Common use of Cybersecurity Clause in Contracts

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no The Company is unaware of any breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has and its subsidiaries have implemented and maintained maintain commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; and (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, person as defined or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationdescribed in applicable Privacy Laws (as defined below). To the Company’s knowledge, there There have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other personliability, nor are there any incidents under internal review or investigations relating to the same. The Company is and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityPrivacy Laws, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and modification. Neither the Company has implemented backup nor its subsidiaries (i) conduct any operations in the European Union or the European Economic Area or maintain any “personal data”, as defined by the European Union General Data Protection Regulation (EU 2016/679) within either the European Union or the European Economic Area or (ii) is a covered entity, business associate, or otherwise receives any protected health information as such terms are defined under HIPAA, as amended by the Health Information Technology for Economic and disaster recovery technology consistent with industry standards and practicesClinical Health Act.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no The Company is unaware of any breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices. (ddd) Compliance with Data Privacy Laws. The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations, and the Company has taken commercially reasonable actions to prepare to comply with, and since its inception, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that it: (i) has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be reasonably expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Cybersecurity. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has and its subsidiaries have implemented and maintained maintain commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; and (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, person as defined or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationdescribed in applicable Privacy Laws (as defined below). To the Company’s knowledge, there There have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other personliability, nor are there any incidents under internal review or investigations relating to the same. The Company is and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authorityPrivacy Laws, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and modification. Neither the Company has implemented backup nor its subsidiaries (i) conduct any operations in the European Union or the European Economic Area or maintain any “personal data”, as defined by the European Union General Data Protection Regulation (EU 2016/679) within either the European Union or the European Economic Area or (ii) is a covered entity, business associate, or otherwise receives any protected health information as such terms are defined under HIPAA, as amended by the Health Information Technology for Economic and disaster recovery technology consistent with industry standards and practicesClinical Health Act.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear clear, to the Company’s knowledge, of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; and (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with with, the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679) (“GDPR”); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there There have been no breaches, violations, outages or unauthorized uses of or accesses to the same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted. To the Company’s knowledge, free and clear of all the IT Systems contain no material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards designed to maintain and protect (i) its material confidential information and information; (ii) the integrity, continuous operation, redundancy and security of all IT Systems and sensitive, confidential or regulated data, including “Personal Data,” used in connection with their businessesits business. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation GDPR; (EU 2016/679iv) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”); and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there There have been no breaches, violations, outages or unauthorized uses of or accesses to samethe IT Systems and no unauthorized uses or access to Personal Data, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any data incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgmentsjudgments and orders binding on the Company, orders, applicable binding rules and regulations of any court or arbitrator or governmental or regulatory authority, and internal policies and contractual obligations obligations, each relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and to the knowledge of the Company, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; and (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and modification, except in such cases as would not reasonably be expected, individually or in the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesaggregate, to have a Material Adverse Effect.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.. 11

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679“GDPR”); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no The Company is unaware of any breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification modification. (ccc) Compliance with Data Privacy Laws. The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations, and the Company has implemented backup taken commercially reasonable actions to prepare to comply with, and disaster recovery technology consistent since its inception, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with industry standards the Privacy Laws, the Company has in place, comply with, and practicestake appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that it: (i) has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be reasonably expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation GDPR; (EU 2016/679iv) any information which would qualify as “protected health information” under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”); and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To Except as would not, individually or in the Company’s knowledgeaggregate, reasonably be expected to result in a Material Adverse Change, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any material data incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s , the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, and to the knowledge of the Company are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has and its subsidiaries have implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards designed to maintain and protect its their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information subject to regulation under Privacy Laws (as defined below) applicable to the Company and/or its Subsidiaries, including, to the extent applicable, any information which would qualify as “personally identifying protected health information” under the Federal Trade Commission ActHealth Insurance Portability and Accountability Act of 1996, as amended; amended by the Health Information Technology for Economic and Clinical Health Act (iii) collectively, “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679HIPAA”); and (iviii) any other piece of information that allows the identification of such natural personpersons, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently and its subsidiaries use and have used any and all software and other materials distributed under a “free,” “open source,” or similar licensing model (including but not limited to the MIT License, Apache License, GNU General Public License, GNU Lesser General Public License and GNU Affero General Public License) (“Open Source Software”) in material compliance with all license terms applicable laws to such Open Source Software; and (ii) neither the Company nor any of its subsidiaries uses or statutes and all judgments, orders, rules and regulations distributes or has used or distributed any Open Source Software in any manner that requires or has required (A) the Company or any of its subsidiaries to permit reverse engineering of any court software code or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and other technology owned by the Company has implemented backup and disaster recovery or any of its subsidiaries or (B) any software code or other technology consistent with industry standards and practicesowned by the Company or any of its subsidiaries to be (1) disclosed or distributed in source code form, (2) licensed for the purpose of making derivative works or (3) redistributed at no charge.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain any material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679“GDPR”); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no The Company is unaware of any breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practicesmodification.

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there There have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.. (ccc)

Cybersecurity. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all is not known by the Company to contain material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable physical, technical and administrative controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data, including “Personal Data,” used in connection with their businesses. “Personal Data” means: (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by European Union General Data Protection Regulation (EU 2016/679); and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Company’s knowledge, there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification and the Company has implemented backup and disaster recovery technology consistent with industry standards and practices.. (ddd) Compliance with Data Privacy Laws. The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations, and the Company has taken commercially reasonable actions to prepare to comply with, and since its inception, have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that it: (i) has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be reasonably expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. (eee)