Common use of Cyber Security; Data Protection Clause in Contracts

Cyber Security; Data Protection. The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cyber Security; Data Protection. The Company’s Except as would not, individually or in the aggregate, reasonably be expected to result in a Material Adverse Change, the Parent Guarantor and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company Parent Guarantor and its the subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptantsconducted. The Company Parent Guarantor and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (processed or stored in connection with their businesses, including all personal, personally identifiable, sensitive, confidential or regulated information and data (“Personal Protected Data”)) used in connection with their businesses, and there . There have been no material breaches, violations, outages outages, or unauthorized uses of or accesses to samethe IT Systems and Protected Data, except for those that have been remedied without material cost or liability or the duty to notify any other personperson or any such breaches, violations, outages or unauthorized uses or accesses to the same that would not, individually or in the aggregate, reasonably be expected to result in a Material Adverse Change, nor are there any material incidents under internal review or investigations investigation relating to the same. The Company Parent Guarantor and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Protected Data and to the protection of such IT Systems and Personal Protected Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification.

Cyber Security; Data Protection. The Company’s Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, applications and databases (including the data of their respective customers, employees, suppliers, vendors and any third-party data maintained by or on behalf of the Company and its Subsidiaries) (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are Subsidiaries, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries Subsidiaries have implemented and maintained all commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or . Without limiting the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirementsforegoing, the Company and its subsidiaries Subsidiaries have in place, comply withused reasonable efforts to establish and maintain, and take appropriate steps reasonably designed to ensure compliance have established, maintained, implemented and complied with in all material respects with their respects, reasonable information technology, information security, cyber security and data protection controls, policies and procedures relating to data privacy procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and the collectionprevent breach, storagedestruction, loss, unauthorized distribution, use, disclosureaccess, handlingdisablement, misappropriation or modification, or other compromise or misuse of or relating to any information technology system or Data used in connection with the operation of the Company’s and analysis of Personal Data its Subsidiaries’ businesses (the “PoliciesBreach”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to To the knowledge of the Company, there has been inaccurate no such Breach other than any Breach that did not or would not reasonably be expected to result in violation of any applicable laws and regulatory rules or requirements in any material respecta Material Adverse Change. The Company further certifies that neither it nor any subsidiary: (i) has received notice and its Subsidiaries have not been notified of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has have no knowledge of any event or condition that would reasonably be expected to result in in, any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectBreach.

Cyber Security; Data Protection. The (i)(x) There has been no security breach or other compromise of or relating to any of the Company’s and or its subsidiaries’ information technology assets and equipment, computers, computer systems, networks, hardware, software, websites, applications, data (including the data of their respective customers, employees, suppliers, vendors and databases any third party data maintained by or on behalf of them), equipment or technology (collectively, “IT SystemsSystems and Data”), (y) are reasonably believed by the Company to be adequate forand its subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to their IT Systems and Data and (z) the Company’s or its subsidiaries’ IT Systems and Data operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, procedures and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) Data used in connection with their businesses, business reasonably consistent with industry standards and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or practices; (iii) the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification modification; and (“Data Protection Requirements”), in each caseiv) the Company and its subsidiaries have implemented backup and disaster recovery technology reasonably consistent with industry standards and practices, except for such failures as would not, in the case of clauses (i), (ii) and (iii) above, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmaterial adverse effect. To ensure compliance with the Data Protection Requirements, Any certificate signed by an officer of the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, delivered to the knowledge of Representative or to counsel for the Company, been inaccurate or in violation of any applicable laws Underwriters shall be deemed to be a representation and regulatory rules or requirements in any material respect. The warranty by the Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of to each Underwriter as to the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmatters set forth therein.

Cyber Security; Data Protection. The Company’s Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, data and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries the Subsidiaries as currently conducted and are conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, except where such inadequacy in, or failure to operate or perform, would not, reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect. The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and and, except as disclosed in the SEC Reports, there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other personperson or as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries Subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityauthority having jurisdiction over the Company and its Subsidiaries or any of their properties or assets, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each casemodification, except for where such failures as non-compliance or failure to protect would notnot reasonably be expected, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cyber Security; Data Protection. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its the subsidiaries as currently conducted conducted, and are to the knowledge of the Company, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants, other than those not reasonably expected to be material to the Company and its subsidiaries, taken as a whole. The Company and its subsidiaries have implemented and maintained maintain commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businessesprocessed and stored thereon, and to the knowledge of the Company, there have been no material breaches, incidents, violations, outages outages, compromises or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each casemodification, except for any such failures as noncompliance that would not, individually or in the aggregate, not reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required Any certificate signed by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge officer of the Company, been inaccurate the Guarantors or their respective subsidiaries and delivered to the Initial Purchasers or counsel for the Initial Purchasers in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any connection with the offering of the Data Protection RequirementsSecurities and, when issued, the Guarantees, shall be deemed a joint and has no knowledge several representation and warranty by each of any event or condition that would reasonably be expected the Company, the Guarantors and their respective subsidiaries, as to result in any such notice; (ii) is currently conducting or paying formatters covered thereby, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectInitial Purchasers.

