Common use of Privacy; Data Protection Clause in Contracts

Privacy; Data Protection. (a) Parent and its Subsidiaries used commercially reasonable efforts to (i) make all disclosures to, and obtain all necessary consents from users, customers and workers (i.e., employees, independent contractors and temporary employees) of Parent and its Subsidiaries required by applicable law relating to privacy and data security and (ii) file registrations as required with the applicable data protection authority. Parent and its Subsidiaries also have ensured that each of them has complied with any cross-border limitation relating to the transfer of Personal Information. Parent and its Subsidiaries have posted a privacy policy governing its use of data and disclaimers of liability on their web sites, and have complied at all times in all respects with such privacy policy, any public statements made by any of them regarding its privacy practices and all other rules, policies and procedures established from time to time by any of them with respect to Personal Information. Such posted privacy policies cover all of the activities in which Parent and its Subsidiaries are engaged including the placement of cookies, the tracking of user activity on a website and the creation of profiles of users; and Parent and its Subsidiaries comply with all requests from users, customers and workers to opt-out of the collection, use or disclosure of Personal Information as required by applicable law. (b) There is no action or claim pending, asserted or, to the knowledge of Parent, threatened or anticipated against Parent or any of its Subsidiaries alleging a violation of privacy, data protection, data security or confidentiality obligations under any applicable Legal Requirements, and no valid basis exists for any such action or claim. The negotiation, execution and consummation of the transactions contemplated by this Agreement, and any disclosure and/or transfer of information, including Personal Information, in connection therewith, will not breach or otherwise cause any violation of any such Legal Requirements relating to privacy, data protection, data security or the collection, use or maintenance of Personal Information relating to users, customers or workers. With respect to all Personal Information gathered or accessed in the course of operations of Parent and its Subsidiaries, Parent and its Subsidiaries have at all times taken all reasonable measures consistent with industry best practices to ensure that such data is protected against loss and unauthorized access, use, modification, disclosure or other misuse, and there has been no unauthorized access to or other misuse, either suspected or actual, of such data.

Privacy; Data Protection. (a) Parent and its Subsidiaries used commercially reasonable efforts to (i) make Vendor has made all disclosures to, and obtain obtained all necessary consents from users, customers and workers (i.e., employees, independent contractors and temporary employees) of Parent and its Subsidiaries Vendor required by current applicable law relating to privacy and data security and (ii) file has filed registrations as required with the applicable data protection authority. Parent and its Subsidiaries Vendor also have has ensured that each of them it has complied with any cross-border limitation relating to the transfer of Personal Information. Parent and its Subsidiaries have Vendor has currently posted a privacy policy governing its use of data and disclaimers of liability on their Vendor web sites, and have has complied at all times in all material respects with such privacy policy, any public statements made by any of them Vendor regarding its current privacy practices and all other rules, policies and procedures established from time to time by any of them Vendor with respect to Personal Information. Such The current posted privacy policies cover policy covers all of the activities in which Parent and its Subsidiaries are Vendor is engaged including the placement of cookies, the tracking of user activity on a website and the creation of profiles of users; and Parent and its Subsidiaries comply , required to be posted under applicable law. Moreover, Vendor complies with all requests from users, customers and workers to opt-out of the collection, use or disclosure of Personal Information as required by applicable law. (b) There is no action or claim pending, asserted or, to the knowledge of ParentVendor’s Knowledge, threatened or anticipated against Parent or any of its Subsidiaries Vendor alleging a violation of privacy, data protection, data security or confidentiality obligations under any applicable Legal RequirementsLaws, and rules, policies or procedures, which if determined adversely to Vendor would result in a Material Adverse Effect, and, to the Vendor’s Knowledge, no valid basis exists for any such action or claim. The negotiation, execution and consummation of the transactions contemplated by this Agreementthe Transaction, and any disclosure and/or transfer of information, including Personal Information, in connection therewith, will not breach or otherwise cause any violation of any such Legal Requirements rules, policies or procedures or any applicable Laws relating to privacy, data protection, data security or the collection, use or maintenance of Personal Information relating to users, customers or workers, in all cases, in any material respect. With respect to all Personal Information gathered or accessed in the course of operations of Parent and its SubsidiariesVendor’s operations, Parent and its Subsidiaries have Vendor has at all times taken all reasonable measures consistent with industry best practices to ensure that such data is protected against loss and unauthorized access, use, modification, disclosure or other misuse, and there has been no unauthorized access to or other misuse, either suspected or actual, of such data.

