Intellectual Property; IT Assets; Data Privacy. (a) Schedule 6.27(a)(i) of the Disclosure Schedules contains a complete list of (i) all Registered Intellectual Property and (ii) other material Company Intellectual Property. The Company Intellectual Property listed on Schedule 6.27(a)(i) of the Disclosure Schedules constitutes all of the Intellectual Property necessary for the operation of the Business as it is currently conducted. Each Person listed in Schedule 6.27(a)(i) of the Disclosure Schedules is the owner or licensee of all right, title and interest in and to each of the Company Intellectual Property items listed for it therein, free and clear of all Encumbrances, and has the right to use all of the Company Intellectual Property without payment to a Third Party, other than with respect to licenses listed on Schedule 6.27(a)(ii) of the Disclosure Schedules. The use of the Company Intellectual Property does not interfere with, infringe upon, misappropriate or otherwise come into conflict with the Intellectual Property rights of any Third Party. The Company Entities have taken all actions reasonably necessary to maintain and protect all of the Registered Intellectual Property held by them, including payment of applicable maintenance fees and filing of applicable required filings as and when required with the appropriate Governmental Authority. No action must be taken within sixty (60) days after the Closing Date with respect to any of the Company Intellectual Property to protect or maintain Atlantic’s ownership and/or rights with respect thereto. None of the Company Intellectual Property is or has been adjudged by a Governmental Authority to be invalid or unenforceable in whole or part. The consummation of the transactions contemplated by this Agreement will not (i) alter, restrict, encumber, impair or extinguish any rights in any material Company Intellectual Property, or (ii) result in the creation of any Encumbrance with respect to any of the Company Intellectual Property. (b) No Person, other than the Company Entities, possesses any ownership or other interest with respect to any Company Intellectual Property or any current or contingent rights to sublicense, sell or otherwise distribute products or services utilizing any Company Intellectual Property. (c) To the Company’s Knowledge, none of the Company Entities, nor their conduct of the Business, has materially interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Intellectual Property rights of any Third Party, and no Company Entity has received any written charge, complaint, claim, demand, or notice alleging any such interference, infringement, misappropriation, or violation. To the Knowledge of the Company Entities, no Third Party has interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Company Intellectual Property. No Action is pending or, to the Knowledge of the Company Entities, threatened (i) alleging infringement, misappropriation or any other violation of any Intellectual Property rights of any Person by the Company or by any product or service made, used, sold or otherwise provided by any of them, or (ii) challenging the scope, ownership, validity, or enforceability of any Intellectual Property owned or used by the Company. (d) The Company Entities have taken all reasonable precautions to protect the secrecy, confidentiality and value of all trade secrets forming part of the Company Intellectual Property. None of the Company Entities has made any of its respective trade secrets or other confidential or proprietary information available to any other Person except pursuant to written agreements requiring such Person to maintain the confidentiality of such information or materials. The Company Entities have good title to and an absolute right to use the trade secrets forming part of the Company Intellectual Property, as well as all other material Company Intellectual Property purported to be owned by them. The trade secrets forming part of the Company Intellectual Property are not part of the public knowledge or literature and, to the Knowledge of the Company Entities, have not been used, divulged or appropriated either for the benefit of any Person (other than the Company Entities) or to the detriment of the Company Entities. No Company Intellectual Property is subject to any adverse claim or has been challenged or threatened in any way or infringes any intellectual property right of any other Person. (e) Except as set forth in Schedule 6.27(e) of the Disclosure Schedules, the Company Entities have obtained from all Persons (including employees and current or former consultants and subcontractors) who have created or developed any portion of, or otherwise who would have any rights in or to, any Company Intellectual Property purported to be owned by them, valid and enforceable written assignments of any such work, invention, improvement or other rights to the Company, or other agreements or written documentation which assign to and vest in the Company the exclusive ownership of such work, invention, improvement or other rights. The Company has delivered or Made Available to Atlantic copies of the standard forms of such assignments, agreements or other written documentation used by the Company Entities. None of such agreements (including any agreement for the performance of professional services by or on the behalf of the Company Entities) confers upon any Person other than the Company Entities any ownership interest, exclusive license or other right with respect to any Company Intellectual Property in connection with such agreement. (f) The IT assets of the Company Entities operate and perform in all material respects in a manner that permits the Company Entities to conduct the Business as currently conducted and no Person has gained unauthorized access to or otherwise interfered with the operation of any IT asset. In all matters related to the Business, the Company Entities have implemented and followed reasonable security measures including, data backup and disaster recovery processes that are appropriate for businesses that collect, maintain and transfer sensitive health and other personal information. (g) Each of the Company Entities is in compliance in all material respects with (i) all applicable Laws and Legal Requirements pertaining to (A) data security, cybersecurity, privacy, and (B) the collection, storage, use, access, disclosure, processing, security, and transfer of Personal Data (referred to collectively in this Agreement as “Data Activities”) ((A) and (B) together “Privacy Laws”) (e.g., the FTC Act, the CCPA, and the NY SHIELD Act); (ii) the Payment Card Industry Security Standards set by the PCI Security Standards Council, to the extent that it is subject to same, pursuant to contract or otherwise, and it has validated its compliance with such standards to the extent required by the applicable rules and guidelines issued by card associations; and (iii) all obligations imposed upon any Company Entity in Contracts (or portions thereof) to which it is a Party that are applicable to Data Activities (such obligations collectively, “Privacy Agreements”). Except as set forth in Schedule 6.27(g) of the Disclosure Schedules, the Company Entities do not have any premises, employees or tangible assets, and does not conduct any business activities, in any country other than the United States. The Company Entities have implemented and distributed written privacy and data security policies, including a publicly posted website privacy policy (“Privacy and Data Security Policies”), which are all of the privacy and data security policies that the Company Entities are required to maintain. The Company has Made Available to Atlantic a true, correct, and complete copy of each of said Privacy and Data Security Policies. At all times, the Company Entities have been and they are in compliance in all material respects with all such Privacy and Data Security Policies. None of the execution, delivery, or performance of this Agreement, nor the consummation of any of the Contemplated Transactions, will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws. (i) There is no pending, nor has there been since January 1, 2022 any material Actions against the Company initiated by: (x) any Person; (y) the United States Federal Trade Commission, any state attorney general or similar state official; (z) any other Governmental Authority, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging any violation by or on behalf of the Company of Privacy and Data Security Policies. (ii) Since January 1, 2022, there has been no material breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or, to the Company’s Knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Company, or any material unauthorized intrusions or breaches of security into the Company systems. (iii) The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s Knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person. (iv) The Company has taken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and (ii) the confidential data owned by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other misuse. The Company has implemented reasonable procedures, satisfying the requirements of applicable Privacy Laws in all material respects, to detect data security incidents and to protect Personal Data against loss and against unauthorized access, use, modification, disclosure or other misuse. (v) In connection with each third-party service provider whose services are material to the Company and involve the processing of Personal Data on behalf of the Company, the Company has in accordance with Privacy Laws, since January 1, 2022, entered into valid data processing agreements with any such Third Party in accordance with applicable Privacy Laws. (vi) The consummation of any of the transactions contemplated hereby, will not violate any applicable Privacy Agreements. (vii) There have not been any Actions related to any data security incidents or any violations of any Privacy Requirements that have been asserted in writing against the Company, and, to the Company’s Knowledge, the Company has not received any written correspondence relating to, or written notice of any Actions with respect to, alleged violations by the Company of, Privacy Agreements.