Cyber Security; Data Protection. The CompanyTo the knowledge of the Issuer, (A) there has been no material security breach or incident, unauthorized access or disclosure, or other material compromise of or relating to Parent’s, Mission’s and its or their respective subsidiaries’ information technology assets and equipment, computers, computer systems, networks, hardware, software, websitesdata and databases (including the data and information of their respective customers, applicationsemployees, suppliers, vendors and any third party data maintained, processed or stored by Parent or Mission or their respective subsidiaries, and databases any such data processed or stored by third parties on behalf of Parent, Mission and their respective subsidiaries), equipment or technology (collectively, “IT SystemsSystems and Data”): (B) are reasonably believed by the Company to be adequate fornone of Parent or its subsidiaries have been notified of, and operate each of them have no knowledge of any event or condition that could result in, any material security breach or incident, unauthorized access or disclosure or other material compromise to their IT Systems and perform in all material respects as required in connection with the operation of the business of the Company Data and its subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company (C) Parent and its subsidiaries have implemented and maintained commercially reasonable appropriate controls, policies, procedures, and technological safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all their IT Systems and data (including all personalData reasonably consistent with industry standards and practices, personally identifiableor as required by applicable regulatory standards. To the knowledge of the Issuer, sensitiveParent, confidential or regulated data (“Personal Data”)) used in connection with Mission and their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its respective subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”)modification, in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectChange. Any certificate signed by an officer of the Issuer or any Guarantor and delivered to the Initial Purchasers or to counsel for the Initial Purchasers shall be deemed to be a representation and warranty by the Issuer or such Guarantor to the Initial Purchasers as to the matters set forth therein.

Cyber Security; Data Protection. The (i)(x) There has been no security breach or other compromise of or relating to any of the Company’s and or its subsidiaries’ information technology assets and equipment, computers, computer systems, networks, hardware, software, websites, applications, data (including the data of their respective customers, employees, suppliers, vendors and databases any third party data maintained by or on behalf of them), equipment or technology (collectively, “IT SystemsSystems and Data”), (y) are reasonably believed by the Company to be adequate forand its subsidiaries have not been notified of, and have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or other compromise to their IT Systems and Data and (z) the Company’s or its subsidiaries’ IT Systems and Data operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The ; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, procedures and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) Data used in connection with their businesses, business reasonably consistent with industry standards and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or practices; (iii) the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification modification; and (“Data Protection Requirements”), in each caseiv) the Company and its subsidiaries have implemented backup and disaster recovery technology reasonably consistent with industry standards and practices, except for such failures as would not, in the case of clauses (i), (ii) and (iii) above, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. To ensure compliance with the Data Protection Requirements, Any certificate signed by an officer of the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, delivered to the knowledge of Representatives or to counsel for the Company, been inaccurate or in violation of any applicable laws Underwriters shall be deemed to be a representation and regulatory rules or requirements in any material respect. The warranty by the Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of to each Underwriter as to the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmatters set forth therein.

Cyber Security; Data Protection. The Parent Guarantor’s, the Company’s and its the Guarantors’ and their respective subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company Parent Guarantor to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company Parent Guarantor and its subsidiaries as currently conducted and and, to the Parent Guarantor’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company Parent Guarantor and its subsidiaries have implemented and maintained maintain commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and all information and data (processed or stored in connection with their businesses, including all personal, personally identifiable, sensitive, confidential or regulated information and data (“Personal Protected Data”)) used in connection with their businesses, and there . There have been no known material breaches, incidents, violations, outages outages, compromises or unauthorized uses of or accesses to samethe IT Systems and Protected Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor are there any known material incidents under internal review or investigations investigation relating to the same. The Company Parent Guarantor and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Protected Data and to the protection of such IT Systems and Personal Protected Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. To ensure compliance with the Data Protection Requirements, Any certificate signed by an officer of the Company or any Guarantor and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, delivered to the knowledge of Initial Purchasers or to counsel for the Company, been inaccurate Initial Purchasers shall be deemed to be a representation and warranty by the Company or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of such Guarantor to each Initial Purchaser as to the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmatters set forth therein.

