Common use of IT Systems and Data Clause in Contracts

IT Systems and Data. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to the Company’s and each of its respective subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), except for those that have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; (B) neither the Company nor its subsidiaries have been notified of, and each of them has no knowledge of any event or condition that would reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data; (C) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (D) the Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification except as would not reasonably be expected to result in a Material Adverse Effect.

IT Systems and Data. (A) There has been no security breach AHR, the Issuer and the Issuer Subsidiaries own or incident, unauthorized have a valid right to access or disclosure, or other compromise of or relating to the Company’s and each of its respective subsidiaries’ use all information technology and computer systems, networks, hardware, software, data databases, websites and databases (equipment used to process, store, maintain and operate data, information and functions used in connection with the business of AHR, the Issuer and the Issuer Subsidiaries, including the data of AHR’s, the Issuer’s and information of their the Issuer Subsidiaries’ respective customers, employees, suppliers, vendors and any third party data maintained, processed maintained by or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of them (collectively with such data, the Company and each of its subsidiaries), equipment or technology (collectively, “IT Systems and Data”). (i) Except as disclosed in both the Pricing Prospectus and the Prospectus, except for those that have been remedied without material cost the Issuer and AHR are not aware of any security breach or liability other compromise of or relating to the duty to notify any governmental or regulatory authorityIT Systems and Data; (Bii) neither AHR, the Company nor its subsidiaries Issuer and the Issuer Subsidiaries have not been notified of, and each of them has have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data; (Ciii) AHR, the Issuer and the Issuer Subsidiaries believe they have implemented commercially reasonable backup and disaster recovery technology, including with respect to enabling AHR, the Issuer and the Issuer Subsidiaries to fulfill relevant contractual obligations; (iv) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards are adequate for, and practices, or operate and perform in all material respects as required by applicable regulatory standardsin connection with, the operation of the business of AHR, the Issuer and the Issuer Subsidiaries as currently conducted; and (Dv) AHR, the Company Issuer and its subsidiaries the Issuer Subsidiaries believe they are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations authority relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification modification, except as would not not, in the case of each of clauses (i)-(v) above, individually or in the aggregate, reasonably be expected to result in have a Material Adverse Effect.

IT Systems and Data. Except as otherwise disclosed in the Offering Memorandum, (A) There there has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to any of the Company’s and each of its respective subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third third-party data maintained, processed or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), except for those ) that could reasonably be expected to have been remedied without material cost or liability or the duty to notify any governmental or regulatory authoritya Material Adverse Effect; (B) neither none of the Company nor and its subsidiaries have has been notified of, and each of them has no knowledge of any event or condition that would reasonably be expected to could result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and DataData that could reasonably be expected to have a Material Adverse Effect; and (C) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate designed to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and . Except as otherwise disclosed in the Offering Memorandum, (Di) the Company and its subsidiaries are presently are, and for the past three (3) years have been, in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification (“Data Protection Obligations”) except as would for any such noncompliance that could not reasonably be expected to result in have a Material Adverse Effect; (ii) to ensure compliance with the Data Protection Obligations, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”); (iii) neither the Company nor any of its subsidiaries has received any notification of or complaint regarding and neither the Company nor any of its subsidiaries is aware of any other facts that, individually or in the aggregate, would reasonably indicate non-compliance with any Data Protection Obligation other than any such noncompliance that could not reasonably be expected to have a Material Adverse Effect; (iv) there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or, to the knowledge of the Company, threatened alleging non-compliance with any Data Protection Obligation that, individually or in the aggregate, if determined adversely to the Company or any of its subsidiaries, could reasonably be expected to have a Material Adverse Effect; and (v) the execution, delivery and performance of this Agreement will not result in a breach of any Data Protection Obligation of the Company or any of its subsidiaries except for such breaches that could not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, except where the failure to make such disclosures could not reasonably be expected to have a Material Adverse Effect, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable Data Protection Obligations in any material respect. Any certificate signed by an officer of the Company and delivered to the Initial Purchasers or to counsel for the Initial Purchasers shall be deemed to be a representation and warranty by the Company to each Initial Purchaser as to the matters set forth therein.

