Common use of Privacy Laws Clause in Contracts

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, to the extent applicable, if any, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply in all material respects with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives, as applicable. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means means: (i) a natural persons’ person’s name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a material breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries, Subsidiary: (iy) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iiiz) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The To the knowledge of the Company, the Company and each of its Subsidiaries are, and at all prior times were, is in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); ) and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the extent required by applicable Privacy Laws, except as would not otherwise be expected to have a Material Adverse Effect, the Company and each of its Subsidiaries have has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their place policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling handling, and analysis of Personal Data (the “Policies”)) and take appropriate steps reasonably designed to ensure compliance in all material respects with such Policies. When At all times since inception, where required by applicable lawPrivacy Laws and to the extent such Policies are in written form, the Company provides has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ person’s name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of identifies such natural person, or his or her family, or permits the collection or analysis of any data related to an identified identifies a specific person’s health condition or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the The Company nor any of its Subsidiaries, further certifies that it: (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential alleged violation of, of any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; or (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or settlement agreement that imposed imposes any obligation or liability under any applicable Privacy Law.

Privacy Laws. The Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and each of its Subsidiaries are, subsidiaries have complied and at all prior times were, are presently in material compliance with all internal and external privacy policies, industry standards, all applicable statutes, judgments, orders, rules, regulations of any court or arbitrator or other governmental or regulatory entity, any other legal obligations, and applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability California Consumer Privacy Act (“HIPAACCPA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”) and any other applicable contractual obligation, in each case relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”). To ensure compliance with the Privacy LawsData Security Obligations, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representativesrepresentatives as required by the applicable Privacy Laws. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (viv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None To the Company’s knowledge, none of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies Policies, except as would not, individually or in any material respect. The executionthe aggregate, delivery and performance of this Agreement or any other agreement referred reasonably be expected to in this Agreement will not result in have a breach of any Privacy Laws or PoliciesMaterial Adverse Effect. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy LawLaw or (iv) is a party to any action, suit or proceeding by or before any court or governmental agency, authority or body pending or, to the Company’s knowledge, threatened alleging non-compliance with any Data Security Obligation.

