Common use of Privacy and Data Security Clause in Contracts

Privacy and Data Security. (a) Q32 and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Contracts relating to privacy, security, collection or use of Personal Information of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 or any of its Subsidiaries in connection with the operation of Q32’s and its Subsidiaries’ business, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32, Q32 has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32, as of the date hereof, no claims have been asserted or threatened against Q32 by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Q32 has not received written notice of any of the same. To the Knowledge of Q32, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Q32 data in the custody or control of Q32 or any service provider acting on behalf of Q32, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 Contract.

Privacy and Data Security. (a) Q32 The Company is and its Subsidiaries have complied has at all times been in compliance with all applicable Privacy Laws and the applicable terms of any Q32 Company Contracts relating to governing privacy, data protection, data security, collection trans-border data flow, data loss, data theft, or use of breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information of any individuals (including any such information of individuals, clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) pharmacists that interact with Q32 or any of its Subsidiaries the Company in connection with the operation of Q32the Company’s business), except, in each case, for such noncompliance as has not had, and its Subsidiaries’ businesswould not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. To the Knowledge of the Company, the Company (i) has implemented and maintains reasonable written policies and procedures that materially comply with applicable Privacy Laws and are designed to protect the privacy and security of Personal Information (the “Privacy Policies”) and (ii) has complied with such Privacy Policies, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Company Material Adverse Effect. To the Knowledge of Q32, Q32 has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32, as of the date hereofCompany, no claims have Legal Proceeding has been asserted or threatened against Q32 the Company by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or Policies, or the applicable terms of any Q32 Company Contracts relating to governing privacy, data protection, data security, collection trans-border data flow, data loss, data theft, or use of breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information of any individuals and Q32 has not received written notice of any of the sameInformation. To the Knowledge of Q32the Company, there have been no data security incidents, personal incidents or data breaches or other adverse events or incidents related to that have resulted in any unauthorized access to, or collection, use, disclosure, modification or destruction of, Personal Information or Q32 other data in the custody possession or control of Q32 the Company or any service provider acting on behalf of Q32the Company, in each case case, where such incident, breach or event would result resulted in a notification obligation to any Person under applicable law Law or pursuant to the terms of any Q32 Company Contract.

Privacy and Data Security. (a) Q32 Homology and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Homology Contracts relating to privacy, security, collection or use of Personal Information of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 Homology or any of its Subsidiaries in connection with the operation of Q32Homology’s and its Subsidiaries’ business, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Homology Material Adverse Effect. To the Knowledge of Q32Homology, Q32 Homology has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Homology Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Homology Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32Homology, as of the date hereof, no claims have been asserted or threatened against Q32 Homology by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Homology Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Q32 Homology has not received written notice of any of the same. To the Knowledge of Q32Homology, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Q32 Homology data in the custody or control of Q32 Homology or any service provider acting on behalf of Q32Homology, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 Homology Contract.

Privacy and Data Security. (a) Q32 Frequency and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Frequency Contracts relating to privacy, security, collection or use of Personal Information of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 Frequency or any of its Subsidiaries in connection with the operation of Q32Frequency’s and its Subsidiaries’ business, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Frequency Material Adverse Effect. To the Knowledge of Q32Frequency, Q32 Frequency has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) Policies and has complied with the sameits Privacy Policies, except for such noncompliance as has not to the Knowledge of Q32 the Frequency had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Frequency Material Adverse Effect. To the Knowledge of Q32Frequency, as of the date hereof, no claims have been asserted or threatened against Q32 Frequency by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Frequency Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Q32 has not received written notice of any of the sameindividuals. To the Knowledge of Q32Frequency, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Q32 Frequency data in the custody or control of Q32 Frequency or any service provider acting on behalf of Q32Frequency, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 Frequency Contract.

