Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 4 contracts
Sources: Securities Purchase Agreement (Century Therapeutics, Inc.), Securities Purchase Agreement (Century Therapeutics, Inc.), Securities Purchase Agreement (Crinetics Pharmaceuticals, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data including the Law for the Protection of Personal Data in Possession of Private Parties (as defined belowLey Federal para la Protección de Datos Personales en Posesión de los Particulares) and all sensitive, confidential, or proprietary data (collectively, with “Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) except for those that would not, individually or in the aggregate, have a Material Adverse Effect or have been remedied without the duty to notify any other person. The Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. .” The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none definition of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any “Registration Statement” of the Privacy Laws, and has no knowledge of any event or condition that would reasonably Standard Provisions shall be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability amended by any governmental or regulatory authority under any Privacy Law, except, in replacing the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectregistration number “No. 333-227649” with registration number “No. 333-259910”.
Appears in 4 contracts
Sources: Pricing Agreement (America Movil Sab De Cv/), Pricing Agreement (America Movil Sab De Cv/), Pricing Agreement (America Movil Sab De Cv/)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systemscomputer systems and assets, networks, hardware, software, websites, applications, databases (including all Personal Data, and databases sensitive, confidential or regulated data, and the data of their respective customers, employees, suppliers, vendors and any third party data maintained by or on behalf of them), equipment or technology (collectively, “IT SystemsSystems and Data”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes.
(i) Except as may be included or incorporated by reference in the Registration Statement and the Prospectus, without limitation (Ax) a natural personto the Company’s nameknowledge, street address, telephone number, e-mail address, photograph, social the Company has not had any material security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breachesbreach, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without or other material cost compromise of or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to any of the sameCompany’s or its subsidiaries’ IT Systems and Data, and (iiiy) the Company and its subsidiaries arehave not been notified of, and at all prior times werehave no knowledge of any event or condition that would reasonably be expected to result in, any material security breach or other material compromise to their IT Systems and Data; (ii) the Company and its subsidiaries are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so as would not, in the case of this clause (ii), individually or in the aggregate, have a Material Adverse Effect, ; and none of such disclosures made (iii) the Company and its subsidiaries have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, implemented backup and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectdisaster recovery technology consistent with industry standards and practices.
Appears in 3 contracts
Sources: Sales Agreement (ProQR Therapeutics N.V.), Sales Agreement (ProQR Therapeutics N.V.), Sales Agreement (ProQR Therapeutics N.V.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation includes (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (DC) any information which would qualify as “protected health information” under HIPAA; and (ED) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (FE) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company has implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”) used by the Company, or by its service providers in the performance of services for the Company, in connection with the Company’s businesses; (iii) there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data used or maintained by the Company or by its service providers in the performance of services for the Company (“Company Data”), except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations by the Company relating to the same, and (iiiiv) the Company and its subsidiaries are, is and at all prior times werehas been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR GDPR, as applicable (collectively, the “Privacy Laws”), and all of its internal policies and binding industry standards, and contractual obligations relating to the privacy and security of IT Systems and Sensitive Company Data and to the protection of such IT Systems and Sensitive Company Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so Except as would not, individually or in the aggregate, have a Material Adverse Effect, the Company has at all times made all disclosures to users or customers required by applicable Privacy Laws and none of such disclosures made made, have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has not received written (or to its knowledge, other) notice of any actual or potential liability under or relating tounder, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is not a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Underwriting Agreement (Otonomy, Inc.), Underwriting Agreement (Otonomy, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with for the operation and performance for the operation of the business of the Company and its subsidiaries as currently conducted, and, to the Company’s knowledge, the IT Systems are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the , that would reasonably be likely to have a Material Adverse Effect. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679)Regulation; (Div) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the that, in each case, would reasonably be likely to have a Material Adverse Effect. The Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Open Market Sale Agreement (Iovance Biotherapeutics, Inc.), Underwriting Agreement (Iovance Biotherapeutics, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expectednot, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect: , (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are designed to be adequate for, and operate and perform in all material respects as required in connection with with, the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all personal, personally identifiable, sensitive, confidential, confidential or proprietary regulated data (collectively, with “Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Biii) any information which would qualify as “personally identifying information” under to the Federal Trade Commission ActCompany’s knowledge, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and ; (iiiiv) the Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulationsor statutes (including, including without limitation HIPAA, CCPA, and GDPR (collectivelyfor the avoidance of doubt, the “Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act; the European Union General Data Protection Regulation (EU 2016/679); and the California Consumer Privacy Laws”), Act) and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the protection, collection, use, disclosure, transfer, storage, disposal, confidentiality, integrity, privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company ; and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws(v) the execution, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effectdelivery, and none performance of such disclosures made have been inaccurate this Agreement or any other agreement referred to in this Agreement will not result in a breach or violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Underwriting Agreement (EngageSmart, Inc.), Underwriting Agreement (EngageSmart, LLC)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (data, including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with “Personal Data, “Sensitive Data”)) ,” used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679) (“GDPR”) (EU 2016/679); (Div) any information which would qualify as “protected health information” under HIPAA; the Health Insurance Portability and (E) any “personal information” Accountability Act of 1996, as defined amended by the California Consumer Privacy Health Information Technology for Economic and Clinical Health Act (collectively, “CCPAHIPAA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the . The Company and its subsidiaries are, are and at all prior times were, have been in material compliance with all applicable state and federal data privacy and security laws and regulationslaws, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), directives or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data (“Data Protection Laws”) and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at taken all times made necessary actions to prepare to comply with the GDPR and all disclosures other applicable laws and regulations with respect to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse EffectPersonal Data, and none of such disclosures made have been inaccurate or in violation of for which any applicable Privacy Laws in any non-compliance with same would be reasonably likely to create a material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectliability.