IT Systems and Data. (Ai) There Except as may be included in the Commission Documents, (x) to the Company’s Knowledge, there has been no material security breach or incident, unauthorized access or disclosure, or other material compromise of or relating to any of the Company’s and each of or its respective subsidiariesSubsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third party data maintained, processed maintained by or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiariesthem), equipment or technology (collectively, “IT Systems and Data”), except for those that have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; ) and (By) neither the Company nor and its subsidiaries Subsidiaries have not been notified in writing of, and each of them has have no knowledge Knowledge of any event or condition that would reasonably be expected to result in, any material security breach or incident, unauthorized access or disclosure or other material compromise to their IT Systems and Data; (C) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (Dii) the Company and its subsidiaries Subsidiaries have been and are presently in compliance with all applicable laws or statutes and statutes, all judgments, orders, rules and regulations of any relevant court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification modification, and (iii) except as may be included in the Commission Documents, the Company and its Subsidiaries have implemented commercially reasonable controls, policies, procedures, and technological safeguards and backup and disaster recovery technology to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data consistent with industry standards and practices, or as required by applicable regulatory standards, except as would not not, in the case of clause (ii) or (iii), individually or in the aggregate, reasonably be expected to result in have a Material Adverse Effect.

IT Systems and Data. Except as would not, singly or in the aggregate, result in a Material Adverse Effect, (i) the Company and its subsidiaries own or have a valid right to access and use all information technology assets and computers, systems, networks, hardware, software, websites, applications, data and databases (including the Protected Data and other data and information of their respective users, customers, employees, suppliers, vendors and any third party data maintained, stored or otherwise processed by the Company and its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and its subsidiaries), equipment and technology used in their respective businesses (collectively, “IT Systems and Data”); (ii) the IT Systems and Data (A) There are adequate for, and operate and perform as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted and as proposed to be conducted in the Registration Statement, the General Disclosure Package and the Prospectus, (B) have not malfunctioned or failed in a manner that has not been fully remediated prior to the date hereof, and (C) are free and clear of all bugs, errors, defects, Trojan horses, time bombs, back doors, drop dead devices, malware and other corruptants, including software or hardware components that are designed to interrupt use of, permit unauthorized access to or disable, damage or erase the IT Systems and Data. To the Company’s knowledge, in the past three years there has been no notice of, and no knowledge of any event or condition that could result in, a material security breach or incident, unauthorized access or disclosure, or other compromise of or relating to the Company’s and each , any of its respective subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and subsidiaries or any third party data maintained, processed or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), except for those that have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; (B) and neither the Company nor its subsidiaries have been notified of, and each of them has have no knowledge of any event or condition that would be reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their the IT Systems and Data; (C) the . The Company and each of its subsidiaries have established, implemented appropriate and maintained controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate designed to maintain and protect their confidential information and the integrity, continuous operation, redundancy and security of their the IT Systems and Data reasonably consistent with industry according to commercially reasonable standards and practices, or as required by applicable regulatory standards; practices and (D) the Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification except as would not reasonably be expected to result in a Material Adverse Effectstandards.

IT Systems and Data. Except as would not, singly or in the aggregate, result in a Material Adverse Effect, (Ai) There has been no security breach the Company and its subsidiaries own or incident, unauthorized have a valid right to access or disclosure, or other compromise of or relating to the Company’s and each of its respective subsidiaries’ use all information technology assets and computer computers, systems, networks, hardware, software, websites, applications, data and databases (including the Protected Data (as defined below) and other data and information of their respective users, customers, employees, suppliers, vendors and any third party data maintained, stored or otherwise processed or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiaries), equipment or and technology used in their respective businesses (collectively, “IT Systems and Data”); (ii) the IT Systems and Data (A) are adequate for, except for those that have been remedied without material cost or liability or and operate and perform as required in connection with, the duty operation of the business of the Company and its subsidiaries as currently conducted and as proposed to notify any governmental or regulatory authority; be conducted in the Registration Statement, the General Disclosure Package and the Prospectus, (B) have not malfunctioned or failed in a manner that has not been materially remediated prior to the date hereof, and (C) to the knowledge of the Company, are free and clear of all bugs, errors, defects, Trojan horses, time bombs, back doors, drop dead devices, malware and other corruptants, including software or hardware components that are designed to interrupt use of, permit unauthorized access to or disable, damage or erase the IT Systems and Data. To the Company’s knowledge, neither the Company nor its subsidiaries have been notified of, and each of them has have no knowledge of any event or condition that would be reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their the IT Systems and Data; (C) the . The Company and each of its subsidiaries have established, implemented appropriate and maintained controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate designed to maintain and protect their confidential information and the integrity, continuous operation, redundancy and security of their the IT Systems and Data reasonably consistent with industry according to commercially reasonable standards and practices, or as required by applicable regulatory standards; practices and (D) the Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification except as would not reasonably be expected to result in a Material Adverse Effectstandards.