Privacy and Data Security. Each member of the Company Group has, since January 1, 2016, (a) Q32 complied in all material respects with such Company Group member’s privacy policies and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Contracts relating Legal Requirements governing privacy or data protection with respect to privacysuch Company Group member’s collection, use, storage, processing, sharing, security, collection disclosure or use transfer of Personal Information that is possessed by or otherwise subject to the control of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 or any such member of its Subsidiaries in connection with the operation of Q32’s and its Subsidiaries’ business, except for such noncompliance as has not hadCompany Group, and would not reasonably be expected (b) used commercially reasonable measures designed to haveprotect and secure such Personal Information from security breaches resulting in loss, individually damage, or in unauthorized access, use, disclosure, modification, or other misuse of such Personal Information. Each member of the aggregateCompany Group has undertaken surveys, a Q32 Material Adverse Effect. To audits, inventories, reviews, analyses and/or assessments to the Knowledge of Q32extent required by applicable privacy and data protection Legal Requirements and remediated any deficiencies identified thereby, Q32 to the extent required by applicable privacy and data protection Legal Requirements, has implemented provided training to its employees with respect to compliance with such Legal Requirements, and maintains has adopted commercially reasonable written information security policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of practices designed to safeguard Personal Information in such Company Group member’s possession or control. Since January 1, 2016, (the “Q32 Privacy Policies”i) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 hadSeller, there has been no security breach resulting in any loss, damage, or unauthorized access, use, disclosure, modification, or other misuse of any Personal Information while in the possession of, or subject to the control of, any member of the Company Group, and would not reasonably be expected to have, individually or in (ii) the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32, as of the date hereof, no claims have been asserted or threatened against Q32 by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Q32 Company Group has not received written notice of any actual or threatened proceedings against any member of the same. To the Knowledge of Q32, there have been no Company Group with respect to such Company Group member’s privacy or data security incidents, personal data breaches or practices with regard to any such Personal Information. The execution of this Agreement and the other adverse events or incidents related to Personal Information or Q32 data in the custody or control of Q32 or any service provider acting on behalf of Q32Transaction Documents, in each case where such incidenton the part of the members of the Company Group, breach and the consummation of the transactions contemplated hereby and thereby do not cause any member of the Company Group to violate, any privacy policy of the applicable member of the Company Group or event would result in a notification obligation any applicable Legal Requirements relating to privacy or data security with respect to any Person under applicable law or pursuant to the terms of any Q32 ContractPersonal Information.

Privacy and Data Security. (a) Q32 Parent and its Subsidiaries are and since January 1, 2023, have complied been in compliance with all applicable Privacy Laws and the applicable terms of any Q32 Parent Contracts relating to governing privacy, data protection, data security, collection trans-border data flow, data loss, data theft, or use of breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information of any individuals (including any such information of individuals, clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) pharmacists that interact with Q32 Parent or any of its Subsidiaries in connection with the operation of Q32Parent’s and its Subsidiaries’ business), except, in each case, for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Parent Material Adverse Effect. To the Knowledge of Parent, Parent (i) has implemented and maintains reasonable Privacy Policies that materially comply with applicable Privacy Laws and are designed to protect the privacy and security of Personal Information and (ii) has complied with such Privacy Policies, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Parent Material Adverse Effect. To the Knowledge of Q32, Q32 has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Material Adverse Effect. To the Knowledge of Q32, as of the date hereofParent, no claims have Legal Proceeding has been asserted or threatened against Q32 Parent by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or Policies, or the applicable terms of any Q32 Parent Contracts relating to governing privacy, data protection, data security, collection trans-border data flow, data loss, data theft, or use of breach notification, data localization, sending solicited or unsolicited electronic mail or text messages, cookies or other tracking technology, with respect to, or the collection, handling, use, maintenance, storage, disclosure, transfer, or other processing of, Personal Information of any individuals and Q32 has not received written notice of any of the sameInformation. To the Knowledge of Q32Parent, there have been no data security incidentsincidents or data breaches, personal data breaches or other adverse events or incidents related to that have resulted in any unauthorized access to, or collection, use, disclosure, modification or destruction of, Personal Information or Q32 other data in the custody possession or control of Q32 Parent or any service provider acting on behalf of Q32Parent, in each case case, where such incident, breach breach, or event would result has resulted in a notification obligation to any Person under applicable law Law or pursuant to the terms of any Q32 Parent Contract.