Appears in 2 contracts
Samples: Merger Agreement (Atlantic International Corp.), Merger Agreement (Staffing 360 Solutions, Inc.)
Intellectual Property; IT Assets; Data Privacy. (a) Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules contains a complete list of (i) all Registered Intellectual Property and (ii) other material Company Intellectual Property. The Company Intellectual Property listed on Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules constitutes all of the Intellectual Property necessary for the operation of the Business as it is currently conducted. Each Person listed in Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules is the owner or licensee of all right, title and interest in and to each of the Company Intellectual Property items listed for it therein, free and clear of all Encumbrances, and has the right to use all of the Company Intellectual Property without payment to a Third Party, other than with respect to licenses listed on Schedule 6.27(a)(ii6.22(a)(ii) of the Disclosure Schedules. The use of the Company Intellectual Property does not interfere with, infringe upon, misappropriate or otherwise come into conflict with the Intellectual Property rights of any Third Party. The Company Entities have taken all actions reasonably necessary to maintain and protect all of the Registered Intellectual Property held by them, including payment of applicable maintenance fees and filing of applicable required filings as and when required with the appropriate Governmental Authority. No action must be taken within sixty (60) days after the Closing Date with respect to any of the Company Intellectual Property to protect or maintain AtlanticSeqLL’s ownership and/or rights with respect thereto. None of the Company Intellectual Property is or has been adjudged by a Governmental Authority to be invalid or unenforceable in whole or part. The consummation of the transactions contemplated by this Agreement will not (i) alter, restrict, encumber, impair or extinguish any rights in any material Company Intellectual Property, or (ii) result in the creation of any Encumbrance with respect to any of the Company Intellectual Property.
(b) No Except as set forth in Schedule 6.22(b) of the Disclosure Schedules, no Person, other than the Company Entities, possesses any ownership or other interest with respect to any Company Intellectual Property or any current or contingent rights to sublicense, sell or otherwise distribute products or services utilizing any Company Intellectual Property.
(c) To the Company’s Knowledge, none of the Company Entities, nor their conduct of the Business, has materially interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Intellectual Property rights of any Third Party, and no Company Entity has received any written charge, complaint, claim, demand, or notice alleging any such interference, infringement, misappropriation, or violation. To the Knowledge of the Company Entities, no Third Party has interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Company Intellectual Property. No Action is pending or, to the Knowledge of the Company Entities, threatened (i) alleging infringement, misappropriation or any other violation of any Intellectual Property rights of any Person by the Company or by any product or service made, used, sold or otherwise provided by any of them, or (ii) challenging the scope, ownership, validity, or enforceability of any Intellectual Property owned or used by the Company.
(d) The Company Entities have taken all reasonable precautions to protect the secrecy, confidentiality and value of all trade secrets forming part of the Company Intellectual Property. None of the Company Entities has made any of its respective trade secrets or other confidential or proprietary information available to any other Person except pursuant to written agreements requiring such Person to maintain the confidentiality of such information or materials. The Company Entities have good title to and an absolute right to use the trade secrets forming part of the Company Intellectual Property, as well as all other material Company Intellectual Property purported to be owned by them. The trade secrets forming part of the Company Intellectual Property are not part of the public knowledge or literature and, to the Knowledge of the Company Entities, have not been used, divulged or appropriated either for the benefit of any Person (other than the Company Entities) or to the detriment of the Company Entities. No Company Intellectual Property is subject to any adverse claim or has been challenged or threatened in any way or infringes any intellectual property right of any other Person.
(e) Except as set forth in Schedule 6.27(e6.22(e) of the Disclosure Schedules, the Company Entities have obtained from all Persons (including employees and current or former consultants and subcontractors) who have created or developed any portion of, or otherwise who would have any rights in or to, any Company Intellectual Property purported to be owned by them, valid and enforceable written assignments of any such work, invention, improvement or other rights to the Company, or other agreements or written documentation which assign to and vest in the Company the exclusive ownership of such work, invention, improvement or other rights. The Company has delivered or Made Available to Atlantic SeqLL copies of the standard forms of such assignments, agreements or other written documentation used by the Company Entities. None of such agreements (including any agreement for the performance of professional services by or on the behalf of the Company Entities) confers upon any Person other than the Company Entities any ownership interest, exclusive license or other right with respect to any Company Intellectual Property in connection with such agreement.
(f) The IT assets of the Company Entities operate and perform in all material respects in a manner that permits the Company Entities to conduct the Business as currently conducted and no Person has gained unauthorized access to or otherwise interfered with the operation of any IT asset. In all matters related to the Business, the Company Entities have implemented and followed reasonable security measures including, data backup and disaster recovery processes that are appropriate for businesses that collect, maintain and transfer sensitive health and other personal information.
(g) Each of the Company Entities is in compliance in all material respects with (i) all applicable Laws and Legal Requirements pertaining to (A) data security, cybersecurity, privacy, and (B) the collection, storage, use, access, disclosure, processing, security, and transfer of Personal Data (referred to collectively in this Agreement as “Data Activities”) ((A) and (B) together “Privacy Laws”) (e.g., the FTC Act, the CCPA, and the NY SHIELD Act); (ii) the Payment Card Industry Security Standards set by the PCI Security Standards Council, to the extent that it is subject to same, pursuant to contract or otherwise, and it has validated its compliance with such standards to the extent required by the applicable rules and guidelines issued by card associations; and (iii) all obligations imposed upon any Company Entity in Contracts (or portions thereof) to which it is a Party that are applicable to Data Activities (such obligations collectively, “Privacy Agreements”). Except as set forth in Schedule 6.27(g6.22(g) of the Disclosure Schedules, the Company Entities do not have any premises, employees or tangible assets, and does not conduct any business activities, in any country other than the United States. The Company Entities have implemented and distributed written privacy and data security policies, including a publicly posted website privacy policy (“Privacy and Data Security Policies”), which are all of the privacy and data security policies that the Company Entities are required to maintain. The Company has Made Available to Atlantic SeqLL a true, correct, and complete copy of each of said Privacy and Data Security Policies. At all times, the Company Entities have been and they are in compliance in all material respects with all such Privacy and Data Security Policies. None of the execution, delivery, or performance of this Agreement, nor the consummation of any of the Contemplated Transactions, will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws.
