Common use of Privacy and Cybersecurity Clause in Contracts

Privacy and Cybersecurity. (a) Except as would not have a Group Company Material Adverse Effect, each Group Company maintains and is in compliance with, and during the last twelve (12) months has maintained and been in compliance with, (i) all applicable Laws relating to the privacy and/or security of personal information in the possession or control of such Group Company, (ii) the contractual obligations concerning cybersecurity, data security and the security of the information technology systems of such Group Company. There are no material Actions by any Person (including any Governmental Authority) pending to which any Group Company is a named party, or as to which such Group Company has received a threat in writing, alleging a violation of any third Person’s privacy or personal information rights. (b) During the last twelve (12) months (i) there have been, no material breaches of the security of the information technology systems under the exclusive control of any Group Company, and (ii) there have been no disruptions in any such information technology systems that materially adversely affected the business or operations of such Group Company. Each Group Company takes commercially reasonable and legally compliant measures designed to protect confidential, sensitive or personally identifiable information in its possession or control against unauthorized access, use, modification, disclosure or other misuse. To the knowledge of each Group Company, such Group Company has not (A) experienced any incident in which such information was stolen or improperly accessed, including in connection with a breach of security, or (B) received any written notice or complaint from any Person with respect to any of the foregoing, nor to the knowledge of such Group Company has any such notice or complaint been threatened in writing against such Group Company.

Privacy and Cybersecurity. (a) Except as would not have a Group Company Material Adverse Effect, each Each Group Company maintains and is in compliance with, and during the last twelve (12) months three years has maintained and been in compliance with, (i) all applicable Laws relating to the privacy and/or security of personal information in the possession or control of such Group Companyinformation, (ii) the such Group Company’s posted or publicly facing privacy policies, and (iii) such Group Company’s contractual obligations concerning cybersecurity, data security and the security of the information technology systems of such Group Company’s information technology systems. There are no material Actions by any Person (including any Governmental Authority) pending to which any a Group Company is a named party, or as to which such a Group Company has received a threat in writing, alleging a violation of any third Person’s privacy or personal information rights. (b) During the last twelve (12) months three years (i) there have been, been no material breaches of breaches, failures or other similar adverse events relating to the security of the information technology systems under the exclusive control of any Group Company, and (ii) there have been no disruptions in any such information technology systems that materially adversely affected the any Group Company’s business or operations of such Group Companyoperations. Each Group Company takes commercially reasonable and legally compliant measures designed to protect confidential, sensitive or personally identifiable information in its possession or control against unauthorized access, use, modification, disclosure or other misuse, including through administrative, technical and physical safeguards. To the knowledge of each Group Company, such No Group Company has not (A) experienced any incident in which such information was stolen or improperly accessed, including in connection with a breach of security, in each case that would be material to any Group Company, or (B) received any written notice or complaint from any Person with respect to any of the foregoing, nor to the knowledge of such Group Company has any such notice or complaint been threatened in writing against such a Group Company.