Privacy Laws. The To the knowledge of the Company, the Company and each of its Subsidiaries are, and at all prior times were, subsidiaries are in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary reasonable actions to prepare to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the extent required by applicable Privacy Laws, except as would not otherwise be expected to have a material adverse effect, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their place policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling handling, and analysis of Personal Data (the “Policies”)) and take appropriate steps reasonably designed to ensure compliance in all material respects with such Policies. When At all times since inception, where required by applicable lawPrivacy Laws and to the extent such Policies are in written form, the Company provides has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of identifies such natural person, or his or her family, or permits the collection or analysis of any data related to an identified identifies a specific person’s health condition or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the The Company further certifies that neither it nor any of its Subsidiaries, subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential alleged violation of, of any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; or (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or settlement agreement that imposed imposes any obligation or liability under any applicable Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third third-party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter matter, and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (iA) a natural persons’ person’s name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; , (iiB) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; , (iiiC) Protected Health Information as defined by HIPAA; , (ivD) “personal data” as defined by GDPR; GDPR and (vE) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries, subsidiaries (ix) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (iiy) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iiiz) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health HITECH Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement, any Terms Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.)of 2009; and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries areis, and at all prior times wereduring the past three years was, in material compliance with all applicable data privacy and security laws and regulations, including, including without limitation, the Health Insurance Portability and Accountability Act as applicable, HIPAA (“HIPAA”as defined below), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); amended, and the Company has taken any required and each its Subsidiaries have taken all necessary actions to comply in all material respects with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (and all other applicable laws and regulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with the same would be reasonably likely to create a material liability) as soon as they take effect (collectively, the “Privacy Laws”). To ensure material compliance with the Privacy Laws, the Company has in place and each of its Subsidiaries have is in place, comply with, and take appropriate steps reasonably designed to ensure material compliance in all material respects with their commercially reasonable policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling handling, and analysis of Personal Data (the “Policies”). When required by applicable law, the Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices) as applicable. “Personal Data” means (i) a natural persons’ person’s name, street address, telephone number, email e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, person or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has during the past three years made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives as required by applicable laws and regulatory rules or requirements, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach or violation of any Privacy Laws or Policies. Neither the The Company nor any of its Subsidiaries, further certifies that it: (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation remediation, or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement that imposed imposes any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries areis, and at all prior times werewas, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have has taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries have has in place, comply complies with, and take takes appropriate steps reasonably designed to ensure compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the The Company nor any of its Subsidiaries, (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive disceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, to the extent applicable, if any, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives, as applicable. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its SubsidiariesSubsidiary, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and and, at all prior times within the past five years, were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each of its Subsidiaries subsidiaries have taken all necessary reasonable actions to comply in all material respects with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance In a manner reasonably designed to comply with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance comply in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides materially accurate notice of its Policies when and to the extent required by Privacy Laws to its customers, employees, third party vendors and representatives. The Policies provide accurate and legally sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that reasonably allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating tounder, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy LawLaw arising from any allegations of noncompliance with any of the Privacy Laws made by a person, governmental authority or competent supervisory authority in the European Union; or (iii) is a party to any order, governmental order or decree, or agreement with a governmental authority or competent supervisory authority in the European Union, that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times were, is in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability HIPAA and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the The Company and each of its Subsidiaries have has in place, comply complies with, and take takes appropriate steps reasonably designed to ensure compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its relevant Policies to its customers, employees, third party vendors and representativesrepresentatives where it is required to do so under Privacy Laws. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which that would qualify as “personally identifying information” be considered an unfair or deceptive trade practice under Section 5 of the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural personperson or household. To the Company’s Knowledge, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None none of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The To the Company’s Knowledge, the execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the The Company nor any of its Subsidiaries, (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge Knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, order of any court or agreement regulatory authority that imposed imposes on the Company any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times weresince January 1, 2019 have been, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary commercially reasonable actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure material compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (as defined below) (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ person’s name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that reasonably allows the specific identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The To the Company’s knowledge, the execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has has, since January 1, 2019, received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, which would reasonably be expected to result in a Material Adverse Change, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law, which would reasonably be expected to result in a Material Adverse Change; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply in all material respects and where applicable with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance comply in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data with respect to the Privacy Laws (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate representatives where and sufficient notice of the Company’s then-current privacy practices relating as required to its subject matter comply with all applicable Privacy Laws and such Policies do notices are and have not contain been misleading or deceptive in any material omissions of the Company’s then-current privacy practicesrespects. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information Information” as defined by HIPAA; and (iviii) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to arising from any Privacy Law; inquiry, investigation or other proceeding by a governmental agency or body or any court or (iii) is a party to any order, decree, or agreement by or with a governmental agency or body or any court that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Except as would not be expected to result in a Material Adverse Change, the Company and each of its Subsidiaries are(i) is, and at all prior times werewas, in material compliance with all applicable data privacy and security laws and regulationsregulations (“Privacy Laws”), including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.) and all regulations codifying the Federal Policy for the Protection of Human Subjects (including, without limitation, 45 C.F.R. part 46); , and the Company and each its Subsidiaries have (ii) has taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) and the California Consumer Privacy Act of 2018 (collectively“CCPA”) (Cal. Civil Code § 1798.100 et seq.), “Privacy Laws”)as currently applicable to the Company. To ensure compliance with the Privacy LawsExcept as would not be expected to result in a Material Adverse Change, the Company and each of its Subsidiaries have has in place, comply complies with, and take takes appropriate steps reasonably designed to ensure compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”), including, without limitation, all such Policies required under applicable Privacy Laws. When required by applicable law, the The Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iviii) “personal data” as defined by GDPR; (iv) “personal information” as defined by the CCPA; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The Except as would not be expected to result in a Material Adverse Change, the Company has obtained all permissions from natural persons that are required under applicable Privacy Laws for the Company’s use or processing of any Personal Data. Except as would not be expected to result in a Material Adverse Change, the execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the The Company nor any of its Subsidiaries, (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement not entered into in the ordinary course of business that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, including without limitation, as applicable, the Health Insurance Portability and Accountability Act General Data Protection Regulation 2016/679 (the “GDPR”), the UK Data Protection Axx 0000 (“HIPAADPA”), the UK General Data Protection Regulation as defined by the DPA as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (together with the DPA, the “UK GDPR”), and HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, and contractual obligations, industry standards, and any other legal obligations related to data privacy and security, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling handling, and analysis of Personal Data (the “Policies”)) as applicable. When “Personal Data” means all personal, personally identifiable, sensitive, confidential or regulated data. The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable lawPrivacy Laws, the Company provides and has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of representatives as required by applicable Privacy Laws, except where the Company’s then-current privacy practices relating failure to its subject matter and such Policies do not contain any material omissions of so would not, individually or in the Company’s then-current privacy practices. “Personal Data” means (i) aggregate, have a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationMaterial Adverse Effect. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The executionCompany further certifies that, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company neither it nor any of its Subsidiaries, subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential material violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed imposes any obligation or liability under any Privacy Law. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times within the past three years were, in compliance, in all material compliance respects, to the extent applicable to the Company’s activities, with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions reasonably designed to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”)) in all material respects, to the extent applicable to the Company’s activities as currently conducted. To ensure compliance with the Privacy Laws, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the Company provides accurate notice of its Policies to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiariessubsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law.

