant to a written agreement restricting the disclosure and use of such Trade Secrets and confidential information by such Person. No Person is in violation of any such confidentiality agreementsinformation.
(f) No Person (including current and former founders, employees, contractors, and consultants of the Company) has any right, title, or interest, directly or indirectly, in whole or in part, in any Company Intellectual Property. Except as set forth on Schedule 3.11(f), all Persons who have created any portion of, or otherwise would have any rights in or to, any Intellectual Property for or on behalf of the Company have executed valid and enforceable written assignments of such Intellectual Property and waivers of all moral rights to the Company, and Seller Holders have delivered true and complete copies of such assignments to Buyer. To the Sellers’ Knowledge, no Person is in violation of any such assignment agreements.
(g) No funding, facilities, or personnel of any Governmental Entity or any university or other educational institution or research organization has been used in connection with the development of any Owned Intellectual Property and the Company and its predecessors have not participated in any standards setting organization. No Governmental Entity, university or other educational institution, research organization or standards setting organization has any right, title or interest in or to any Owned Intellectual Property.
(h) All IT Systems are operational, fulfill the purposes for which they were acquired or developed, have security, back-ups, and disaster recovery arrangements in place and hardware and Software capacity, support, maintenance, and trained personnel which are sufficient in all material respects for the current and currently anticipated future needs of the business of the Company. The Company has disaster recovery, data back-up, and security plans and procedures and has taken reasonable steps consistent with industry standards for similarly situated businesses to safeguard the availability, security, and integrity of the Company IT Assets and all data and information stored thereon, including from unauthorized access and infection by any (i) back door, time bomb, drop dead device, or other Software routine designed to disable a computer program automatically with the passage of time or under the positive control of a Person other than the user of the program; (ii) virus, Trojan horse, worm, or other Software routine or hardware component designed to permit unauthorized access, to disable, erase, or otherwise harm Software, hardware, or data; and (iii) similar programs. The Company has maintained in the ordinary course of business all required licenses and service contracts, including the purchase of a sufficient number of license seats for all Software, with respect to the Company IT Assets. The Company IT Assets have not suffered any material failure at any time.
(i) The Company is in possession of all documentation and other materials relating to the Software used in the business of the Company that is reasonably necessary for the use, maintenance, enhancement, development, and other exploitation of such Software as used in, or currently under development for, the business of the Company, including installation and user documentation, engineering specifications, flow charts, programmers’ notes, and know-how.
(j) The consummation of the transactions contemplated hereby will not result in the loss or impairment of the Company’s right to own or use any Company Intellectual Property. Immediately subsequent to the Closing, the Company Intellectual Property will be owned or available for use by the Company on terms and conditions identical to those under which the Company owns or uses the Company Intellectual Property immediately prior to the Closing, without payment of additional fees.
(k) Except as set forth in Schedule 3.11(k), the Company is and within the past 5 years has been in compliance in all material respects with all applicable Privacy and Security Requirements. The Company, and to the Sellers’ Knowledge any third-party Processing Protected Data or managing technology that houses Protected Data on behalf of the Company, has not experienced any Security Breaches, and the Company is not aware of any notices or complaints from any Person regarding such a Security Breach. The Company has not received any notices or complaints from any Person regarding the unauthorized Processing of Protected Data or non-compliance with applicable Privacy and Security Requirements.
(l) The Company has valid and legal rights to Process all Protected Data that is Processed by or on behalf of the Company in connection with the use and/or operation of its products, services and business, and the execution, delivery, or performance of this Agreement will not affect these rights or violate any applicable Privacy and Security Requirements. The Company has implemented, and has required all third parties that receive Protected Data from or on behalf of Company to implement, reasonable physical, technical and administrative safeguards consistent with industry standards for similarly situated businesses that are designed to protect Protected Data from unauthorized access by any Person, and to ensure compliance in all material respects with all applicable Privacy and Security Requirements.
(m) Neither the Company, nor any applicably IT Assets or Protected Data, were impacted or compromised by the cyberattack on Kaseya Limited that occurred in July 2021 the (“Kaseya Incident”). The Company has, and applicable Persons that provide services to the Company have, implemented measures to protect applicable IT Assets and Protected Data from the effects of the Kaseya Incident, including but not limited to having had deployed the Sophos anti-malware and end-point detection and response solution for a period of twelve (12) months prior to the Closing Date. The Company has, and applicable Persons that provide services to the Company have, performed testing, including but not limited to a compromise assessment, and completed any maintenance, upgrades, installations, including to the extent not already implemented, administrative level password rotations and enabling multifactor authentication on all administrative IT Assets, to ensure that the Kaseya Incident did not cause an intrusion into, or compromise of, such IT Assets and Protected Data.