Privacy; Data Protection. (a) Parent The Company represents and warrants that it, and its Subsidiaries used commercially reasonable efforts to former Subsidiaries, (i) make are in material compliance with applicable federal and state data privacy and security laws and all disclosures other Legal Requirements relating to the collection, use, storage, transfer, and disclosure of Personally Identifiable Information of any employees, contractors, or consultants, and any other individuals, including patients of customers, clients, or users, including, but not limited to, and obtain all necessary consents from usersHIPAA, customers and workers (i.e., employees, independent contractors and temporary employees) of Parent and its Subsidiaries required by applicable law relating to privacy and data security and (ii) file registrations as required are in material compliance with the applicable data protection authority. Parent and its Subsidiaries also have ensured that each of them has complied with any cross-border limitation their posted policies relating to the transfer privacy of Personal Information. Parent users of the Company’s and its Subsidiaries have posted a privacy policy governing its use of data former Subsidiaries’ products, services and disclaimers of liability on their web siteswebsites, and have complied at all times in all respects with such privacy policy, any public statements made by any of them regarding its privacy practices and all other rules, policies and procedures established from time to time by any of them including without limitation with respect to Personal Information. Such posted privacy policies cover all the use, collection, storage, disclosure and transfer of any Personally Identifiable Information collected by the activities in which Parent and Company or its Subsidiaries are engaged including the placement of cookiesformer Subsidiaries, the tracking of user activity on (iii) have entered into Business Associate Agreements when required by HIPAA, (iv) have complied with such Business Associate Agreements, (v) have not received a website and the creation of profiles of users; and Parent and its Subsidiaries comply with all requests from users, customers and workers to opt-out of the complaint regarding their respective collection, use or disclosure of Personal Information as required by applicable law. Personally Identifiable Information, (bvi) There is no action or claim pending, asserted or, to the knowledge of Parent, threatened or anticipated against Parent or any of its Subsidiaries alleging have included a violation of privacy, data protection, data security or confidentiality obligations under any applicable Legal Requirements, true and no valid basis exists for any such action or claim. The negotiation, execution and consummation correct copy of the transactions contemplated by this AgreementCompany’s website privacy policy and HIPAA compliance program policy in Schedule 4.19, and any disclosure and/or transfer of information, including Personal Information, in connection therewith, will not breach or otherwise cause any violation of any such Legal Requirements relating to privacy, data protection, data security or the collection, use or maintenance of Personal Information relating to users, customers or workers. With respect to all Personal Information gathered or accessed in the course of operations of Parent and its Subsidiaries, Parent and its Subsidiaries (vii) have at all times taken all reasonable measures consistent complied with industry best any legal requirements that they disclose their privacy practices to ensure customers or patients, (viii) has not made any such disclosure that such data is protected against loss and unauthorized access, use, modification, disclosure or other misuse, and there has been no unauthorized access inaccurate, misleading or deceptive or in violation of any federal or state data privacy or security law, (ix) are not aware of any material data loss or breach of security or any Breach of Unsecured Protected Health Information as defined by HIPAA and HITECH, (x) have required all subcontractors to which Personally Identifiable Information has been given to agree to implement reasonable and appropriate means for protecting that information and have required all subcontractors who received Protected Health Information to agree to the same restrictions and conditions that apply to Company with respect to such Protected Health Information, (xi) have implemented a reasonable and appropriate plan, or other misuseplans, either suspected or actualwhich (a) identifies internal and external risks to the security of Personally Identifiable Information; (b) implements, monitors and improves adequate and effective administrative, electronic and physical safeguards to control those risks; (c) maintains notification procedures in compliance with federal and state data privacy and security laws in the case of such any breach of security compromising data, including unencrypted data containing Personally Identifiable Information; and (d) provides for the prevention of data loss.