Privacy Laws. The Company and each of its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including, including without limitation, as applicable, the Health Insurance Portability and Accountability Act General Data Protection Regulation 2016/679 (the “GDPR”), the UK Data Protection Axx 0000 (“HIPAADPA”), the UK General Data Protection Regulation as defined by the DPA as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (together with the DPA, the “UK GDPR”), and HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, and contractual obligations, industry standards, and any other legal obligations related to data privacy and security, the Company and each of its Subsidiaries subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling handling, and analysis of Personal Data (the “Policies”)) as applicable. When “Personal Data” means all personal, personally identifiable, sensitive, confidential or regulated data. The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable lawPrivacy Laws, the Company provides and have provided accurate notice of its their respective Policies then in effect to its customers, employees, third party vendors and representatives. The Policies provide accurate and sufficient notice of representatives as required by applicable Privacy Laws, except where the Company’s then-current privacy practices relating failure to its subject matter and such Policies do not contain any material omissions of so would not, individually or in the Company’s then-current privacy practices. “Personal Data” means (i) aggregate, have a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationMaterial Adverse Effect. None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company further certifies that neither it nor any of its Subsidiaries, subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential material violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposed imposes any obligation or liability under any Privacy Law. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies.

Privacy Laws. The Company and each of its Subsidiaries are, and at all prior times wereduring the last three years have been, in material compliance with all applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); and the Company and each its Subsidiaries subsidiaries have taken all necessary actions to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) in all material respects (collectively, “Privacy Laws”). To ensure compliance with the Privacy Laws, the The Company and each of its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance comply in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). When required by applicable law, the The Company provides accurate notice of its Policies Personal Data processing practices to its customers, employees, third party vendors and representatives, to the extent required by Privacy Laws. The Policies To the extent required by Privacy Laws, the Company’s public-facing privacy notices provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photographimage, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such identifies a natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. None of such No disclosures made or contained in any of the Policies Company’s public-facing privacy notices have been inaccurate, misleading, deceptive or in violation of any Privacy Laws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries, (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy LawsLaws resulting from the Company’s processing of Personal Data, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, subject to any investigation, remediation or other corrective action pursuant to any Privacy LawLaw violation; or (iii) is a party to any order, decree, or agreement that imposed imposes any obligation or liability under any Privacy Law. For purposes of this paragraph, the Company and its subsidiaries shall be deemed to refer to (1) Vicarious Surgical Inc. and its subsidiaries as they existed prior to the Business Combination Closing Date and (2) the Company and its subsidiaries solely from and after the Business Combination Closing Date.