(i) There is no pending, nor has there been since January 1, 2022 2021 any material Actions against the Company initiated by: (x) any Person; (y) the United States Federal Trade Commission, any state attorney general or similar state official; (z) any other Governmental Authority, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging any violation by or on behalf of the Company of Privacy and Data Security Policies.
(ii) Since January 1, 20222021, there has been no material breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or, to the Company’s Knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Company, or any material unauthorized intrusions or breaches of security into the Company systems.
(iii) The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s Knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person.
(iv) The Company has taken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and (ii) the confidential data owned by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other misuse. The Company has implemented reasonable procedures, satisfying the requirements of applicable Privacy Laws in all material respects, to detect data security incidents and to protect Personal Data against loss and against unauthorized access, use, modification, disclosure or other misuse.
(v) In connection with each third-party service provider whose services are material to the Company and involve the processing of Personal Data on behalf of the Company, the Company has in accordance with Privacy Laws, since January 1, 20222020, entered into valid data processing agreements with any such Third Party third party in accordance with applicable Privacy Laws.
(vi) The consummation of any of the transactions contemplated hereby, will not violate any applicable Privacy Agreements.
(vii) There have not been any Actions related to any data security incidents or any violations of any Privacy Requirements that have been asserted in writing against the Company, and, to the Company’s Knowledge, the Company has not received any written correspondence relating to, or written notice of any Actions with respect to, alleged violations by the Company of, Privacy Agreements.
(viii) The Company has not transferred any Personal Data from the European Union or United Kingdom to a jurisdiction outside the European Economic Area or United Kingdom, other than in accordance with Articles 45 and 46(2) of the GDPR.
Appears in 1 contract
Intellectual Property; IT Assets; Data Privacy. (a) Schedule 6.27(a)(iSection 3.16(a) of the Company Disclosure Schedules contains Letter sets forth a true and complete list as of the Execution Date of all Company Intellectual Property that is Registered (i) all collectively, the “Registered Intellectual Property”). The Registered Intellectual Property is subsisting, and each of the issued and granted items included in the Registered Intellectual Property is, to the Knowledge of the Company, valid and enforceable. There are no inventorship challenges, opposition or nullity proceedings or interferences with respect to any patents or patent applications included in the Registered Intellectual Property, or to the Knowledge of the Company, threatened in writing. There has been no claim, action, suit or proceeding pending, or to the Company’s Knowledge, threatened in writing since the Look-Back Date, against the Company or its Subsidiaries concerning the ownership, validity, registrability or enforceability of any Company Intellectual Property.
(iib) other Except as would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect, the Company and its Subsidiaries own or have the sufficient right to use, pursuant to a written license, all Intellectual Property Rights used in or necessary for the conduct of their respective businesses as currently conducted. To the Knowledge of the Company, the Company Intellectual Property is not subject to any outstanding Governmental Order adversely affecting the Company’s or its Subsidiaries’ rights to or use of such Intellectual Property Rights.
(c) With the exception of any material Intellectual Property set forth at Section 3.16(a) of the Company Disclosure Letter, the Company and its Subsidiaries solely and exclusively own all material Company Intellectual Property, free and clear of all Encumbrances, other than Permitted Encumbrances.
(d) To the Knowledge of the Company, none of the products or services distributed, sold, or offered by the Company and its Subsidiaries nor the conduct of the respective businesses of the Company and its Subsidiaries infringe, misappropriate or otherwise violate, or have infringed, misappropriated or otherwise violated since the Look-Back Date, any Intellectual Property Rights of any Person, except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. As of the Execution Date, there has been no claim or action, suit or other Proceeding pending or threatened in writing against the Company or its Subsidiaries since the Look-Back Date alleging the foregoing.
(e) To the Knowledge of the Company, no Person is infringing, misappropriating or otherwise violating, or has infringed, misappropriated or otherwise violated since the Look-Back Date any Company Intellectual Property. Since the Look-Back Date, neither the Company nor any of its Subsidiaries has asserted in writing, or to the Knowledge of the Company, threatened a claim, action, suit or proceeding against any third party alleging the foregoing.
(f) The Company and its Subsidiaries have taken commercially reasonable measures to protect the confidentiality and value of all trade secrets and other material confidential information that are owned, used or held by the Company or its Subsidiaries, and to the Knowledge of the Company, such trade secrets and confidential information have not been disclosed by the Company or its Subsidiaries to any Person, except pursuant to written non-disclosure and/or license agreements which, to the Knowledge of the Company, have not been breached.
(g) The Company and each of its Subsidiaries have obtained from all Persons (including current or former employees, officers, directors, consultants and contractors) who have created or developed any material Intellectual Property listed Rights for or on Schedule 6.27(a)(i) behalf of the Disclosure Schedules constitutes all of the Intellectual Property necessary for the operation of the Business as it is currently conducted. Each Person listed in Schedule 6.27(a)(i) of the Disclosure Schedules is the owner Company or licensee its Subsidiaries written, present assignments of all right, title and interest in and to each of such Intellectual Property Rights to the Company Intellectual Property items listed for it therein, free and clear of all Encumbrances, and has the right to use all of the Company Intellectual Property without payment to a Third Party, other than with respect to licenses listed on Schedule 6.27(a)(iior its applicable Subsidiary.