Privacy and Data Security. (a) Q32 Korro and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Korro Contracts relating to privacy, security, collection or use of Personal Information of any individuals (including clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 Korro or any of its Subsidiaries in connection with the operation of Q32Korro’s and its Subsidiaries’ business, except for such noncompliance as has not had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Korro Material Adverse Effect. To the Knowledge of Q32Korro, Q32 Xxxxx has implemented and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 ContractsLaws, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) and has complied with the same, except for such noncompliance as has not to the Knowledge of Q32 Korro had, and would not reasonably be expected to have, individually or in the aggregate, a Q32 Korro Material Adverse Effect. To the Knowledge of Q32Korro, as of the date hereof, no claims have been asserted or threatened against Q32 Korro by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Korro Contracts relating to privacy, security, collection or use of Personal Information of any individuals and Q32 has not received written notice of any of the sameindividuals. To the Knowledge of Q32Korro, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Q32 Korro data in the custody or control of Q32 Korro or any service provider acting on behalf of Q32Xxxxx, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 Korro Contract.

Privacy and Data Security. All information or data of any kind possessed by the Company, including but not limited to, personally identifiable information collected from any source, including consumers (“PII”), aggregate or anonymous information collected from any source, including consumers (“Non-PII”) and Employee data, whether collected online or offline (collectively, “Data”), has been collected, by the Company or any other Person, and is being maintained, stored, processed and used by the Company in compliance with all applicable laws. The Company has at all times presented a privacy policy (“Privacy Policy”) to consumers prior to the collection of any PII or Non-PII online. The Privacy Policy, and any other representations, marketing materials and advertisements that address privacy issues and the treatment of Data, accurately and completely describe the Company’s information collection and use practices, and no such notices or disclosures have been inaccurate, misleading or deceptive. The Company has stored and maintained all Data in a secure manner, using commercially reasonable physical and technical measures, to ensure the integrity and security of the Data and to prevent loss, alteration, corruption, misuse and unauthorized access to such Data. There has been no unauthorized use, access to or disclosure of any Data. The Company has not received any claims, notices or complaints regarding its information practices or use of Data. The Company has not received any written notice from a Governmental Authority or consumer advocacy organization challenging, questioning or inquiring about the Company’s Data collection or usage practices. To the Knowledge of the Sellers, neither the Company nor any of its subcontractors has experienced any (a) Q32 and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms breach of any Q32 Contracts relating to privacy, security, collection as defined by the Privacy Laws, (b) Breach of Unsecured Protected Health Information as “Breach,” “Unsecured Protected Health Information,” and “Protected Health Information” are defined by HIPAA, or use of Personal Information of (c) any individuals Security Incident as “Security Incident” is defined by HIPAA, except, with respect to (including clinical trial participantsc), patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 or any of its Subsidiaries in connection with the operation of Q32’s and its Subsidiaries’ business, except for such noncompliance as has not had, and those Security Incidents which would not reasonably be expected to havenot, individually or in the aggregate, reasonably be likely to have a Q32 Material Adverse Effect. To the Knowledge of Q32, Q32 has implemented The Company is in compliance with all guidelines and maintains reasonable written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, concerning the privacy, security, collection and use of Personal Information (the “Q32 Privacy Policies”) and has complied with the same, except for such noncompliance as has not that relate to the Knowledge of Q32 had, Company’s business and would not reasonably be expected to have, individually or which are set forth by applicable industry associations and self-regulatory guidelines. The Company has only used Data received from its customers in the aggregate, a Q32 Material Adverse Effectaccordance with its contractual agreements with such customers. To the Knowledge of Q32, as The consummation of the date hereoftransactions contemplated herein will not result in any loss or impairment of the rights to own or use any Data, no claims have been asserted or threatened against Q32 by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or nor will such consummation require the applicable terms consent of any Q32 Contracts relating to privacy, security, collection or use of Personal Information third party in respect of any individuals and Q32 has not received written notice of any of the same. To the Knowledge of Q32, there have been no data security incidents, personal data breaches or other adverse events or incidents related to Personal Information or Q32 data in the custody or control of Q32 or any service provider acting on behalf of Q32, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 ContractData.

