Common use of Compliance with Data Privacy Laws Clause in Contracts

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 inception provided accurate notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: subsidiaries (ia) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; , (iib) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; , or (iiic) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including without limitation HIPAA. Currently, the Company does not meet the thresholds required for compliance with the California Consumer Privacy ActAct (“CCPA”), and the California Privacy Rights Act (“CPRA”), or other similar state privacy laws, nor does the Company meet the conditions that would require that it comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (), and the UK GDPR. The Company intends to, and will, be in compliance with the CCPA, the CPRA, other similar state privacy laws, the GDPR and the UK GDPR when such laws apply to the Company. HIPAA, CCPA, CPRA, other similar state privacy laws, GDPR and the UK GDPR are collectively, the “Privacy Laws”). .” To ensure compliance with the applicable Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have result in a Material Adverse EffectChange, at all times since January 1, 2021 inception provided accurate and complete notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives, including as required by applicable laws and regulatory rules or requirements. None of such disclosures made or contained in any Privacy Statements Statement have been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any applicable Privacy Laws. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement, will not result in a breach or violation of any Privacy Laws or Privacy Statements. The Company further certifies represents that neither it nor any of its Subsidiariessubsidiary: (i) has received written notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Confidential Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including without limitation HIPAA, the California Consumer Privacy ActAct (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 inception provided accurate notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiariessubsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in compliance in all material compliance respects with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including without limitation, as applicable, HIPAA, the California Consumer Privacy ActAct (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the The Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have result in a Material Adverse EffectChange, at all times since January 1, 2021 inception provided accurate notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Except as set forth in the Registration Statement and Prospectus, neither the Company further certifies that neither it nor any of its Subsidiariessubsidiaries: (i) has received written notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation by the Company or any of its subsidiaries of, any of the Privacy Laws, contracts contractual obligations of the Company or any of its subsidiaries related to privacy or security with respect to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractcontractual obligations of the Company or any of its subsidiaries related to privacy or security with respect to the Processing of Personal Data or Confidential Data, other than in the ordinary course of business; or (iii) is a party to any order, decree, or agreement by or with any governmental or regulatory authority, or relating to the violation by the Company or its subsidiaries of any Privacy Law, that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, |US-DOCS\139083198.5|| transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including without limitation HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 inception provided accurate notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: subsidiaries (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; , (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; , or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation, HIPAA, the California Consumer Privacy Act, and the European Union Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and have been and currently are in compliance with, the E.U. General Data Protection Regulation (EU Regulation (EU) 2016/679) (“GDPR”) and all applicable national legislation that implements, amends, transposes or provides for any derogations in respect of the GDPR and the California Consumer Privacy Act of 2018, Civil Code section 1798.100 et seq. (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the The Company and its subsidiaries Subsidiaries have in place, comply with, and take all appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements in any material respect. The Neither the Company further certifies that neither it nor any of its Subsidiariessubsidiaries: (i) has have received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is are currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or and (iii) is are a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including without limitation HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries Subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 inception provided accurate notice of its Privacy Statements then in effect to its clientscustomers, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiariessubsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation HIPAA, the California Consumer Privacy ActCCPA, and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply complies with, and take all takes appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, processing, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, has at all times since January 1made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. Any certificate signed by an officer of the Company and delivered to the Agents or to counsel for the Agents pursuant to or in connection with this Agreement shall be deemed to be a representation and warranty by the Company to the Agents as to the matters set forth therein. The Company acknowledges that the Agents and, for purposes of the opinions to be delivered pursuant to Section 7 hereof, counsel to the Company and counsel to the Agents, will rely upon the accuracy and truthfulness of the foregoing representations and hereby consents to such reliance.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all during the two (2) years prior times hereto were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in material compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries Subsidiaries have in place, comply in all material respects with, and take all appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1made all disclosures to users or customers required by Privacy Laws, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy LawsLaws in any material respect. The Company further certifies that neither it nor any of its SubsidiariesSubsidiary: (i) has received written notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or material liability under or relating to, or actual or potential material violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any material violation of Privacy Law or contractLaw; or (iii) is a party to any order, decree, or agreement that imposes any material obligation or liability under relating to any violation of Privacy Law. (rr) No Disqualification Event. With respect to Securities to be offered and sold hereunder in reliance on Rule 506(b) under the 1933 Act (“Regulation D Securities”), none of the Company, any of its predecessors, any affiliated issuer, any director, executive officer, other officer of the Company participating in the offering contemplated hereby, or, to the Company’s knowledge, any beneficial owner of 20% or more of the Company’s outstanding voting equity securities, calculated on the basis of voting power, nor any promoter (as that term is defined in Rule 405 under the 1933 Act) connected with the Company in any capacity at the time of sale (each, an “Issuer Covered Person” and, together, “Issuer Covered Persons”) is subject to any Disqualification Event, except for a Disqualification Event covered by Rule 506(d)(2) or (d)(3). The Company has exercised reasonable care to determine whether any Issuer Covered Person is subject to a Disqualification Event. The Company has complied, to the extent applicable, with its disclosure obligations under Rule 506(e), and has furnished to the Buyers a copy of any disclosures provided thereunder.