(h) of the Disclosure Schedules. The use of the Company Intellectual Property does not interfere with, infringe upon, misappropriate or otherwise come into conflict with the Intellectual Property rights of any Third Party. The Company Entities have taken all actions reasonably necessary to maintain and protect all of the Registered Intellectual Property held by them, including payment of applicable maintenance fees and filing of applicable required filings as and when required with the appropriate Governmental Authority. No action must be taken within sixty (60) days after the Closing Date with respect to any of the Company Intellectual Property to protect or maintain Atlantic’s ownership and/or rights with respect thereto. None of Software included in the Company Intellectual Property is subject to any “open source” or has been adjudged by a Governmental Authority to be invalid or unenforceable in whole or part. The consummation “copyleft” obligations that conditions the distribution of the transactions contemplated by this Agreement will not any such Software on (i) alterthe disclosure, restrict, encumber, impair licensing or extinguish distribution of any rights in any material Company Intellectual Property, or source code for such Software; (ii) result the grant to licensees of the right to make derivative works or other modifications to such Software; (iii) the licensing under terms that allow such Software to be reverse engineered; or (iv) redistribution or public disclosure of such Software at no license fee, in each case of (i)-(iv) except as would not be expected to be material to the creation Company..
(i) No Person other than the Company and its Affiliates and employees and contractors of the Company and its Affiliates has been provided by the Company, or by a third party who received the source code from the Company, the source code, or has a right to be provided with the source code (including any such right that may arise after the occurrence of any Encumbrance with respect to specified event or circumstance), for any of material Software included in the Company Intellectual Property.
(bj) No Person, other than the Company Entities, possesses any ownership or other interest with respect to any Company Intellectual Property or any current or contingent rights to sublicense, sell or otherwise distribute products or services utilizing any Company Intellectual Property.
(c) To the Company’s Knowledge, none of the Company Entities, nor their conduct of the Business, has materially interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Intellectual Property rights of any Third Party, and no Company Entity has received any written charge, complaint, claim, demand, or notice alleging any such interference, infringement, misappropriation, or violation. To the Knowledge of the Company EntitiesCompany, no Third Party has interfered withthe IT Assets owned, infringed upon, misappropriated, controlled or otherwise come into conflict with any Company Intellectual Property. No Action is pending or, to the Knowledge of the Company Entities, threatened (i) alleging infringement, misappropriation or any other violation of any Intellectual Property rights of any Person used by the Company or by any product or service made, used, sold or otherwise provided by any of themits Subsidiaries (i) are sufficient in all material respects for the current needs of the businesses of the Company and its Subsidiaries as currently conducted, or (ii) challenging the scope, ownership, validity, or enforceability of any Intellectual Property owned or used by the Company.
(d) The Company Entities have taken all reasonable precautions to protect the secrecy, confidentiality and value of all trade secrets forming part of the Company Intellectual Property. None of the Company Entities has made any of its respective trade secrets or other confidential or proprietary information available to any other Person except pursuant to written agreements requiring such Person to maintain the confidentiality of such information or materials. The Company Entities have good title to and an absolute right to use the trade secrets forming part of the Company Intellectual Property, as well as all other material Company Intellectual Property purported to be owned by them. The trade secrets forming part of the Company Intellectual Property are not part of the public knowledge or literature and, to the Knowledge of the Company Entities, have not been used, divulged or appropriated either for the benefit of any Person (other than the Company Entities) or to the detriment of the Company Entities. No Company Intellectual Property is subject to any adverse claim or has been challenged or threatened in any way or infringes any intellectual property right of any other Person.
(e) Except as set forth in Schedule 6.27(e) of the Disclosure Schedules, the Company Entities have obtained from all Persons (including employees and current or former consultants and subcontractors) who have created or developed any portion of, or otherwise who would have any rights in or to, any Company Intellectual Property purported to be owned by them, valid and enforceable written assignments of any such work, invention, improvement or other rights to the Company, or other agreements or written documentation which assign to and vest in the Company the exclusive ownership of such work, invention, improvement or other rights. The Company has delivered or Made Available to Atlantic copies of the standard forms of such assignments, agreements or other written documentation used by the Company Entities. None of such agreements (including any agreement for the performance of professional services by or on the behalf of the Company Entities) confers upon any Person other than the Company Entities any ownership interest, exclusive license or other right with respect to any Company Intellectual Property in connection with such agreement.
(f) The IT assets of the Company Entities operate and perform in all material respects in a manner that permits as required by each of the Company Entities to conduct the Business and its Subsidiaries in connection with their respective businesses as currently conducted conducted, and no (iii) have not materially failed since the Look-Back Date. No Person has gained unauthorized access to or otherwise interfered with such IT Assets since the operation Look-Back Date. Each of any IT asset. In all matters related to the Business, the Company Entities and its Subsidiaries have implemented and followed commercially reasonable security measures including, data backup and disaster recovery processes that are appropriate for businesses that collecttechnology processes. To the Knowledge of the Company, maintain and transfer sensitive health and other personal informationthe IT Assets do not contain any material security vulnerabilities.
(gk) Each Except as listed on Schedule 3.16(k) of the Company Entities is in compliance Disclosure Letter, the Company and its Subsidiaries have established and implemented written policies and organizational, physical, administrative, and technical policies regarding privacy and cybersecurity that are, in all material respects respects, commercially reasonable and consistent with (iapplicable data privacy and security contractual obligations, of the Company and its Subsidiaries, and applicable Law, except where the failure to do wo would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect. With the exception of any exceptions set forth at Section 3.16(k) of the Company Disclosure Letter, the Company and its Subsidiaries’ privacy policies are posted and accessible on the Company’s and its Subsidiaries’ websites and on any other mechanism through which the Company or its Subsidiaries collects, uses, stores, processes, transmits, transfers or discloses Personal Information, in each case, as required under applicable Law, except where the failure to do so would not reasonably be expected to have, individually or in the aggregate, a Material Adverse Effect. With the exception of any exceptions set forth at Section 3.16(k) of the Company Disclosure Letter, the Company and each of its Subsidiaries have materially complied with all of such policies, and with all applicable Laws and Legal Requirements pertaining to (A) data securityapplicable rules or self-regulatory organizations, cybersecurity, privacy, and (B) the collection, storage, use, access, disclosure, processing, security, and transfer of Personal Data (referred to collectively in this Agreement as “Data Activities”) ((A) and (B) together “Privacy Laws”) (e.g., the FTC Act, the CCPA, and the NY SHIELD Act); (ii) including the Payment Card Industry Data Security Standards set by the PCI Security Standards CouncilStandard, in each case, regarding Personal Information, including with respect to the extent that it is subject collection, use, storage, processing, transmission, transfer (including cross-border transfers), disclosure and protection of Personal Information, including all Laws implementing, supplementing, amending, replacing or superseding the foregoing, except where the failure to samecomply would not reasonably be expected to have, pursuant individually or in the aggregate, a Material Adverse Effect.