Appears in 1 contract
Intellectual Property; Data Privacy. (a) Schedule 3.11(a5.11(a)(i) sets forth contains a complete and accurate list of all issued Patents, pending Patent applications, registered Marks, pending applications for registration items of Marks, registered Copyrights, and pending applications for registration of Copyrights that are Owned Intellectual Property and all material unregistered Marks that are Owned Intellectual Property, including, for each item, (i) that are the record owner subject of such item, any registration or application for registration with any Governmental Body (the “Registered Intellectual Property”) and (ii) that are material unregistered trademarks owned by the jurisdiction Company. Except as disclosed in which such item has been issued or registered or is Schedule 5.11(a)(ii), all registrations for Registered Intellectual Property identified in Schedule 5.11(a)(i) are valid and in force, and all applications to register Registered Intellectual Property so identified are pending and (iii) the issuancein good standing, registration or application number and date of such item, as applicable, and (iv) and any action, filing and payment that must be taken or made within six (6) months after the Closing with respect to the foregoing. There is no Software that is Owned Intellectual Property. All of the Owned Intellectual Property that is the subject of an application, certificate, filing, registration, or other document issued by, filed with, or recorded by any Governmental Entity, quasi-governmental authority, or registrar has been maintained effective by the filing of all necessary filings, maintenance, and renewals, and timely payment of requisite fees. No loss or expiration without challenge of any Owned Intellectual Property is threatened, pending, or reasonably foreseeable, except for patents expiring at the end of their statutory terms, and not as a result of any act or omission by the Company (including failure by the Company to pay any required maintenance fees)kind.
(b) The Except as disclosed in Schedule 5.11(b) the Company owns all the entire right, title, title and interest in, or has a valid in and enforceable written license or other permission to use, all Company Intellectual Property. The Company is the sole and exclusive owner of all Owned Intellectual Property, free and clear of all Liens other than Encumbrances (except for Permitted Liens. All Encumbrances), and has the right to use all Owned Intellectual Property without the payment of any royalties or other amounts to any other Person. The Company owns, or otherwise uses under a valid license, all Business IP. The Company has performed all material obligations that have been required to be performed by it under any license to Intellectual Property included in Business IP and the Company is valid, subsisting, and enforceablenot in default or breach of any such license to Intellectual Property.
(c) The CompanyExcept with respect to any services that will be provided under the Transition Services Agreement and as disclosed in Schedule 5.11(c), and the former and current conduct Business IP includes all of the business of the Company and the products and services thereof, including the manufacture, making, use, offer for sale, sale, licensing, distribution, importation, and other commercial exploitation of such products and services and the Company Intellectual Property have not infringed, misappropriated, or otherwise violated, and do not infringe, misappropriate, or otherwise violate, any Intellectual Property rights or rights of publicity of any Person. The Company is not the subject of any pending legal proceeding that either alleges a claim of infringementused in, misappropriationheld for use in, or other violation of any Intellectual Property or rights of publicity of any Personnecessary (i) to provide, or challenges sell and/or license the ownershipproducts and/or services currently provided, use, patenting, registration, validity, or enforceability of any Owned Intellectual Property, and no such claims have been asserted or threatened against the Company. No Person has notified the Company that any of such Person’s Intellectual Property rights or rights of publicity are infringed, misappropriated, or violated sold and/or licensed by the Company or that the Company requires a license to any of such Person’s Intellectual Property rights.
(d) To the Sellers’ Knowledge, no Person has infringed, misappropriated, or otherwise violated, or is infringing, misappropriating, or otherwise violating, any Owned Intellectual Property. No written or oral claims alleging any infringement, misappropriation, or other violation have been made against any Person by the Company.
(e) The Company has taken all necessary action to maintain and protect all of the Company Intellectual Property. The Company has taken commercially reasonable measures to protect the confidentiality of all Trade Secrets and other confidential information that is Owned Intellectual Property and any confidential information owned by any Person to whom the Company has a confidentiality obligation. No such Trade Secrets or confidential information have been disclosed by the Company to any Person other than pursuant to a written agreement restricting the disclosure and use of such Trade Secrets and confidential information by such Person. No Person is in violation of any such confidentiality agreements.
