Privacy; Information Security Clause Samples

Privacy; Information Security. (a) Except as would not reasonably be expected to have, individually or in the aggregate, a Target Company Material Adverse Effect, each of the Group Companies has, to the Knowledge of the Target Company, and any Person acting for or on behalf of any of the Group Companies, in the three (3) year period immediately preceding the date of this Agreement (in the case of any such Person, during the time such Person was acting for or on behalf of any of the Group Companies), has materially complied with: (i) all applicable Privacy Laws; (ii) all of the Group Companies’ applicable written and published policies and notices governing Personal Information (“Privacy Notices”); and (iii) all of the Group Companies’ applicable obligations governing Personal Information and information technology security under any Contracts to which the Group Companies are bound. In the three (3) year period immediately preceding the date of this Agreement, no Group Company has received written notice of any claims, investigations, inquiries or alleged violations of applicable Privacy Laws or Contracts governing Personal Information and information technology security (including from third parties acting on its or their behalf) except as would not reasonably be expected to have, individually or in the aggregate, a Target Company Material Adverse Effect, or, to the Knowledge of the Target Company, been charged by a Governmental Authority with the violation of any applicable Privacy Laws. In the three (3) year period immediately preceding the date of this Agreement, no Group Company has notified, or, to the Knowledge of the Target Company, been required by applicable Law or Contract to notify, any Person of any material Personal Information security-related incident. (b) During the three (3) year period immediately preceding the date of this Agreement, each of the Group Companies has implemented and maintained commercially reasonable security measures designed to protect the confidentiality, integrity, and availability of the IT Systems and Personal Information and in its possession, custody or under its control, except for such deficiencies as have not had and would not reasonably be expected to have a Target Company Material Adverse Effect. (c) In the three (3) year period immediately preceding the date of this Agreement, except as have not had and would not reasonably be expected to have, individually or in the aggregate, a Target Company Material Adverse Effect, there have been no b...

Privacy; Information Security. (a) In relation to the Business, Seller, together with its Representatives and, to Seller’s Knowledge, all Persons that Process or have Processed Personal Data at their direction and on their behalf, are, and have since the Lookback Date materially complied with (i) applicable Privacy Laws; (ii) applicable Privacy Policies; and (iii) their applicable obligations governing the privacy, security, protection or Processing of Personal Data, including any such Processing of Personal Data in connection with artificial intelligence or automated decision-making technology contained in any written Contract to which they are legally bound (collectively, “Privacy Requirements”). Seller has not received from any Person any notice of any material claims, investigations or inquiries alleging violations of applicable Privacy Requirements or relating to Seller’s Processing of Personal Data (including Processing of Personal Data in the use of artificial intelligence or automated decision-making technology). (b) In relation to the Business, Seller has established, implemented, and maintained appropriate technical, physical, administrative, and organizational measures and policies (taking into account the size and resources of Seller as well as the nature and purpose of the Processing and the types of Personal Data) designed to ensure, as applicable, the confidentiality, integrity, availability, and security of all Personal Data that is Processed by or at its direction and on behalf of Seller, and designed to prevent any unlawful, accidental, or unauthorized (i) access thereto or (ii) use, disclosure, acquisition, exfiltration, theft, loss, alteration, modification, corruption, destruction, Processing or unavailability thereof. In relation to the Business, Seller has periodically (but in no event less than on a quarterly basis) monitored and assessed security risks and taken commercially reasonable steps to remediate all material threats, deficiencies, weaknesses, and vulnerabilities identified by such monitoring and assessments, and there are no outstanding material threats, deficiencies, weaknesses or vulnerabilities. (c) In relation to the Business, since the Lookback Date, Seller has not experienced any material Security Incident, nor are there any facts or circumstances, to Seller’s Knowledge, which could reasonably suggest the likelihood of the foregoing. In relation to the Business, since the Lookback Date, Seller has not notified, nor has Seller been required by appl...

Privacy; Information Security. 7.1 IVIX and Customer shall comply with all privacy and data protection laws, including without limitation, the European Union's General Data Protection Regulation (2016/679) (“GDPR”), and any other applicable laws and regulations relating to the processing of “Personally Identifiable Information” (“PII”) (as such terms are defined in the GDPR) and privacy protection as amended from time to time that apply to them in connection with the Customer Data Sets (“Data Protection Laws”). In addition the processing by IVIX of any PII of Customer or any person acting on its behalf shall be governed by the IVIX privacy policy located at ▇▇▇▇▇://▇▇▇.

Privacy; Information Security. (a) Parent and its Subsidiaries (in each case, as related to the Business) and the Transferred Companies have taken commercially reasonable steps to monitor and protect against unauthorized use, access, interruption, modification or corruption to the confidentiality, integrity and security of, the information technology systems, including Software and hardware, owned or used in the conduct of the Business (the “Business IT Systems”) and the Personal Information stored therein or processed thereon, and have implemented backup, data recovery, disaster recovery and business continuity plans, procedures and facilities for the Business. The Business IT Systems operate, in all material respects, in accordance with their specifications and related documentation, as applicable. Except as would not reasonably be expected to be material to the Business, (x) the Transferred Companies lawfully own, lease or license all Business IT Systems and (y) the Business IT Systems are reasonably sufficient for the current needs of the Business, including as to capacity, scalability, and ability to process peak volumes in a timely manner. (b) In the past three (3) years, the Business IT Systems have not suffered any failures, Security Breaches or cybersecurity incidents that have resulted in a material disruption or loss to the Business. (c) Except as would not reasonably be expected to be material to the Business, the Business IT Systems do not contain any “back door,” “drop dead device,” “time bomb,” virus, Trojan horse, worm, malware or any other similar malicious code designed or intended to have, or capable of disrupting, disabling, harming or otherwise impeding effect on the operation of, or providing unauthorized access to, a computer system or network or other device on which such code is stored or installed, or damaging or destroying any data or file without the user’s consent. (d) Except as set forth in Section 4.14(d) of the Disclosure Schedules, except as would not reasonably be expected to be material to the Business, Parent and its Subsidiaries (in each case, as related to the Business) and the Transferred Companies are (and have been in the past three (3) years) in compliance with their external privacy statements and policies (and internal privacy statements and policies notified to employees), all applicable Laws and any Contracts, in each case, to the extent related to the processing of Personal Information, including (i) through the implementation and regular m...

Privacy; Information Security