(l) Except as would not reasonably be expected to contract have, individually or otherwisein the aggregate, a Material Adverse Effect, and it has validated its compliance with such standards to the extent required by the under applicable rules and guidelines issued by card associations; and (iii) all obligations imposed upon any Company Entity in Contracts (or portions thereof) to which it is a Party that are applicable to Data Activities (such obligations collectively, “Privacy Agreements”). Except as set forth in Schedule 6.27(g) of the Disclosure SchedulesLaws, the Company Entities do not have any premises, employees or tangible assets, and does not conduct any business activities, in any country other than the United States. The Company Entities have implemented and distributed written privacy and data security policies, including a publicly posted website privacy policy (“Privacy and Data Security Policies”), which are all of the privacy and data security policies that the Company Entities are required to maintain. The Company has Made Available to Atlantic a true, correct, and complete copy of each of said Privacy and Data Security Policies. At all times, the Company Entities its Subsidiaries have been and they are written agreements in compliance in all material respects place with all such Privacy and Data Security Policies. None of the executionPersons who collect, deliveryuse, store, process, transmit, transfer, or performance of this Agreement, nor the consummation of any of the Contemplated Transactions, will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws.
(i) There is no pending, nor has there been since January 1, 2022 any material Actions against the Company initiated by: (x) any Person; (y) the United States Federal Trade Commission, any state attorney general or similar state official; (z) any other Governmental Authority, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging any violation disclose Personal Information by or on behalf of the Company of Privacy and Data Security Policies.
(ii) Since January 1or its Subsidiaries, 2022, there has been no material breach of security resulting which agreements require such Persons to safeguard such Personal Information in unauthorized access, use or disclosure of Personal Data in the possession or control a manner consistent with commitments of the Company or, to the Company’s Knowledge, any and its Subsidiaries and in compliance with all applicable Laws. The Company and each of its contractors with regard Subsidiaries have taken commercially reasonable steps designed to any ensure that Personal Data obtained from or on behalf of the CompanyInformation that is collected, used, stored, processed, transmitted, transferred, or any material unauthorized intrusions or breaches of security into the Company systems.
(iii) The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s Knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person.
(iv) The Company has taken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and (ii) the confidential data owned disclosed by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other misuse. The Company has implemented reasonable procedures, satisfying the requirements of applicable Privacy Laws in all material respects, to detect data security incidents and to protect Personal Data its Subsidiaries is protected against loss and against unauthorized access, use, modification, disclosure or other misuse.
(v) In connection with each third-party service provider whose services are material to processing. To the Company and involve the processing of Personal Data on behalf Knowledge of the Company, except as would not reasonably be expected to have, individually or in the Company has in accordance with Privacy Lawsaggregate, since January 1a Material Adverse Effect, 2022, entered into valid data processing agreements with any such Third Party in accordance with applicable Privacy Laws.
(vi) The consummation of any of the transactions contemplated hereby, will not violate any applicable Privacy Agreements.
(vii) There there have not been any Actions related to any data security breaches or other incidents of unauthorized access to, or any violations of any Privacy Requirements that have been asserted in writing against unauthorized disclosure, use or processing of, such Personal Information since the CompanyLook-Back Date. Since the Look-Back Date, and, to the Company’s Knowledge, neither the Company nor any of its Subsidiaries has not received any written correspondence relating toclaim, inquiry, notice, audit or request to audit, or written notice complaint alleging or related to (i) a material violation of any Actions with respect to, alleged violations by the Company of, Privacy AgreementsPerson’s rights or reasonable expectations of privacy or confidentiality; or (ii) violation of any Law relating to privacy or data protection.
Appears in 1 contract
Samples: Merger Agreement (Monterey Capital Acquisition Corp)
Intellectual Property; IT Assets; Data Privacy. (a) Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules contains a complete list of (i) all Registered Intellectual Property and (ii) other material Company Intellectual Property. The Company Intellectual Property listed on Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules constitutes all of the Intellectual Property necessary for the operation of the Business as it is currently conducted. Each Person listed in Schedule 6.27(a)(i6.22(a)(i) of the Disclosure Schedules is the owner or licensee of all right, title and interest in and to each of the Company Intellectual Property items listed for it therein, free and clear of all Encumbrances, and has the right to use all of the Company Intellectual Property without payment to a Third Party, other than with respect to licenses listed on Schedule 6.27(a)(ii6.22(a)(ii) of the Disclosure Schedules. The use of the Company Intellectual Property does not interfere with, infringe upon, misappropriate or otherwise come into conflict with the Intellectual Property rights of any Third Party. The Company Entities have taken all actions reasonably necessary to maintain and protect all of the Registered Intellectual Property held by them, including payment of applicable maintenance fees and filing of applicable required filings as and when required with the appropriate Governmental Authority. No action must be taken within sixty (60) days after the Closing Date with respect to any of the Company Intellectual Property to protect or maintain AtlanticSeqLL’s ownership and/or rights with respect thereto. None of the Company Intellectual Property is or has been adjudged by a Governmental Authority to be invalid or unenforceable in whole or part. The consummation of the transactions contemplated by this Agreement will not (i) alter, restrict, encumber, impair or extinguish any rights in any material Company Intellectual Property, or (ii) result in the creation of any Encumbrance with respect to any of the Company Intellectual Property.
(b) No Except as set forth in Schedule 6.22(b) of the Disclosure Schedules, no Person, other than the Company Entities, possesses any ownership or other interest with respect to any Company Intellectual Property or any current or contingent rights to sublicense, sell or otherwise distribute products or services utilizing any Company Intellectual Property.
(c) To the Company’s Knowledge, none of the Company Entities, nor their conduct of the Business, has materially interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Intellectual Property rights of any Third Party, and no Company Entity has received any written charge, complaint, claim, demand, or notice alleging any such interference, infringement, misappropriation, or violation. To the Knowledge of the Company Entities, no Third Party has interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Company Intellectual Property. No Action is pending or, to the Knowledge of the Company Entities, threatened (i) alleging infringement, misappropriation or any other violation of any Intellectual Property rights of any Person by the Company or by any product or service made, used, sold or otherwise provided by any of them, or (ii) challenging the scope, ownership, validity, or enforceability of any Intellectual Property owned or used by the Company.
(d) The Company Entities have taken all reasonable precautions to protect the secrecy, confidentiality and value of all trade secrets forming part of the Company Intellectual Property. None of the Company Entities has made any of its respective trade secrets or other confidential or proprietary information available to any other Person except pursuant to written agreements requiring such Person to maintain the confidentiality of such information or materials. The Company Entities have good title to and an absolute right to use the trade secrets forming part of the Company Intellectual Property, as well as all other material Company Intellectual Property purported to be owned by them. The trade secrets forming part of the Company Intellectual Property are not part of the public knowledge or literature and, to the Knowledge of the Company Entities, have not been used, divulged or appropriated either for the benefit of any Person (other than the Company Entities) or to the detriment of the Company Entities. No Company Intellectual Property is subject to any adverse claim or has been challenged or threatened in any way or infringes any intellectual property right of any other Person.