(f) No Person (including current and former founders, employees, contractors, and consultants of the Company) has any right, title, or interest, directly or indirectly, in whole or in part, in any Company Intellectual Property. Except as set forth on Schedule 3.11(f), all Persons who have created any portion of, or otherwise would have any rights in or to, any Intellectual Property for or on behalf of the Company have executed valid and enforceable written assignments of such Intellectual Property and waivers of all moral rights to the Company, and Seller Holders have delivered true and complete copies of such assignments to Buyer. To the Sellers’ Knowledge, no Person is in violation of any such assignment agreements.
(g) No funding, facilities, or personnel of any Governmental Entity or any university or other educational institution or research organization has been used in connection with the development of any Owned Intellectual Property and the Company and its predecessors have not participated in any standards setting organization. No Governmental Entity, university or other educational institution, research organization or standards setting organization has any right, title or interest in or to any Owned Intellectual Property.
(h) All IT Systems are operational, fulfill the purposes for which they were acquired or developed, have security, back-ups, and disaster recovery arrangements in place and hardware and Software capacity, support, maintenance, and trained personnel which are sufficient in all material respects for the current and currently anticipated future needs of the business of the Company. The Company has disaster recovery, data back-up, and security plans and procedures and has taken reasonable steps consistent with industry standards for similarly situated businesses to safeguard the availability, security, and integrity of the Company IT Assets and all data and information stored thereon, including from unauthorized access and infection by any (i) back door, time bomb, drop dead device, or other Software routine designed to disable a computer program automatically with the passage of time or under the positive control of a Person other than the user of the program; (ii) virus, Trojan horse, worm, or other Software routine or hardware component designed to permit unauthorized access, to disable, erase, or otherwise harm Software, hardware, or data; and (iii) similar programsconduct the Business as presently conducted. The Company has maintained in the ordinary course of business all required licenses and service contracts, including the purchase of a sufficient number of license seats for all Software, with respect to the Company IT Assets. The Company IT Assets have not suffered any material failure at any time.
(i) The Company is in possession of all documentation and other materials relating to the Software used in the business of the Company that is reasonably necessary for the use, maintenance, enhancement, development, and other exploitation of such Software as used in, or currently under development for, the business of the Company, including installation and user documentation, engineering specifications, flow charts, programmers’ notes, and know-how.
(j) The consummation of the transactions contemplated hereby will not result alter or impair any such Intellectual Property rights, including any right of the Company to use or sublicense any Intellectual Property rights owned by other Persons. No Owned Intellectual Property was developed, created, or modified with any funding from any Governmental Body or any academic institution. With respect to each item of Registered Intellectual Property, (A) the Company is or will be as of the Closing the record owner of each application and registration, (B) such applications and registrations have been duly maintained, are subsisting, in full force and effect, and have not been cancelled, expired or abandoned and are valid, (C) there are no pending or threatened interferences, re-examinations, oppositions or cancellation proceedings involving such applications or registrations, and (D) such applications and registrations have been prosecuted in accordance with all applicable rules, practices and procedures of the U.S. Patent and Trademark Office or other applicable Governmental Body. All fees, including renewal and maintenance fees, and all filings and fees in respect of each such application and registration that are due prior to the Closing Date (if applicable) have been made or paid or will be made or paid, and all registrations therefor are and shall be as of the Closing Date, subsisting, valid and enforceable.
(d) The Company has taken commercially reasonable measures, and has reasonable policies and internal procedures (as reasonably necessary and/or as required by applicable Requirements of Law), designed to maintain and protect the confidentiality of all of the trade secrets, proprietary software source code, and all other proprietary and confidential information of the Business, including all data associated with individual persons within the meaning of applicable Information Privacy and Security Laws, including personally identifiable information, personal data of consumers, customers, directors, employees and agents of the Business (collectively, the “Business Confidential Information”). The Seller has adopted commercially reasonable measures designed to protect Business Confidential Information that may be shared with any Person, including ensuring proper authorization and pursuant to written confidentiality agreements, where appropriate. All use, disclosure or appropriation of any trade secret or otherwise confidential or proprietary information not owned by Seller or the Company that had been provided to Seller or the Company in relation to the Business has been used pursuant to the terms of a written agreement between Seller or the Company on the one hand, and the owner of such trade secret or confidential or proprietary information on the other hand, or is otherwise lawful. Neither the Seller nor the Company has received any notice from any Person that there has been an unauthorized use or disclosure of any trade secrets or otherwise confidential or proprietary information provided in relation to the Business.
(e) No former or current employee, consultant or independent contractor of the Company has asserted any claim or right to any of the Owned Intellectual Property. Each consultant and independent contractor of the Business that has participated in or been involved in the loss development of any material Owned Intellectual Property has entered into a valid and enforceable written agreement with the Company presently assigning all Intellectual Property rights created, developed, modified or impairment enhanced by such Person to the Company and prohibiting such Person from using or disclosing Business Confidential Information in any manner other than as authorized by the Company.