Compliance with Data Privacy Laws. The Except as described in the Registration Statement, the Time of Sale Prospectus and the Prospectus, the Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation HIPAA, the California Consumer Privacy ActCCPA, GDPR, UK GDPR and the European Union General Data Protection Regulation (EU 2016/679) applicable privacy and security laws of the State of Israel (collectively, the “Privacy Laws”)) and have in place, and have complied in all material respects with each of their respective, written and published policies and procedures concerning the privacy, security and Processing of Personal Data and Confidential Data. To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply with, complies with and take all takes appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, security and the Processing collection, storage, use, processing, disclosure, handling and analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”), including entering into Business Associate Agreements pursuant to HIPAA. The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, has at all times since January 1made all disclosures to governmental, 2021 provided accurate notice of its Privacy Statements then in effect to its clientsregulatory, employeessupervisory authorities or individual data subjects required by applicable laws and regulatory rules or requirements, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements Policy have been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements in any material respect. The Except as would not reasonably be expected to have a Material Adverse Effect, in the past three (3) years, the Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received any notice or claim of any data breach, or improper use, disclosure or access, actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy LawsLaws from a governmental, contracts related to the Processing of Personal Data regulatory or Confidential Data, supervisory authority or Privacy Statementsindividual data subject, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law by a governmental, regulatory or contractsupervisory authority or individual data subject; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times weresince January 1, 2020 have been, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collectionregulations, useincluding, storagewithout limitation, retentionas applicable, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, as amended by the California Consumer Privacy Act, Health Information Technology for Economic and Clinical Health Act (42 U.S.C. Section 17921 et seq.). The Company and its Subsidiaries have taken any required and necessary actions to comply in all material respects with the European Union General Data Protection Regulation (EU 2016/679) ), the California Consumer Privacy Act and all other applicable laws and regulations with respect to Personal Data, including all that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with same would be reasonably likely to create a material liability as soon they take effect (collectively, the “Privacy Laws”). To ensure material compliance with the Privacy Laws, the Company and its subsidiaries Subsidiaries have in place, comply and are in material compliance with, and take all appropriate steps necessary to ensure compliance in all material respects with their commercially reasonable policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”), as applicable. The Company and its Subsidiaries havehave at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives as required by applicable law and regulatory rules or requirements, except as where the failure to do so would not reasonably be expectednot, individually or in the aggregate, to have result in a Material Adverse Effect, at all times since January 1, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements of the Policies have been materially inaccurate, misleading, incomplete, deceptive or in material violation of any Privacy LawsLaws or Policies in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies. The Company further certifies that neither it nor any of its Subsidiaries: Subsidiary (i) has received written notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; , (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; Law, or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws Laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 2022 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 2022 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company Company’s and its Subsidiaries are, and at all prior times were, subsidiaries’ business practice have been structured in material compliance a manner reasonably designed to comply with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation HIPAA, except where the California Consumer Privacy Actfailure to do so would not reasonably be expected to result in a Material Adverse Change, and the Company and its subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”), except where the failure to do so would not reasonably be expected to result in a Material Adverse Change. To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take all appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to subsidiaries have a Material Adverse Effect, at all times since January 1made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements, except where the failure to do so would not reasonably be expected to result in a Material Adverse Change. The Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received notice asserting a violation by the Company or any of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, its subsidiaries of any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or (iii) is a party to any material order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiary are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding regulations, including without limitation the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing Health Insurance Portability and Accountability Act of 1996 (collectively “Process” or “ProcessingHIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act of Personal Data, including HIPAA, the California Consumer Privacy Act2009 (“HITECH”), and the Company and its subsidiary have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries subsidiary have in place, comply with, and take all appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (as defined below) (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to subsidiary have a Material Adverse Effect, at all times since January 1made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by GDPR and (iv) any information which would qualify as “protected health information” under HIPAA, as amended by HITECH.