(e) Except as set forth in Schedule 6.27(e6.22(e) of the Disclosure Schedules, the Company Entities have obtained from all Persons (including employees and current or former consultants and subcontractors) who have created or developed any portion of, or otherwise who would have any rights in or to, any Company Intellectual Property purported to be owned by them, valid and enforceable written assignments of any such work, invention, improvement or other rights to the Company, or other agreements or written documentation which assign to and vest in the Company the exclusive ownership of such work, invention, improvement or other rights. The Company has delivered or Made Available to Atlantic SeqLL copies of the standard forms of such assignments, agreements or other written documentation used by the Company Entities. None of such agreements (including any agreement for the performance of professional services by or on the behalf of the Company Entities) confers upon any Person other than the Company Entities any ownership interest, exclusive license or other right with respect to any Company Intellectual Property in connection with such agreement.
(f) The IT assets of the Company Entities operate and perform in all material respects in a manner that permits the Company Entities to conduct the Business as currently conducted and no Person has gained unauthorized access to or otherwise interfered with the operation of any IT asset. In all matters related to the Business, the Company Entities have implemented and followed reasonable security measures including, data backup and disaster recovery processes that are appropriate for businesses that collect, maintain and transfer sensitive health and other personal information.
(g) Each of the Company Entities is in compliance in all material respects with (i) all applicable Laws and Legal Requirements pertaining to (A) data security, cybersecurity, privacy, and (B) the collection, storage, use, access, disclosure, processing, security, and transfer of Personal Data (referred to collectively in this Agreement as “Data Activities”) ((A) and (B) together “Privacy Laws”) (e.g., the FTC Act, the CCPA, and the NY SHIELD Act); (ii) the Payment Card Industry Security Standards set by the PCI Security Standards Council, to the extent that it is subject to same, pursuant to contract or otherwise, and it has validated its compliance with such standards to the extent required by the applicable rules and guidelines issued by card associations; and (iii) all obligations imposed upon any Company Entity in Contracts (or portions thereof) to which it is a Party that are applicable to Data Activities (such obligations collectively, “Privacy Agreements”). Except as set forth in Schedule 6.27(g6.22(g) of the Disclosure Schedules, the Company Entities do not have any premises, employees or tangible assets, and does not conduct any business activities, in any country other than the United States. The Company Entities have implemented and distributed written privacy and data security policies, including a publicly posted website privacy policy (“Privacy and Data Security Policies”), which are all of the privacy and data security policies that the Company Entities are required to maintain. The Company has Made Available to Atlantic SeqLL a true, correct, and complete copy of each of said Privacy and Data Security Policies. At all times, the Company Entities have been and they are in compliance in all material respects with all such Privacy and Data Security Policies. None of the execution, delivery, or performance of this Agreement, nor the consummation of any of the Contemplated Transactions, will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws.
(i) There is no pending, nor has there been since January 1, 2022 2020 any material Actions against the Company initiated by: (x) any Person; (y) the United States Federal Trade Commission, any state attorney general or similar state official; (z) any other Governmental Authority, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging any violation by or on behalf of the Company of Privacy and Data Security Policies.
(ii) Since January 1, 20222020, there has been no material breach of security resulting in unauthorized access, use or disclosure of Personal Data in the possession or control of the Company or, to the Company’s Knowledge, any of its contractors with regard to any Personal Data obtained from or on behalf of the Company, or any material unauthorized intrusions or breaches of security into the Company systems.
(iii) The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s Knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person.
(iv) The Company has taken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and (ii) the confidential data owned by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other misuse. The Company has implemented reasonable procedures, satisfying the requirements of applicable Privacy Laws in all material respects, to detect data security incidents and to protect Personal Data against loss and against unauthorized access, use, modification, disclosure or other misuse.
(v) In connection with each third-party service provider whose services are material to the Company and involve the processing of Personal Data on behalf of the Company, the Company has in accordance with Privacy Laws, since January 1, 20222020, entered into valid data processing agreements with any such Third Party third party in accordance with applicable Privacy Laws.
(vi) The consummation of any of the transactions contemplated hereby, will not violate any applicable Privacy Agreements.
(vii) There have not been any Actions related to any data security incidents or any violations of any Privacy Requirements that have been asserted in writing against the Company, and, to the Company’s Knowledge, the Company has not received any written correspondence relating to, or written notice of any Actions with respect to, alleged violations by the Company of, Privacy Agreements.
(viii) The Company has not transferred any Personal Data from the European Union or United Kingdom to a jurisdiction outside the European Economic Area or United Kingdom, other than in accordance with Articles 45 and 46(2) of the GDPR.
Appears in 1 contract
Intellectual Property; IT Assets; Data Privacy. (a) Schedule 6.27(a)(iSection 3.15(a) of the Company Disclosure Schedules contains Letter sets forth a true and complete list of all Company Intellectual Property that is Registered (i) all collectively, the “Registered Intellectual Property”). The Registered Intellectual Property is subsisting, and each of the issued and granted items included in the Registered Intellectual Property is, to the Knowledge of the Company, valid and enforceable. There are no inventorship challenges, opposition or nullity proceedings or interferences with respect to any patents or patent applications included in the Registered Intellectual Property, or to the Knowledge of the Company, threatened in writing. There has been no claim, action, suit or proceeding pending, or to the Company’s Knowledge, threatened in writing since the Look-Back Date, against the Company or its Subsidiaries concerning the ownership, validity, registerability or enforceability of any Company Intellectual Property.
(iib) other Except as would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect, the Company and its Subsidiaries own or have the sufficient right to use, pursuant to a written license, all material Intellectual Property Rights used in or necessary for the conduct of their respective businesses as currently conducted. To the Knowledge of the Company, the Company Intellectual Property is not subject to any outstanding Governmental Order adversely affecting the Company’s or its Subsidiaries’ rights to or use of such Intellectual Property Rights.
(c) The Company and its Subsidiaries solely and exclusively own all material Company Intellectual Property, free and clear of all Encumbrances, other than Permitted Encumbrances.