(f) Schedule 5.11(i) sets forth a true, correct, and complete list of all material proprietary software used as part of the Business (collectively “Business Software”). None of the Business Software references, incorporates, or links (dynamically or statically) in any manner to any open source software associated with a license that would (i) require the disclosure or distribution of any source code or raw data form, or (ii) require licensing for the purpose of making derivative works or impose any restriction on any rights, in each case in relation to any Business Software.
(g) The Company is in actual possession of and has exclusive control over, and has valid and enforceable rights to use without restriction (other than as set forth in any applicable licenses to the Company, copies of which have been made available to Buyer), all data, data sets and databases used in, held for use in, or necessary for the conduct of the Business (including as related to legacy products and products that have been or are in the process of being developed) (collectively, “Company Data and Data Sets”), and all Company Data and Data Sets relating to the Business are solely owned by the Company or provided under valid, enforceable, licenses to the Company.
(h) Except as disclosed in Schedule 5.11(k): (i) no infringement by the Company of any Intellectual Property of any other Person has occurred or resulted in any way from the conduct of the Business; (ii) no written notice of a claim of any infringement of any Intellectual Property of any other Person has been received by the Company in respect of the conduct of the Business; and (iii) to the Knowledge of Seller, no other Person is infringing on any of the Owned Intellectual Property.
(i) Except as disclosed in Schedule 5.11(l), no Proceedings are pending or to the Knowledge of Seller threatened against the Company that challenge the validity, enforceability or ownership of any Registered Intellectual Property.
(j) All of the information technology systems and software of the Business (collectively, the “IT Systems”) are owned by, or validly licensed, leased or supplied under a written contract or click or shrink-wrap agreement with the Company, and they comprise all of the IT Systems that are required to carry on the Business immediately after the Closing Date and as it was carried out in the twelve (12) months prior to the Closing Date. None of the Company’s right to own or use any Company Intellectual Property. Immediately subsequent rights with respect to the ClosingIT Systems will be lost or subject to termination by virtue of the performance of this Agreement. The Company has maintained commercially reasonable administrative, physical and technical safeguards consistent with normal industry practice that are designed to (i) protect the confidentiality, integrity and accessibility of IT Systems and information contained therein (including Intellectual Property rights, Business Confidential Information, and all other information subject to confidentiality obligations), and specifically, (ii) prevent against loss and unauthorized access, use, modification, disclosure or other use of such information that would not, in each foregoing case, be consistent with the published privacy policy of the Company Intellectual Property will be owned or available for use by and each Contract to which it is a party. The IT Systems (A) have not caused the Company on terms to fail to comply with any obligations in its Contracts with customers for the Business products or services in any material respect, (B) none of the Company Data & Datasets (including Business IP, Business Confidential Information, and conditions identical data owned by customers with which any of the Company has a Contract) that the IT Systems store or process has been corrupted to those under a material extent, and (C) and none of the Company Data & Datasets (including Business IP, Business Confidential Information, and data owned by customers with which the Company owns has a Contract) that the IT Systems store or uses the Company Intellectual Property immediately prior to the Closing, without payment of additional fees.
(k) Except as set forth in Schedule 3.11(k), the Company is and within the past 5 years process has been subject to any actual or suspected material data loss or theft, unauthorized access, malware intrusion, or other cybersecurity breach (including ransomware). The Company has been, and is, in compliance in all material respects with all applicable contractual obligations concerning the security and privacy of IT Systems and information contained therein (including in relation to Intellectual Property rights, Business Confidential Information and customer data, and other information subject to confidentiality obligations) in all material respects.
(k) To the extent the Company collects, processes, uses or stores any Personal Data, the Company has in place publicly published privacy policies regarding the collection, use and disclosure of Personal Data in their possession, custody or control, or otherwise held or processed on its behalf. The Company has complied in all material respects with all Information Privacy and Security Requirements. The CompanyLaws, its own privacy policies, and all Contracts to which it is a party in relation to the Sellers’ Knowledge any third-party Processing Protected Data Business that contain, involve or managing technology that houses Protected Data on behalf of the Company, has not experienced any Security Breaches, and the Company is not aware of any notices or complaints from any Person regarding such a Security Breachdeal with Personal Data. The Company has not received been notified of any notices Proceeding related to data security or complaints from privacy or alleging a violation of any Person regarding of their privacy policies or, or those used in connection with the unauthorized Processing of Protected Data Business, or non-compliance with applicable any Information Privacy and Security Requirements.