Privacy; Data Protection. (a) Parent and its Subsidiaries used commercially reasonable efforts to (i) make all disclosures to, and obtain all necessary consents from users, customers and workers (i.e., employees, independent contractors and temporary employees) of Parent and its Subsidiaries required by applicable law relating to privacy and data security and (ii) file registrations as required with the applicable data protection authority. Parent and its Subsidiaries also have ensured that each of them has complied with any cross-border limitation relating to the transfer of Personal Information. Parent The Company and its Subsidiaries have posted a privacy policy governing not collected any personally identifiable information concerning users of its use of data products, services and disclaimers of liability on websites from any third parties. The Company, its Subsidiaries and their web sites, and respective subcontractors have complied at all times in all material respects with such all Legal Requirements and their privacy policypolicies relating to the privacy of users of the Company’s and its Subsidiaries’ products, any public statements made by any of them regarding its privacy practices services and all other ruleswebsites, policies and procedures established from time to time by any of them including without limitation with respect to Personal Information. Such posted privacy policies cover all the use, collection, storage, disclosure and transfer of any data and personally identifiable information collected by the activities in which Parent Company and its Subsidiaries are engaged including or by third parties having authorized access to the placement records of cookies, the tracking of user activity on a website Company and the creation of profiles of users; and Parent its Subsidiaries. The Company and its Subsidiaries comply and their respective subcontractors have complied in all material respects with all requests from usersLegal Requirements and their privacy policies relating to the collection, customers use, storage, transfer, and workers to opt-out disclosure of any data and personally identifiable information of any employees, contractors or consultants, both in the United States and internationally. Neither the Company nor any Subsidiary of the Company has received a complaint regarding their respective collection, use or disclosure of Personal Information as required by applicable law. (b) There is no action or claim pendingdata, asserted or, including but not limited to the knowledge of Parent, threatened or anticipated against Parent or any of its Subsidiaries alleging a violation of privacy, data protection, data security or confidentiality obligations under any applicable Legal Requirements, and no valid basis exists for any such action or claimpersonally identifiable information. The negotiationexecution, execution delivery and consummation performance of the transactions contemplated by this Agreement, and any disclosure and/or transfer of information, including Personal Information, in connection therewith, will not breach or otherwise cause any violation of any such Agreement complies with all Legal Requirements relating to privacyprivacy and does not violate the Company’s or its Subsidiaries’ privacy policies. True and correct copies of all such privacy policies are attached to Schedule 4.20, data protection, data security or and the collection, use or maintenance of Personal Information relating to users, customers or workers. With respect to all Personal Information gathered or accessed in the course of operations of Parent Company and its SubsidiariesSubsidiaries and their respective subcontractors have at all times made all privacy policy disclosures to such users or customers as required by Legal Requirements. None of such disclosures made or contained in any such privacy policy has been inaccurate, Parent misleading or deceptive or in violation of any Legal Requirements. The Company and its Subsidiaries have at implemented and maintains a comprehensive plan, or plans, which (i) identifies internal and external risks to the security of data and Confidential Information, including personally identifiable information; (ii) implements, monitors and improves adequate and effective administrative, electronic and physical safeguards to control those risks; (iii) maintains notification procedures in compliance with all times taken all reasonable measures consistent with industry best practices to ensure that such data is protected against loss Legal Requirements and unauthorized access, use, modification, disclosure privacy or other misusepolicies in the case of any breach of security compromising data, including unencrypted data containing personally identifiable information; and there (iv) adequately provides for the prevention of data loss. Neither the Company nor any Subsidiary of the Company has been no experienced any data loss, breach of security or otherwise unauthorized access by third parties to Confidential Information, including personally identifiable information, in the Company’s or other misuseits Subsidiaries’ possession, either suspected custody or actual, of such datacontrol.