(d) To the Knowledge of the Company, none of the products or services distributed, sold, or offered by the Company and its Subsidiaries nor the conduct of the respective businesses of the Company and its Subsidiaries infringe, misappropriate or otherwise violate, or have infringed, misappropriated or otherwise violated since the Look-Back Date, any Intellectual Property Rights of any Person. There has been no claim or action, suit or other Proceeding pending, or to the Knowledge of the Company, threatened in writing against the Company or its Subsidiaries since the Look-Back Date alleging the foregoing.
(e) To the Knowledge of the Company, no Person is infringing, misappropriating or otherwise violating, or has infringed, misappropriated or otherwise violated since the Look-Back Date any Company Intellectual Property. Since the Look-Back Date, neither the Company nor any of its Subsidiaries has asserted in writing, or to the Knowledge of the Company, threatened a claim, action, suit or proceeding against any third party alleging the foregoing.
(f) The Company and its Subsidiaries have taken commercially reasonable measures to protect the confidentiality and value of all trade secrets and other material confidential information that are owned, used or held by the Company or its Subsidiaries, and to the Knowledge of the Company, such trade secrets and confidential information have not been disclosed by the Company or its Subsidiaries to any Person, except pursuant to written non-disclosure and/or license agreements which, to the Knowledge of the Company, have not been breached.
(g) To the Knowledge of the Company, the Company and each of its Subsidiaries have obtained from all Persons (including current or former employees, officers, directors, consultants and contractors) who have created or developed any material Intellectual Property listed Rights for or on Schedule 6.27(a)(i) behalf of the Disclosure Schedules constitutes all of the Intellectual Property necessary for the operation of the Business as it is currently conducted. Each Person listed in Schedule 6.27(a)(i) of the Disclosure Schedules is the owner Company or licensee its Subsidiaries written, present assignments of all right, title and interest in and to each of such Intellectual Property Rights to the Company Intellectual Property items listed for it therein, free and clear of all Encumbrances, and has the right to use all of the Company Intellectual Property without payment to a Third Party, other than with respect to licenses listed on Schedule 6.27(a)(iior its applicable Subsidiary.
(h) of the Disclosure Schedules. The use of the Company Intellectual Property does not interfere with, infringe upon, misappropriate or otherwise come into conflict with the Intellectual Property rights of any Third Party. The Company Entities have taken all actions reasonably necessary to maintain and protect all of the Registered Intellectual Property held by them, including payment of applicable maintenance fees and filing of applicable required filings as and when required with the appropriate Governmental Authority. No action must be taken within sixty (60) days after the Closing Date with respect to any of the Company Intellectual Property to protect or maintain Atlantic’s ownership and/or rights with respect thereto. None of Software included in the Company Intellectual Property is subject to any “open source” or has been adjudged by a Governmental Authority to be invalid or unenforceable in whole or part. The consummation “copyleft” obligations that conditions the distribution of the transactions contemplated by this Agreement will not any such Software on (i) alterthe disclosure, restrict, encumber, impair licensing or extinguish distribution of any rights in any material Company Intellectual Property, or source code for such Software; (ii) result the grant to licensees of the right to make derivative works or other modifications to such Software; (iii) the licensing under terms that allow such Software to be reverse engineered; or (iv) redistribution or public disclosure of such Software at no license fee, in each case of (i)-(iv) except as would not be expected to be material to the creation Company.
(i) No Person other than the Company and its Subsidiaries and employees and contractors of the Company and its Subsidiaries has been provided with the source code, or has a right to be provided with the source code (including any such right that may arise after the occurrence of any Encumbrance with respect to specified event or circumstance), for any of material Software included in the Company Intellectual Property.
(bj) No PersonThe IT Assets owned, other than the Company Entities, possesses any ownership or other interest with respect to any Company Intellectual Property or any current or contingent rights to sublicense, sell controlled or otherwise distribute products or services utilizing any Company Intellectual Property.
(c) To the Company’s Knowledge, none of the Company Entities, nor their conduct of the Business, has materially interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Intellectual Property rights of any Third Party, and no Company Entity has received any written charge, complaint, claim, demand, or notice alleging any such interference, infringement, misappropriation, or violation. To the Knowledge of the Company Entities, no Third Party has interfered with, infringed upon, misappropriated, or otherwise come into conflict with any Company Intellectual Property. No Action is pending or, to the Knowledge of the Company Entities, threatened (i) alleging infringement, misappropriation or any other violation of any Intellectual Property rights of any Person used by the Company or by any product or service made, used, sold or otherwise provided by any of themits Subsidiaries (i) are sufficient for the current needs of the businesses of the Company and its Subsidiaries, or (ii) challenging the scope, ownership, validity, or enforceability of any Intellectual Property owned or used by the Company.
(d) The Company Entities have taken all reasonable precautions to protect the secrecy, confidentiality and value of all trade secrets forming part of the Company Intellectual Property. None of the Company Entities has made any of its respective trade secrets or other confidential or proprietary information available to any other Person except pursuant to written agreements requiring such Person to maintain the confidentiality of such information or materials. The Company Entities have good title to and an absolute right to use the trade secrets forming part of the Company Intellectual Property, as well as all other material Company Intellectual Property purported to be owned by them. The trade secrets forming part of the Company Intellectual Property are not part of the public knowledge or literature and, to the Knowledge of the Company Entities, have not been used, divulged or appropriated either for the benefit of any Person (other than the Company Entities) or to the detriment of the Company Entities. No Company Intellectual Property is subject to any adverse claim or has been challenged or threatened in any way or infringes any intellectual property right of any other Person.
(e) Except as set forth in Schedule 6.27(e) of the Disclosure Schedules, the Company Entities have obtained from all Persons (including employees and current or former consultants and subcontractors) who have created or developed any portion of, or otherwise who would have any rights in or to, any Company Intellectual Property purported to be owned by them, valid and enforceable written assignments of any such work, invention, improvement or other rights to the Company, or other agreements or written documentation which assign to and vest in the Company the exclusive ownership of such work, invention, improvement or other rights. The Company has delivered or Made Available to Atlantic copies of the standard forms of such assignments, agreements or other written documentation used by the Company Entities. None of such agreements (including any agreement for the performance of professional services by or on the behalf of the Company Entities) confers upon any Person other than the Company Entities any ownership interest, exclusive license or other right with respect to any Company Intellectual Property in connection with such agreement.