(l) Laws, nor has any such claim been threatened. The Company has valid taken commercially reasonable measures designed to protect and legal rights to Process maintain the confidentiality of all Protected Personal Data that is Processed collected by or on behalf of the Company in connection with the use and/or operation Business and to maintain the security of its productstheir data storage practices for Personal Data, services and businessin each case, and the execution, delivery, or performance of this Agreement will not affect these rights or violate any in accordance with applicable Information Privacy and Security RequirementsLaws and consistent with commercially reasonable industry practices applicable to such types of data gathered and maintained in the industry in which the Company conduct the Business. The Company has implementedtaken commercially reasonable steps to ensure that all third-party service providers, and has required all third parties that receive Protected contractors, or other persons who process, store, or otherwise handle Personal Data from for or on behalf of the Company have agreed to implement, reasonable physical, technical and administrative safeguards consistent materially comply with industry standards for similarly situated businesses that are designed to protect Protected Data from unauthorized access by any Person, and to ensure compliance in all material respects with all applicable Information Privacy and Security Requirements.
Laws. In the past three (m3) Neither years, there has been no unauthorized access, use, or disclosure of Personal Data in the possession or control of the Company, nor any applicably IT Assets or Protected Data, were impacted or compromised by the cyberattack on Kaseya Limited that occurred in July 2021 the (“Kaseya Incident”). The Company has, and applicable Persons that provide services to the Company have, implemented measures to protect applicable IT Assets and Protected Data from the effects of the Kaseya Incident, including but not limited to having had deployed the Sophos anti-malware and end-point detection and response solution for a period of twelve (12) months prior to the Closing Date. The Company has, and applicable Persons that provide services to the Company have, performed testing, including but not limited to a compromise assessment, and completed any maintenance, upgrades, installations, including to the extent not already implemented, administrative level password rotations and enabling multifactor authentication on all administrative IT Assets, to ensure that the Kaseya Incident did not cause an intrusion into, or compromise of, such IT Assets and Protected Data.
Appears in 1 contract
Intellectual Property; Data Privacy. (a) Schedule 3.11(aExcept as set forth in Section 3.10(a) sets forth a complete of the Disclosure Letter, the Company is the sole and accurate list of all issued Patents, pending Patent applications, registered Marks, pending applications for registration of Marks, registered Copyrightsexclusive legal and beneficial, and pending applications for registration of Copyrights that are Owned Intellectual Property and all material unregistered Marks that are with respect to Registered Owned Intellectual Property, including, for each item, (i) the record owner of such item, (ii) the jurisdiction in which such item has been issued or registered or is pending and (iii) the issuance, registration or application number and date of such item, as applicable, and (iv) and any action, filing and payment that must be taken or made within six (6) months after the Closing with respect to the foregoing. There is no Software that is Owned Intellectual Property. All of the Owned Intellectual Property that is the subject of an application, certificate, filing, registration, or other document issued by, filed with, or recorded by any Governmental Entity, quasi-governmental authority, or registrar has been maintained effective by the filing of all necessary filings, maintenance, and renewals, and timely payment of requisite fees. No loss or expiration of any Owned Intellectual Property is threatened, pending, or reasonably foreseeable, except for patents expiring at the end of their statutory terms, and not as a result of any act or omission by the Company (including failure by the Company to pay any required maintenance fees).
(b) The Company owns all right, title, and interest inin and to the Owned Intellectual Property, or and has a the valid and enforceable written license or other permission right to use, use all Company Intellectual Property. The Company is Property necessary for the sole operation of the Business as currently conducted and exclusive owner of all Owned Intellectual Propertyas proposed to be conducted, in each case, free and clear of all Liens other than (except Permitted Liens. All ).
(b) Section 3.10(b) of the Disclosure Letter lists all Owned Intellectual Property as of the date hereof that is validsubject to any issuance, subsistingregistration, or application by or with any Governmental Authority or authorized private registrar in any jurisdiction, and enforceablepending applications for any of the foregoing (the “Registered Owned Intellectual Property”).