Cyber Security; Data Protection. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT SystemsSystems and Data”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation operations of the business of the Company and its subsidiaries as currently conducted and are conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data Data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all applicable judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”)modification. The Company and its subsidiaries have at taken all times made required actions to prepare to comply with the European Union General Data Protection Regulation (and all disclosures to users or customers required by other applicable laws and regulatory rules or requirementsregulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and none of such disclosures made or contained in for which any Policy have, non-compliance with the same would be reasonably likely to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any create a material respect. The Company further certifies that neither it nor any subsidiary: (iliability) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectsoon as they take effect.

Cyber Security; Data Protection. The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted and are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the CompanyCompany and the Guarantors, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company and the Guarantors further certifies certify that neither it the Company nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Cyber Security; Data Protection. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as reasonably required in connection with the operation of the business of the Company and its subsidiaries as currently conducted conducted, and to the knowledge of the Company are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained or caused to be implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been been, to the Company’s knowledge, no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations (except where failure to be in compliance with such contractual obligations would not result in a Material Adverse Change) relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmodification. To ensure compliance with the Data Protection Requirementsextent applicable to the Company, the Company and its subsidiaries have in place, taken all necessary actions to comply withwith the European Union General Data Protection Regulation and all other applicable laws and regulations with respect to Personal Data that are effective with respect to the Company as of the date hereof, and take appropriate steps for which any non-compliance with the same would be reasonably designed likely to ensure compliance result in all material respects a Material Adverse Change. Any certificate signed by any officer of the Company or any of its subsidiaries and delivered to any Underwriters or to counsel for the Underwriters in connection with their policies the offering, or the purchase and procedures relating sale, of the Offered Shares shall be deemed a representation and warranty by the Company to data privacy and security and each Underwriter as to the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”)matters covered thereby. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge has a reasonable basis for making each of the Company, been inaccurate or representations set forth in violation of any applicable laws and regulatory rules or requirements in any material respectthis Section 1. The Company further certifies acknowledges that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating tothe Underwriters and, or actual or potential violation of, any for purposes of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably opinions to be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action delivered pursuant to any Data Protection Requirement; or (iii) is a party Section 6, counsel to any orderthe Company and counsel to the Underwriters, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in will rely upon the aggregate, reasonably be expected accuracy and truthfulness of the foregoing representations and hereby consents to have a Material Adverse Effectsuch reliance.

Cyber Security; Data Protection. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted conducted, and to the knowledge of the Company are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained or caused to be implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”), in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”)modification. The Company and its subsidiaries have at taken all times made necessary actions to comply with the European Union General Data Protection Regulation and all disclosures to users or customers required by other applicable laws and regulatory rules or requirementsregulations with respect to Personal Data that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and none for which any non-compliance with same would be reasonably likely to create a material liability. Any certificate signed by any officer of such disclosures made the Company or contained any of its subsidiaries and delivered to any Underwriter or to counsel for the Underwriters in any Policy haveconnection with the offering, or the purchase and sale, of the Securities shall be deemed a representation and warranty by the Company to each Underwriter as to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respectmatters covered thereby. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any a reasonable basis for making each of the Data Protection Requirementsrepresentations set forth in this Section 1. The Company acknowledges that the Underwriters and, and has no knowledge for purposes of any event or condition that would reasonably the opinions to be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action delivered pursuant to any Data Protection Requirement; or (iii) is a party Section 6 hereof, counsel to any orderthe Company and counsel to the Underwriters, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in will rely upon the aggregate, reasonably be expected accuracy and truthfulness of the foregoing representations and hereby consents to have a Material Adverse Effectsuch reliance.

Cyber Security; Data Protection. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are reasonably believed by the Company to be adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries the Subsidiaries as currently conducted and and, to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with their businesses, and there have been no material breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material incidents under internal review or known investigations relating to the same. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification (“Data Protection Requirements”)modification, in each case, except for such failures as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with material adverse effect on the Data Protection Requirements, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”)Company. The Company and its subsidiaries have at taken all times made reasonable actions to prepare to comply with the European Union General Data Protection Regulation (and all disclosures to users or customers required by other applicable laws and regulatory rules or requirements, regulations with respect to Personal Data and none for which any non-compliance with same would be reasonably likely to create a material liability). Any certificate signed by any officer of such disclosures made or contained in any Policy have, the Company and delivered to the knowledge Representatives or counsel for the Underwriters in connection with the offering of the Offered ADSs shall be deemed a representation and warranty by the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating toas to matters covered thereby, or actual or potential violation of, any of the Data Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Data Protection Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental authority under any Data Protection Requirement, in each case except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectUnderwriter.