Common use of Privacy; Data Security Clause in Contracts

Privacy; Data Security. Since March 31, 2017, except as would not, individually or in the aggregate, have a Company Material Adverse Effect, (i) the Company and its Subsidiaries are in compliance with (A) all applicable Privacy Laws, (B) all of the Company’s policies regarding Personal Information (“Privacy Policies”), and (C) all of the Company’s contractual obligations with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security (technical, physical and administrative), disposal, destruction, disclosure, or transfer (including cross-border) of Personal Information; (ii) no Privacy Policies of the Company and its Subsidiaries have contained any material omissions or been misleading or deceptive; (iii) the Company and its Subsidiaries have implemented and at all times maintained reasonable safeguards, consistent with practices in the industry in which the Company and its Subsidiaries operate, to protect Personal Information and other confidential data in their possession or under their control against loss, theft, misuse or unauthorized access, use, modification or disclosure; (iv) the Company and its Subsidiaries have taken commercially reasonable steps to ensure that any third party to whom the Company and its Subsidiaries have granted access to Personal Information collected by or on behalf of the Company and its Subsidiaries has implemented and maintained the same; (v) there have been no breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any of the Company and its Subsidiaries; (vi) the Company and its Subsidiaries have not provided or been legally required to provide any notices to any Person in connection with any such breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any the Company and its Subsidiaries; and (vii) neither the Company nor any of its Subsidiaries has received any written notice of any claims (including written notice from third parties acting on its behalf), of or been charged with, the violation of, any Privacy Laws, applicable privacy policies, or contractual commitments with respect to Personal Information.

Privacy; Data Security. Since March 31, 2017, except Except as would not, individually or in the aggregate, not have a Company Material Adverse Effect, (i) the Company and its Subsidiaries are in compliance with (A) all applicable Privacy Laws, (B) all of the Company’s policies regarding Personal Information (“Privacy Policies”), and (C) all of the Company’s contractual obligations with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security (technical, physical and administrative), disposal, destruction, disclosure, or transfer (including cross-border) of Personal InformationInformation (collectively with Privacy Laws and Privacy Policies, the “Data Protection Requirements”); (ii) no Privacy Policies of the Company and its Subsidiaries have contained any material omissions or been misleading or deceptive; (iii) the Company and its Subsidiaries have implemented and at all times maintained reasonable physical, technical, and administrative safeguards, consistent compliant with practices in the industry in which the Company and its Subsidiaries operateapplicable Data Protection Requirements, that are designed to protect Personal Information and other confidential data in their possession or under their control against loss, theft, misuse or unauthorized access, use, modification or disclosure; (iv) the Company and its Subsidiaries have taken commercially reasonable steps to ensure that any third party to whom the Company and its Subsidiaries have granted access to Personal Information collected by or on behalf of the Company and its Subsidiaries has implemented and maintained the same; (viii) there have been no breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any of the Company and its Subsidiaries; (vi) the Company and its Subsidiaries have not provided ’ IT Systems that would require notification of individuals, other affected parties, law enforcement, or been legally required to provide any notices to any Person in connection with any such breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any the Company and its Subsidiaries; Governmental Authority under applicable Privacy Laws and (viiiv) since January 1, 2019, neither the Company nor any of its Subsidiaries has received any written notice of any claims (including written notice from third parties acting on its behalf), ) of or been charged with, the violation of, any Privacy Laws, applicable privacy policies, or contractual commitments with respect to Personal InformationData Protection Requirements.

Privacy; Data Security. Since March 31, 2017, except Except as would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect, the (i) the Company and its Subsidiaries Entities are in compliance with (A) all applicable Privacy Laws, (B) all of the Company’s policies regarding Personal Information (“Privacy Policies”), and (C) all of the Company’s contractual obligations with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security (technical, physical and administrative), disposal, destruction, disclosure, or transfer (including cross-border) of Personal Information; (ii) no Privacy Policies of the Company and its Subsidiaries Entities have contained any material omissions or been misleading or deceptive; (iii) the Company and its Subsidiaries Entities have implemented and at all times maintained reasonable safeguards, consistent with practices in the industry in which the Company and its Subsidiaries Entities operate, to protect Personal Information and other confidential data in their possession or under their control against loss, theft, misuse or unauthorized access, use, modification or disclosure; (iv) the Company and its Subsidiaries Entities have taken commercially reasonable steps to ensure that any third party to whom the Company and its Subsidiaries Entities have granted access to Personal Information collected by or on behalf of the Company and its Subsidiaries Entities has implemented and maintained the same; (v) there have been no breaches, security incidents, misuse of or unauthorized access to or disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries Entities or collected, used or processed by or on behalf of any of the Company and its SubsidiariesEntity; (vi) the Company and its Subsidiaries Entities have not provided or been legally required to provide any notices to any Person in connection with any such breaches, security incidents, misuse of or unauthorized access to or a disclosure of any Personal Information in the possession or control of the Company and its Subsidiaries or collected, used or processed by or on behalf of any the Company and its SubsidiariesInformation; and (vii) neither the no Company nor any of its Subsidiaries Entity has received any written notice of any claims (including written notice from third parties acting on its behalf), of or been charged with, the violation of, any Privacy Laws, applicable privacy policies, or contractual commitments with respect to Personal Information, and there are no facts or circumstances that could reasonably be expected to form the basis of any such notice or claim.