(c) The CompanyAll of the Registered Owned Intellectual Property is valid and enforceable, and the former and current conduct of the business of the Company and the products and services thereof, including the manufacture, making, use, offer for sale, sale, licensing, distribution, importation, and other commercial exploitation of such products and services and the Company Intellectual Property have not infringed, misappropriated, or otherwise violated, and do not infringe, misappropriate, or otherwise violate, any Intellectual Property rights or rights of publicity of any Person. The Company is not the subject of any pending legal proceeding that either alleges a claim of infringement, misappropriation, or other violation of any Intellectual Property or rights of publicity of any Person, or challenges the ownership, use, patenting, registration, validity, or enforceability of any with respect to all Registered Owned Intellectual Property, such applications and no such claims have been asserted or threatened against registrations are subsisting and in full force and effect. Seller Group has taken commercially reasonable steps to maintain the Company. No Person has notified the Company that any of such Person’s material Owned Intellectual Property rights and to preserve the confidentiality of all material trade secrets included therein. None of the Owned Intellectual Property has any renewal or rights of publicity are infringed, misappropriatedmaintenance deadlines, or violated by any payments of fees, due within the Company or that six (6) months following the Company requires a license to any of such Person’s Intellectual Property rightsClosing.
(d) To the Sellers’ Seller’s Knowledge, neither the Company, nor any other party is, or is alleged to be, in breach of or default under, or has provided or received any notice of breach of, default under, or intention to terminate (including by non-renewal), any agreement materially concerning Company Intellectual Property.
(e) Except as set forth in Section 3.10(e) of the Disclosure Letter, the consummation of the Contemplated Transactions will not result in the breach of, or create on behalf of any third party the right to terminate or modify, any agreement to which the Company is a party and pursuant to which the Company is authorized or licensed to use any Company Intellectual Property.
(f) Except as disclosed on Section 3.10(f) of the Disclosure Letter, to Seller’s Knowledge, during the past three (3) years, there has been no Person data breach or other security incident that has resulted in material unauthorized access, disclosure, use, denial of use, alteration, corruption, destruction, or material loss or theft of Personal Information or that has caused or would reasonably be expected to cause a material disruption to the conduct of the Business of the Company (a “Security Incident”). At no time has the Company notified and, to the Knowledge of the Seller, there have been no facts or circumstances that would require the Company to notify, any Governmental Authority or other third party (other than for the purpose of investigating the Security Incident) of any Security Incident. The Contemplated Transactions do not violate any material third-party privacy policy or terms of use relating to the Processing of any Personal Information.
(g) The Company is not infringing, misappropriating, diluting or otherwise violating any third party’s Intellectual Property rights, and the Company has not infringed, misappropriated, diluted or otherwise violatedviolated any third party’s Intellectual Property during the past three (3) years. There are no actions (including any opposition, cancellation, revocation, inter partes review, or is infringingother proceeding) that are pending or, misappropriatingto the Seller’s Knowledge, or otherwise violating, any Owned Intellectual Property. No threatened in writing (including in the form of written or oral claims offers to obtain a license): (i) alleging any infringement, misappropriation, or other violation have been made against by Seller Group of any Person third party’s Intellectual Property rights by the Company.
(e) The Company has taken all necessary action to maintain and protect all operation of the Company Business; (ii) challenging the validity, enforceability, registrability, patentability, or ownership of any Owned Intellectual Property. The Company has taken commercially reasonable measures to protect the confidentiality , or of all Trade Secrets and other confidential information that is Owned Intellectual Property and any confidential information owned by any Person to whom the Company has a confidentiality obligation. No such Trade Secrets or confidential information have been disclosed by the Company to any Person other than pursuant to a written agreement restricting the disclosure and use of such Trade Secrets and confidential information by such Person. No Person is in violation of any such confidentiality agreements.
(f) No Person (including current and former founders, employees, contractors, and consultants of the Company) has any Seller Group’s right, title, or interest, directly or indirectly, in whole or in part, in any Company Intellectual Property. Except as set forth on Schedule 3.11(f), all Persons who have created any portion of, or otherwise would have any rights in or to, any Intellectual Property for or on behalf of the Company have executed valid and enforceable written assignments of such Intellectual Property and waivers of all moral rights to the Company, and Seller Holders have delivered true and complete copies of such assignments to Buyer. To the Sellers’ Knowledge, no Person is in violation of any such assignment agreements.
(g) No funding, facilities, or personnel of any Governmental Entity or any university or other educational institution or research organization has been used in connection with the development of any Owned Intellectual Property and the Company and its predecessors have not participated in any standards setting organization. No Governmental Entity, university or other educational institution, research organization or standards setting organization has any right, title or interest in or to any Owned Intellectual Property; or (iii) by Seller Group alleging any infringement, misappropriation, or other violation by any third party of the Owned Intellectual Property. To Seller’s Knowledge, there are no facts or circumstances that could reasonably give rise to any such action. To Seller’s Knowledge, the Company is not subject to any outstanding or prospective Governmental Order (including any motion or petition therefor) that does or could reasonably be expected to restrict or impair the ownership or use of any Company Intellectual Property.