Appears in 2 contracts
Sources: Securities Purchase Agreement (Renalytix PLC), Securities Purchase Agreement (Renalytix PLC)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (data, including all Personal Data (as defined below) and all sensitive, confidential, confidential or proprietary regulated data (collectively, with Personal Data, “Sensitive Confidential Data”)) used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation GDPR (“GDPR”) (EU 2016/679as defined below); (Div) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”); and (Ev) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fvi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the . The Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems Systems, Confidential Data, and Sensitive Personal Data and to the protection of such IT Systems Systems, Confidential Data, and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Sales Agreement (fuboTV Inc. /FL), Sales Agreement (fuboTV Inc. /FL)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with for the operation and performance for the operation of the business of the Company and its subsidiaries as currently conducted, and, to the Company’s knowledge, the IT Systems are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the , that would reasonably be likely to have a Material Adverse Change. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679)Regulation; (Div) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the that, in each case, would reasonably be likely to result in a Material Adverse Change. The Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Underwriting Agreement (Iovance Biotherapeutics, Inc.), Open Market Sale Agreement (Iovance Biotherapeutics, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect., (i) to the knowledge of the Company and the Guarantors, the information technology systems, equipment and software used by the Company or any of its subsidiaries in their respective businesses (the “IT Assets”) (A) are adequate for the operation of the business of the Company and its subsidiaries as currently conducted; (B) operate and perform in all material respects in accordance with their documentation and functional specifications and otherwise as required by the Company’s and its subsidiaries’ respective businesses as currently conducted and (C) are free of any viruses, “back doors,” “Trojan horses,” “time bombs,” “worms,” “drop dead devices” or other software or hardware components that are designed or intended to interrupt use of, permit unauthorized access to, or disable, damage or erase, any software material to the business of the Company or any of its subsidiaries; (ii) the Company and its subsidiaries have implemented commercially reasonable backup and disaster recovery technology processes consistent with standard industry practices; and (iii) to the knowledge of the Company and the Guarantors, no person has gained unauthorized access to any IT Asset since the Company’s inception. Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, (i) with regard to their receipt, collection, handling, processing, sharing, transfer, usage, disclosure, interception, security, storage and disposal of all data and information that identifies or relates to a distinct individual, including without limitation IP addresses, mobile device identifiers, geolocation information and website usage activity data, or that is directly linked to such information (collectively, “Personal and Device Data”), the Company and its subsidiaries have operated at all times in a manner compliant with all applicable laws, regulations, and contractual obligations (including the European Union General Data Protection Regulation) (“Privacy Legal Obligations”); (ii) the Company and its subsidiaries have commercially reasonable policies and procedures consistent with standard industry practices designed to ensure the Company and its subsidiaries comply with such Privacy Legal Obligations and take appropriate steps that are reasonably designed to assure compliance with such policies and procedures, and such policies and procedures comply with all Privacy Legal Obligations; (iii) the Company and its subsidiaries maintain commercially reasonable data security policies and procedures consistent with standard industry practices designed to protect the confidentiality, security, and integrity of Personal and Device Data and to prevent unauthorized use of and access to Personal and Device Data; (iv) the Company and its subsidiaries have commercially reasonable policies and procedures consistent with standard industry practices to require all third parties to which they provide any Personal and Device Data to maintain the privacy and security of such Personal and Device Data and to comply with applicable Privacy Legal Obligations; and (v) to the knowledge of the Company and the Guarantors, there has been no unauthorized access to, or use or disclosure of, Personal and Device Data maintained by or for the Company or its subsidiaries
Appears in 1 contract
Sources: Underwriting Agreement (CrowdStrike Holdings, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or otherwise described in the aggregateDisclosure Documents, to have a Material Adverse Effect: (i) the Company Company’s and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and, to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) . Except as otherwise described in the Disclosure Documents or would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, policies and safeguards necessary procedures designed to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (data, including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679) (“GDPR”) (EU 2016/679); (Div) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) except as otherwise described in the Disclosure Documents or would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. Except as otherwise described in the Disclosure Documents, the Company and its subsidiaries are, Subsidiaries are and at all prior times were, have been in material compliance with all applicable state and federal data privacy and security laws and regulationslaws, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), directives or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data (“Data Protection Laws”) and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the each case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 1 contract
Sources: At the Market Equity Offering Sales Agreement (Ligand Pharmaceuticals Inc)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with for the operation and performance of the business of the Company and its subsidiaries as currently conductedconducted To the Company’s knowledge, the IT Systems are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679)Regulation; (Div) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s knowledge, there have been no material breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the . The Company and its subsidiaries areare presently, and at all prior times were, for the past three (3) years have been in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modificationmodification (each a “Data Protection Requirement”). The Neither the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (Ai) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy LawsData Protection Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (Bii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy LawData Protection Requirement; or (Ciii) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse EffectData Protection Requirement.
Appears in 1 contract
Sources: Open Market Sale Agreement (Iovance Biotherapeutics, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no material breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. Neither the Company nor its subsidiaries are a “covered person” as that term is defined in Executive Order 14117 and rules and regulations issued thereunder, including 28 C.F.R. Part 202, as implemented or amended from time to time (the “DSP”). The Company and its subsidiaries have not engaged in or directed any “covered data transaction” as that term is defined in the DSP, except in compliance with the DSP.
Appears in 1 contract
Sources: Underwriting Agreement (Crinetics Pharmaceuticals, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company The Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, applications and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s Knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, procedures and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (data, including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with “Personal Data, “Sensitive Data”)) ,” used in connection with their businessesbusiness. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, information or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679) (“GDPR”) (EU 2016/679); (Div) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There To the Company’s Knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive such IT Systems or Personal Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the . The Company and its subsidiaries are, are and at all prior times were, have been in material compliance with all applicable state and federal data privacy and security laws and regulationslaws, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), directives or statutes and all judgments, orders, rules and regulations of any Governmental Entity or arbitrator or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data (“Data Protection Laws”) and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification, except as would not, singly or in the aggregate, result in a Material Adverse Effect. The Company and its subsidiaries have at taken all times made necessary actions to prepare to comply with the GDPR and all disclosures other applicable Data Protection Laws for which any non-compliance would be reasonably likely to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have create a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectliability.
Appears in 1 contract
Sources: Securities Purchase Agreement (BICYCLE THERAPEUTICS PLC)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiariesSubsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries Subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries Subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (data, including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with “Personal Data, “Sensitive Data”)) ,” used in connection with their businesses. “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation GDPR (“GDPR”) (EU 2016/679as defined below); (Div) any information which would qualify as “protected health information” under HIPAA; the Health Insurance Portability and (E) any “personal information” Accountability Act of 1996, as defined amended by the California Consumer Privacy Health Information Technology for Economic and Clinical Health Act (collectively, “CCPAHIPAA”); and (Fv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the . The Company and its subsidiaries are, and at all prior times were, Subsidiaries are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 1 contract
Sources: Underwriting Agreement (Protagonist Therapeutics, Inc)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data (as defined belowData”) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectand.
Appears in 1 contract
Sources: Underwriting Agreement (Crinetics Pharmaceuticals, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the The Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data including the Law for the Protection of Personal Data in Possession of Private Parties (as defined belowLey Federal para la Protección de Datos Personales en Posesión de los Particulares) and all sensitive, confidential, or proprietary data (collectively, with “Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) except for those that would not, individually or in the aggregate, have a Material Adverse Effect or have been remedied without the duty to notify any other person. The Company and its subsidiaries are, and at all prior times were, are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification.” The definition of “Registration Statement” of the Standard Provisions shall be amended by replacing the registration number “No. 333-227649” with registration number “No. 333-287731”. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none definition of such disclosures made have been inaccurate or in violation “Time of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any Sale Disclosure Package” of the Privacy Laws, and has no knowledge of any event or condition that would reasonably Standard Provisions shall be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability amended by any governmental or regulatory authority under any Privacy Law, except, in adding the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in word “General Use” before the aggregate, reasonably be expected to have a Material Adverse Effectwords “Issuer Free Writing Prospectus”.
Appears in 1 contract
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no material breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 1 contract
Sources: Underwriting Agreement (Crinetics Pharmaceuticals, Inc.)
Cybersecurity; Data Protection. Except as would not reasonably be expectednot, individually or in the aggregate, reasonably be expected to have result in a Material Adverse Effect: (i) , the Company and its subsidiarieseach of the Subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries each of the Subsidiaries as currently conducted, and to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries each of the Subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all personal, personally identifiable, sensitive, confidential, confidential or proprietary regulated data (collectively, with “Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There there have been no breaches, violations, outages or unauthorized uses of or accesses to Sensitive Datasame, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. Except as would not, and (iii) individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect, the Company and its subsidiaries are, and at all prior times were, each of the Subsidiaries are presently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Personal Data and to the protection of such IT Systems and Sensitive Personal Data from unauthorized use, access, misappropriation or modification. The Any certificate signed by an officer of the Company and its subsidiaries have at all times made all disclosures delivered to users B. ▇▇▇▇▇ Securities or customers required by applicable Privacy Laws, except where the failure to do so would not, individually counsel for B. ▇▇▇▇▇ Securities pursuant to or in connection with this Agreement shall be deemed to be a representation and warranty by the aggregateCompany, have a Material Adverse Effectas applicable, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of to B. ▇▇▇▇▇ Securities as to the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectmatters set forth therein.
Appears in 1 contract
Sources: At Market Issuance Sales Agreement (Monmouth Real Estate Investment Corp)
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards necessary to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, or proprietary data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses. “Personal Data” includes, without limitation (A) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (B) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (C) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (D) any information which would qualify as “protected health information” under HIPAA; and (E) any “personal information” as defined by the California Consumer Privacy Act (“CCPA”); and (F) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There have been no material breaches, violations, outages or unauthorized uses of or accesses to Sensitive Data, except for those that have been remedied without material cost or liability or as otherwise disclosed in the duty to notify any other personRegistration Statement and the Prospectus, nor any incidents under internal review or investigations relating to the same, and (iii) the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), and all internal policies and contractual obligations relating to the privacy and security of IT Systems and Sensitive Data and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect, and none of such disclosures made have been inaccurate or in violation of any applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 1 contract
Cybersecurity; Data Protection. Except as would not reasonably be expected, individually or in the aggregate, expected to have a Material Adverse Effect: (i) , the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants; (ii) the . The Company and its subsidiaries have implemented and maintained commercially reasonable appropriate physical, technical and administrative controls, policies, procedures, and safeguards necessary to maintain and protect their material trade secrets and confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all Personal Data (as defined below) and all sensitive, confidential, confidential or proprietary regulated data (collectively, with Personal Data, “Sensitive Data”)) used in connection with their businesses), as monitored through regular penetration tests, vulnerability assessments, and data security audits (including by remediating any and all material identified vulnerabilities). “Personal Data” includes, without limitation means (Ai) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (Bii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (Ciii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) and the United Kingdom General Data Protection Regulation (“UK GDPR”); (Div) any information which would qualify as “protected health information” under HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act; and (Ev) any “personal information” as defined by the California Consumer Privacy Act (the “CCPA”); and (Fvi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. There Except as would not reasonably be expected to have a Material Adverse Effect, in the past three (3) years, there have been (i) no breaches (including personal data breaches), violations, outages or unauthorized uses of or accesses to Sensitive Datathe IT Systems, except for those that have been remedied without material cost or liability or the duty to notify any other person, (ii) nor any incidents under internal review or investigations by governmental or regulatory authorities relating to the same, and (iii) the . The Company and its subsidiaries are, have been and at all prior times were, are currently in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and GDPR (collectively, the “Privacy Laws”), Laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority with jurisdiction over the Company and its subsidiaries, internal policies and contractual obligations relating to the privacy privacy, data protection and security of its IT Systems and Sensitive Data, including the collection, storage, transfer (including, without limitation, any transfer across national borders), processing and/or use of Data and securing a valid legal basis for the foregoing, and to the protection of such IT Systems and Sensitive Data from unauthorized use, access, misappropriation or modification. The ; and the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effecthas implemented, and none of such disclosures made have been inaccurate or in violation of any regularly tests its, reasonable backup and disaster recovery technology and plans that are consistent with applicable Privacy Laws in any material respect. The Company further certifies that neither it nor any subsidiary: (A) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, industry standards and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (B) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (C) is a party to any order, decree, or agreement that imposes any obligation or liability by any governmental or regulatory authority under any Privacy Law, except, in the case of (A), (B) or (C), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effectpractices.
Appears in 1 contract