Compliance with Data Privacy Laws. The Except as would not individually or in the aggregate reasonably be expected to result in a Material Adverse Change, the Company and its Subsidiaries subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Dataregulations, including without limitation HIPAA, and the California Consumer Privacy ActCompany and its subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply in all material respects with, and take all appropriate commercially reasonable steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (the “Privacy StatementsPolicies”). The Company and its Subsidiaries havesubsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except as where the failure to do so would not reasonably be expected, individually or result in the aggregate, to have a Material Adverse EffectChange, at all times since January 1, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any applicable Privacy LawsLaws in any material respect. The Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law; in each case except as would not reasonably be expected to have a Material Adverse Change. (aaa) Forward-Looking Statement. No forward-looking statement (within the meaning of Section 27A of the Act and Section 21E of the Exchange Act) included in any of the Registration Statement, the General Disclosure Package or the Prospectus has been made or reaffirmed without a reasonable basis or has been disclosed other than in good faith.

Compliance with Data Privacy Laws. The Company and its Subsidiaries subsidiary are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations regarding regulations, including without limitation the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing Health Insurance Portability and Accountability Act of 1996 (collectively “Process” or “ProcessingHIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act of Personal Data, including HIPAA, the California Consumer Privacy Act2009 (“HITECH”), and the Company and its subsidiary have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries subsidiary have in place, comply with, and take all appropriate steps necessary reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and securitysecurity and the collection, storage, use, disclosure, handling, and the Processing analysis of Personal Data and Confidential Data (as defined below) (the “Privacy StatementsPolicies”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to subsidiary have a Material Adverse Effect, at all times since January 1made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, 2021 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None none of such disclosures made or contained in any Privacy Statements have Policy have, to the knowledge of the Company, been materially inaccurate, misleading, incomplete, inaccurate or in material violation of any Privacy Lawsapplicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any of its Subsidiariessubsidiary: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contractLaw; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would ACTIVE/112182650.6 ACTIVEUS 190056073v.6 qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by GDPR and (iv) any information which would qualify as “protected health information” under HIPAA, as amended by HITECH.

Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws Laws and regulations regarding the collection, use, storage, retention, disclosure, transfer, disposal, or any other processing (collectively “Process” or “Processing”) of Personal Data, including HIPAA, the California Consumer Privacy Act, and the European Union General Data Protection Regulation (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries Subsidiaries have in place, comply with, and take all appropriate steps necessary to ensure compliance in all material respects with their policies and procedures relating to data privacy and security, and the Processing of Personal Data and Confidential Data (the “Privacy Statements”). The Company and its Subsidiaries have, except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, at all times since January 1, 2021 2022 provided accurate notice of its Privacy Statements then in effect to its clients, employees, third party vendors and representatives. None of such disclosures made or contained in any Privacy Statements have been materially inaccurate, misleading, incomplete, or in material violation of any Privacy Laws. The Company further certifies that neither it nor any of its Subsidiaries: (i) has received notice of any actual or potential claim, complaint, proceeding, regulatory proceeding or liability under or relating to, or actual or potential violation of, any of the Privacy Laws, contracts related to the Processing of Personal Data or Confidential Data, or Privacy Statements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law or contract; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.