(h) All IT Systems are operational, fulfill Seller Group has taken commercially reasonable precautions to protect the purposes for which they were acquired or developed, have security, back-upssecrecy, and disaster recovery arrangements in place and hardware and Software capacity, support, maintenance, and trained personnel which are sufficient in confidentiality of all material respects for the current and currently anticipated future needs of the business of the Company. The Company has disaster recovery, data back-up, and security plans and procedures and has taken reasonable steps consistent with industry standards for similarly situated businesses to safeguard the availability, security, and integrity trade secrets of the Company IT Assets and all data and information stored thereonused in the Business. To Seller’s Knowledge, including from unauthorized access and infection by any (i) back doorno material trade secret included in the Owned Intellectual Property has been used, time bomb, drop dead devicedivulged, or other Software routine designed to disable a computer program automatically with appropriated either for the passage of time or under the positive control benefit of a Person third party (other than a member of Seller Group or any of their contractual counterparts pursuant to a confidentiality agreement) or to the user detriment of the program; (ii) virus, Trojan horse, worm, or other Software routine or hardware component designed to permit unauthorized access, to disable, erase, or otherwise harm Software, hardware, or data; and (iii) similar programs. The Company has maintained in the ordinary course of business all required licenses and service contracts, including the purchase of a sufficient number of license seats for all Software, with respect to the Company IT Assets. The Company IT Assets have not suffered any material failure at any timeBusiness.
(i) The Company is in possession of all documentation and other materials relating to the Software used in the business Except as disclosed on Section 3.10(i) of the Disclosure Letter, the Company that is reasonably necessary for the does not own, use, maintenanceor hold for use, enhancementany Software other than commercially available, development, and other exploitation off the shelf Software with annual payments of such Software as used in, $50,000 or currently under development for, the business of the Company, including installation and user documentation, engineering specifications, flow charts, programmers’ notes, and know-howless.
(j) The consummation Section 3.10(j) of the transactions contemplated hereby will Disclosure Letter lists all of the Internet web sites and Internet domain names, as of the date hereof, owned by the Company or used in conducting the Business, or in which the Company has any rights, and such schedule includes the name of the Person to whom such Internet web sites are registered (collectively, the “Internet Rights”). Except as would not result in be reasonably expected to be material to the loss or impairment Business of the Company’s right to own or use any Company Intellectual Property. Immediately subsequent to , all Internet Rights are, and for the Closinglast three (3) years have been, the Company Intellectual Property will be owned or available for use by the Company on terms owned, operated, and conditions identical to those under which the Company owns or uses the Company Intellectual Property immediately prior to the Closing, without payment of additional feesmaintained in compliance with Applicable Law.
(k) Except as set forth in Schedule 3.11(k), the Company is and within the past 5 years has been in compliance in all material respects with all applicable Privacy and Security Requirements. The Company, and and, to the Sellers’ Knowledge any third-party Processing Protected Data or managing technology that houses Protected Data on behalf of the CompanySeller, has not experienced any Security Breachesall vendors, and the Company is not aware of any notices processors, or complaints from any Person regarding such a Security Breach. The Company has not received any notices or complaints from any Person regarding the unauthorized Processing of Protected Data or non-compliance with applicable Privacy and Security Requirements.
(l) The Company has valid and legal rights to Process all Protected Data that is Processed by other third parties acting for or on behalf of the Company in connection with the Processing of Personal Information in the possession or control of the Company, comply and since the Lookback Date have complied, in all material respects, with all of the following in the conduct of the Business of the Company: (i) Privacy Laws; (ii) applicable industry standards (including, if applicable, the National Institute of Standards and Technology (NIST) Cybersecurity Framework and PCI-DSS); (iii) the Business Privacy and Data Security Policies; and (iv) contractual requirements or terms of use and/or operation concerning the Processing of its productsPersonal Information to which the Company is or was a party or otherwise bound.
(l) To the Knowledge of the Seller and except as would not be material to the Business of the Seller Group, services and business, and the execution, delivery, or and performance of this Agreement and the consummation of the Contemplated Transactions hereby do not and will not affect these rights not: (i) conflict with or violate result in a violation or breach of any applicable Privacy Laws or Business Privacy and Data Security Requirements. The Policies (as currently existing or as existing at any time during which any Personal Information was collected or Processed by or for the Company has implemented, and has required all third parties that receive Protected Data from in the conduct of its Business); or on behalf (ii) require the consent of Company or notice to implement, reasonable physical, technical and administrative safeguards consistent with industry standards for similarly situated businesses that are designed to protect Protected Data from unauthorized access by any Person concerning such Person, and to ensure compliance in all material respects with all applicable Privacy and Security Requirements’s Personal Information.
