Common use of INFORMATION PRIVACY AND SECURITY Clause in Contracts

INFORMATION PRIVACY AND SECURITY. (a) The Company has adopted written policies and procedures with respect to privacy, data protection, security and the collection and use of Personal Information gathered or accessed in the course of the operations of the Acquired Companies, (b) those policies and procedures are commercially reasonable and comply with applicable Information Privacy and Security Laws and contracts, and (c) the Acquired Companies are in compliance with such policies and procedures, except, for purposes of subclauses (b) and (c) above, as would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Company maintains disaster recovery plans, procedures and facilities in place that are intended to minimize the disruption of its business in the event of any material failure of any of the IT Assets in accordance in all material respects with applicable Laws and customer contracts. Except as would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect, (i) the Company has not experienced a data security breach, violation, outage, corruption, or unauthorized use of or access to any IT Assets or any Personal Information stored therein or processed thereby, (ii) the Company has taken reasonable actions and measures to protect the confidentiality, integrity and security of its material Personal Information and IT Assets, against any unauthorized use, access, interruption, modification or corruption, and (iii) the IT Assets used by the Acquired Companies are free from material viruses, malware or other corruptants.

INFORMATION PRIVACY AND SECURITY. (a) The Company has Acquired Companies have adopted written policies and procedures with respect to privacy, data protection, security and the collection collection, processing and use of Personal Information gathered that is collected, used or accessed processed in the course of the operations of the Acquired Companies, (b) those policies and procedures are commercially reasonable and comply with applicable Information Privacy and Security Laws and contractsContracts, and (c) the Acquired Companies are are, and for the past three years have been, in compliance with such policies and procedures, except, for purposes of subclauses clauses (a), (b) and (c) above, as would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect. The Except as would not, individually or in the aggregate, reasonably be expected to have a Company maintains Material Adverse Effect, the Acquired Companies maintain disaster recovery plans, policies and procedures and facilities in place that are intended to minimize the disruption of its their business in the event of any material failure of any of the IT Assets and are in accordance in all material respects with applicable Laws legal requirements and customer contractsContracts. Except as would not, individually or in the aggregate, reasonably be expected to have a Company Material Adverse Effect, (i) the Company has Acquired Companies have not experienced a (x) material data security breach, violation, outage, corruption, or unauthorized use breach of or access to any IT Assets or any Personal Information stored therein or processed thereby(y) data security breach that would constitute a breach for which notification to individuals, third parties and/or any Governmental Authority is required, (ii) the Company has Acquired Companies have taken reasonable actions and measures to protect the confidentiality, integrity and security of its their material Personal Information and IT Assets, against any unauthorized use, access, interruption, modification or corruption, and (iii) the IT Assets used by the Acquired Companies are free from material viruses, malware or other corruptants.