(f) The IT assets of the Company Entities operate and perform in all material respects in a manner that permits as required by each of the Company Entities to conduct the Business and its Subsidiaries in connection with their respective businesses as currently conducted conducted, and (iii) have not materially malfunctioned or failed since the Look-Back Date. To the Knowledge of the Company, no Person has gained or attempted to gain unauthorized access to or otherwise interfered with such IT Assets since the operation Look-Back Date. Each of any IT asset. In all matters related to the Business, the Company Entities and its Subsidiaries have implemented and followed commercially reasonable security measures including, data backup and disaster recovery processes that are appropriate for businesses that collect, maintain and transfer sensitive health and other personal informationtechnology processes.
(gk) Each To the Knowledge of the Company, the Company and its Subsidiaries have established and implemented written policies and organizational, physical, administrative, and technical policies regarding privacy and cybersecurity that are, in all material respects, commercially reasonable and consistent with applicable data privacy and security contractual obligations, of the Company Entities is and its Subsidiaries, and applicable Law. The Company and its Subsidiaries’ privacy policies are posted and accessible on the Company’s and its Subsidiaries’ websites and on any other mechanism through which the Company or its Subsidiaries collects, uses, stores, processes, transmits, transfers or discloses Personal Information, in compliance each case, as required under applicable Law, except where the failure to do so would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. The Company and each of its Subsidiaries have complied with all material respects of such policies, and with (i) all applicable Laws and Legal Requirements pertaining Laws, in each case, regarding Personal Information, including with respect to (A) data security, cybersecurity, privacy, and (B) the collection, use, storage, processing, transmission, transfer (including cross-border transfers), disclosure and protection of Personal Information, including complying with all applicable requirements of the California Consumer Privacy Act and the EU General Data Protection Regulation (“GDPR”), and all other Laws implementing, supplementing, amending, replacing or superseding the foregoing, except where the failure to comply would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect.
(l) To the Knowledge of the Company, the Company and each of its Subsidiaries have written agreements in place with all Persons who collect, use, accessstore, disclosureprocess, processingtransmit, security, and transfer of Personal Data (referred to collectively in this Agreement as “Data Activities”) ((A) and (B) together “Privacy Laws”) (e.g., the FTC Act, the CCPA, and the NY SHIELD Act); (ii) the Payment Card Industry Security Standards set by the PCI Security Standards Council, to the extent that it is subject to same, pursuant to contract or otherwise, and it has validated its compliance with such standards to the extent required by the applicable rules and guidelines issued by card associations; and (iii) all obligations imposed upon any Company Entity in Contracts (or portions thereof) to which it is a Party that are applicable to Data Activities (such obligations collectively, “Privacy Agreements”). Except as set forth in Schedule 6.27(g) of the Disclosure Schedules, the Company Entities do not have any premises, employees or tangible assets, and does not conduct any business activities, in any country other than the United States. The Company Entities have implemented and distributed written privacy and data security policies, including a publicly posted website privacy policy (“Privacy and Data Security Policies”), which are all of the privacy and data security policies that the Company Entities are required to maintain. The Company has Made Available to Atlantic a true, correct, and complete copy of each of said Privacy and Data Security Policies. At all times, the Company Entities have been and they are in compliance in all material respects with all such Privacy and Data Security Policies. None of the execution, deliverytransfer, or performance of this Agreement, nor the consummation of any of the Contemplated Transactions, will violate any of the Privacy Agreements, Privacy and Data Security Policies or any applicable Privacy Laws.
(i) There is no pending, nor has there been since January 1, 2022 any material Actions against the Company initiated by: (x) any Person; (y) the United States Federal Trade Commission, any state attorney general or similar state official; (z) any other Governmental Authority, foreign or domestic; or (iv) any regulatory or self-regulatory entity alleging any violation disclose Personal Information by or on behalf of the Company of Privacy and Data Security Policies.
(ii) Since January 1or its Subsidiaries, 2022, there has been no material breach of security resulting which agreements require such Persons to safeguard such Personal Information in unauthorized access, use or disclosure of Personal Data in the possession or control a manner consistent with commitments of the Company or, to the Company’s Knowledge, any and its Subsidiaries and in compliance with all applicable Laws. The Company and each of its contractors with regard Subsidiaries have taken commercially reasonable steps designed to any ensure that Personal Data obtained from or on behalf of the CompanyInformation that is collected, used, stored, processed, transmitted, transferred, or any material unauthorized intrusions or breaches of security into the Company systems.
(iii) The Company owns or has license to use the Company IT Systems as necessary to operate the business of the Company as currently conducted. To the Company’s Knowledge, none of the Company IT Systems contain any worm, bomb, backdoor, clock, timer or other disabling device, code, design or routine that causes the software of any portion thereof to be erased, inoperable or otherwise incapable of being used, either automatically, with the passage of time or upon command by any unauthorized person.
(iv) The Company has taken organizational, physical, administrative and technical measures required by Privacy Requirements consistent with standards prudent in the industry in which the Company operates to protect (i) the integrity, security and operations of the Company’s information technology systems, and (ii) the confidential data owned disclosed by the Company or provided by the Company’s customers, and Personal Data against data security incidents or other misuse. The Company has implemented reasonable procedures, satisfying the requirements of applicable Privacy Laws in all material respects, to detect data security incidents and to protect Personal Data its Subsidiaries is protected against loss and against unauthorized access, use, modification, disclosure or other misuse.
(v) In connection with each third-party service provider whose services are material to processing. To the Company and involve the processing of Personal Data on behalf Knowledge of the Company, except as would not reasonably be expected to have, individually or in the aggregate, a Company has in accordance with Privacy LawsMaterial Adverse Effect, since January 1, 2022, entered into valid data processing agreements with any such Third Party in accordance with applicable Privacy Laws.
(vi) The consummation of any of the transactions contemplated hereby, will not violate any applicable Privacy Agreements.
(vii) There there have not been any Actions related to data breaches or other incidents of unauthorized access to, or unauthorized disclosure, use or processing of, such Personal Information since the Look-Back Date. Since the Look-Back Date, neither the Company nor any data security incidents of its Subsidiaries has received any written claim, notice or any violations complaint alleging a material violation of any Privacy Requirements that have been asserted in writing against Person’s rights or reasonable expectations of privacy or confidentiality.
(m) To the Knowledge of the Company, and, to since the Company’s KnowledgeLook-Back Date, the Company has not received any written correspondence and each of its Subsidiaries are in material compliance with and have complied with applicable requirements contained in the Payment Card Industry Data Security Standards, as amended (“PCI DSS”) relating toto “cardholder data” (as such term is defined in the PCI DSS) with respect to all such cardholder data that the Company or its Subsidiaries possess, or written notice of any Actions with respect to, alleged violations by to which the Company of, Privacy Agreementsor its Subsidiaries have access.
Appears in 1 contract