(m) Neither Since the Lookback Date, to the extent required by Privacy Laws, the Company has posted to its website and mobile applications and provided or otherwise made available in connection with its products or services, a privacy policy and terms of use. No disclosure or representation made or contained in any privacy policy or terms of use since the Lookback Date has been inaccurate, misleading, deceptive, or in violation of any Privacy Laws (including by containing any material omission) in any material respect. The Company and, to the Knowledge of the Seller, any vendor, processor, or other third party Processing Personal Information for or on behalf of the Company are and at all times since the Lookback Date have been in compliance with the privacy policies and terms of use in all material respects.
(n) During the past three (3) years, the Company has not received any written notice, request, claim, complaint, correspondence, or other communication in writing from any Governmental Authority or other third party, and to the Knowledge of the Seller there has not been any audit, investigation, enforcement action (including any fines or other sanctions), or other Action, relating to any actual or alleged Security Incident or violation of any Privacy Law or Business Privacy and Data Security Policy, in each case, with respect to the Processing of Personal Information in the possession or control of the Company, nor or held or Processed by any applicably IT Assets vendor, processor, or Protected Dataother third party for or on behalf of the Company, were impacted in the conduct of the Business of the Company. To Seller’s Knowledge, there are no facts or compromised circumstances that would reasonably be expected to give rise to any of the foregoing.
(o) The Company has at all times since the Lookback Date implemented and maintained, and use commercially reasonable efforts to require all vendors, processors, and other third parties that Process any Personal Information for or on behalf of the Company in any material respect to implement and maintain, commercially reasonable security measures, plans, procedures, controls, and programs, including written information security programs, to: (i) identify and address internal and external risks to the privacy and security of Personal Information in their possession or control; (ii) implement, monitor, and improve adequate and effective administrative, technical, and physical safeguards to protect such Personal Information and the operation, integrity, and security of its software, systems, applications, and websites involved in the Processing of Personal Information; and (iii) provide required notification in compliance with applicable Privacy Laws in the case of any Security Incident.
(p) The Company has regularly (and at least annually) performed a security risk assessment and obtained an independent vulnerability assessment performed by a recognized third-party audit firm, in each case to the cyberattack on Kaseya Limited that occurred in July 2021 the (“Kaseya Incident”)extent required by applicable Privacy Laws. The Company hashas used reasonable efforts to address and remediate all critical or high risk threats and deficiencies identified in each such assessment.
(q) Except as would not be reasonably expected to be material to the Business of the Company, at all times since the Lookback Date, the Company has maintained a cyber-insurance policy that is adequate and suitable for the nature and volume of Personal Information Processed by or on behalf of the Company in the conduct of its Business and is sufficient for compliance with all Applicable Laws and contracts to which the Company is a party or by which it is bound.
(r) The Company is and since the Lookback Date has been in compliance with the applicable portions of the PCI-DSS in all material respects, as it has been amended from time-to-time. To Seller’s Knowledge, with respect to payment card transactions or information processed in any way (including any processing, storing or communication of transaction data or payment card data), the engaged third-party vendors are in compliance with the PCI-DSS as applicable to service providers.
(s) The Company’s Computer Systems: (i) are reasonably sufficient to meet the data processing and other computing needs of the Company, and applicable Persons their Business and operations as presently conducted; (ii) function, operate, process and compute in accordance with all Applicable Laws; and (iii) are free from any Destructive Mechanisms that provide services have caused a material disruption to the Company have, implemented measures to protect applicable IT Assets and Protected Data from Business since the effects of the Kaseya Incident, including but not limited to having had deployed the Sophos anti-malware and end-point detection and response solution for a period of twelve (12) months prior to the Closing Lookback Date. The Company has, has taken reasonable steps and applicable Persons that provide services implemented reasonable procedures designed to detect and prevent Destructive Mechanisms from the Computer Systems. The Company have, performed testing, including but not limited has in place commercially reasonable back-up systems and disaster recovery plans and procedures designed to a compromise assessment, and completed maintain the continuing availability of the functionality provided by material Computer Systems in the event of any maintenance, upgrades, installations, including to the extent not already implemented, administrative level password rotations and enabling multifactor authentication on all administrative IT Assets, to ensure that the Kaseya Incident did not cause an intrusion into, malfunction or compromise of, other form of disaster affecting such IT Assets and Protected Datamaterial Computer Systems.
Appears in 1 contract