Privacy and Data Security. (a) Q32 except as has not had and would not reasonably be expected to have a Company Material Adverse Effect, the practices of the Company and its Subsidiaries have complied with all applicable Privacy Laws and the applicable terms of any Q32 Contracts relating to privacysubsidiaries concerning collection, use, analysis, retention, storage, protection, security, collection or use transfer, disclosure, disposal, and other processing of Personal Information comply with, and have not violated, any (i) Contract, including any business associate agreement, data processing agreement or data use agreement entered into by the Company or its subsidiaries with a client, (ii) applicable Privacy Law, or (iii) internal or external written policy of any individuals the Company and its subsidiaries; (including clinical trial participantsb) except as has not had and would not reasonably be expected to have a Company Material Adverse Effect, patientssince January 1, patient family members2018, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists) that interact with Q32 or neither the Company nor any of its Subsidiaries in connection with subsidiaries has (i) received written or other notice of an investigation by any Governmental Authority for an actual or alleged violation of any applicable Privacy Law, or (ii) received any written (or, to the operation Company’s knowledge, other) complaints or notices from any person alleging a violation of Q32’s any Privacy Law; (c) the Company and each of its subsidiaries has implemented reasonable administrative, physical, organizational, and technical safeguards to protect the Personal Information processed by the Company and its Subsidiaries’ businesssubsidiaries, and such safeguards take into account the size and scope of the Company and the risks posed to the Personal Information processed by the Company and its subsidiaries, except for such noncompliance failures to implement as has not hadbeen, and would not reasonably be expected to havebe, individually or in the aggregate, material to the Company Group, taken as a Q32 Material Adverse Effectwhole. To the Knowledge of Q32The Company and its subsidiaries maintain, Q32 has implemented and maintains reasonable have remained in compliance with, written policies and procedures, satisfying the requirements of applicable Privacy Laws and Q32 Contracts, procedures concerning the privacy, security, collection and use (i) protection of Personal Information Information, (ii) the “Q32 Privacy Policies”protection of the systems, technology and networks that process such Personal Information, and (iii) prevention, detection, containment, and has complied with the samecorrection of security incidents and violations respecting its information systems, except for such noncompliance failures to maintain or remain in compliance as has have not to the Knowledge of Q32 hadbeen, and would not reasonably be expected to havebe, individually or in the aggregate, material to the Company Group, taken as a Q32 whole; (d) except as has not had and would not reasonably be expected to have a Company Material Adverse Effect. To the Knowledge of Q32, as of the date hereofsince January 1, no claims have 2018, there has been asserted or threatened against Q32 by any Person alleging a violation of Privacy Laws, Q32 Privacy Policies and/or the applicable terms of any Q32 Contracts relating to privacy, security, collection no: (i) unauthorised disclosure or use of any Personal Information in the possession, custody or control of the Company or any individuals and Q32 has not received written notice of its subsidiaries, or (ii) breach of any of the sameCompany’s or its subsidiaries’ security procedures wherein Personal Information has been disclosed to an unauthorised third person. Since January 1, 2018, neither the Company nor any of its subsidiaries has notified another party or a Governmental Authority of any security incident or breach of information security procedures; (e) except as has not had and would not reasonably be expected to have a Company Material Adverse Effect, to the extent that the Company or its subsidiaries collect Personal Information of persons located outside of the United States, the Company and its subsidiaries have implemented sufficient mechanisms to ensure that the transfers of Personal Information from such persons’ home country to any other country complies with Privacy Laws, including any applicable restrictions placed on the transfer of such Personal Information; (f) except as has not had and would not reasonably be expected to have a Company Material Adverse Effect, the Company and its subsidiaries have entered into written agreements with each third-party service provider, vendor and business partner that has access (including storage) to Personal Information on behalf of the Company (“Data Related Vendors”) that require compliance with all Privacy Laws. To the Knowledge knowledge of Q32the Company, there the Company and its subsidiaries have been no data taken reasonable and sufficient steps to select and retain only those Data Related Vendors that have maintained the confidentiality and security incidents, personal data breaches or other adverse events or incidents related to of the Personal Information or Q32 data in the custody or control of Q32 or any service provider acting on behalf of Q32, in each case where such incident, breach or event would result in a notification obligation to any Person under applicable law or pursuant to the terms of any Q32 Contract.which they have access;