IT Systems and Data. (Ai)(x) There To the Company’s knowledge, there has been no security breach or incidentbreach, unauthorized access or disclosure, attack or other compromise of or relating to any of the Company’s and each or any of its respective subsidiariesSubsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third party data maintained, processed maintained by or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiariesthem), equipment or technology (collectively, “IT Systems and Data”), except for those that have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; ) and (By) neither the Company nor and its subsidiaries Subsidiaries have not been notified in writing of, and each of them has have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data, except as would not, in the case of this clause (i), individually or in the aggregate, have a Material Adverse Effect; (Cii) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s 's knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (D) the Company and its subsidiaries are presently Subsidiaries have been in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to (x) the privacy and security of IT Systems and Data and to Data, (y) the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification and (z) the collection, use, transfer, storage, disposal and disclosure by the Company and its Subsidiaries of personally identifiable information and/or any other information collected from or provided by third parties, except as would not reasonably be expected to result not, in the case of this clause (ii), individually or in the aggregate, have a Material Adverse Effect; (iii) the Company and its Subsidiaries have implemented commercially reasonable backup and disaster recovery and security plans, procedures and facilities for their respective businesses consistent with industry standards and practices; and (iv) the Company and its Subsidiaries have taken commercially reasonable steps to protect the IT Systems and Data.

IT Systems and Data. (A) There Except as described in the Registration Statement, the General Disclosure Package and the Prospectus, there has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to any of the Company’s Company and each of its respective subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, suppliers and vendors and any third party data maintained, processed maintained by or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiariesthem), equipment or technology (collectively, “IT Systems and Data”), except for those that as would not, individually or in the aggregate, have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; (B) neither the a Material Adverse Effect. The Company nor and its subsidiaries have not been notified of, and each of them has have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data; (C) , except as would not, individually or in the Company and each of its subsidiaries aggregate, reasonably be expected to have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (D) the a Material Adverse Effect. The Company and its subsidiaries are presently in compliance with all applicable laws or statutes and statutes, all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, all internal policies and all contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification modification, except as would not not, individually or in the aggregate, reasonably be expected to result in have a Material Adverse Effect.. Any certificate signed by any officer of the Partnership delivered to the Managers or to Counsel for the Managers (as defined herein) shall be deemed a representation and warranty by the Partnership to each Manager as to the matters covered thereby. DB1/ 122710338.6

IT Systems and Data. Except as otherwise disclosed in the Offering Memorandum, (A) There there has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to any of the Company’s and each of its respective subsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third third-party data maintained, processed or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiaries), equipment or technology (collectively, “IT Systems and Data”), except for those ) that could reasonably be expected to have been remedied without material cost or liability or the duty to notify any governmental or regulatory authoritya Material Adverse Effect; (B) neither none of the Company nor and its subsidiaries have has been notified of, and each of them has no knowledge of any event or condition that would reasonably be expected to could result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and DataData that could reasonably be expected to have a Material Adverse Effect; and (C) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate designed to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (D) . Except as otherwise disclosed in the Offering Memorandum, the Company and its subsidiaries are presently in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Data and to the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification except as would for any such noncompliance that could not reasonably be expected to result in have a Material Adverse Effect. Any certificate signed by an officer of the Company and delivered to the Initial Purchasers or to counsel for the Initial Purchasers shall be deemed to be a representation and warranty by the Company to each Initial Purchaser as to the matters set forth therein.

IT Systems and Data. (Ai)(x) There To the Company’s knowledge, there has been no security breach or incidentbreach, unauthorized access or disclosure, attack or other compromise of or relating to any of the Company’s and each or any of its respective subsidiariesSubsidiaries’ information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third party data maintained, processed maintained by or stored by the Company and each of its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and each of its subsidiariesthem), equipment or technology (collectively, “IT Systems and Data”), except for those that have been remedied without material cost or liability or the duty to notify any governmental or regulatory authority; ) and (By) neither the Company nor and its subsidiaries Subsidiaries have not been notified in writing of, and each of them has have no knowledge of any event or condition that would reasonably be expected to result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data, except as would not, in the case of this clause (i), individually or in the aggregate, have a Material Adverse Effect; (Cii) the Company and each of its subsidiaries have implemented appropriate controls, policies, procedures, and technological safeguards that, to the Company’s knowledge, are adequate to maintain and protect the integrity, continuous operation, redundancy and security of their IT Systems and Data reasonably consistent with industry standards and practices, or as required by applicable regulatory standards; and (D) the Company and its subsidiaries are presently Subsidiaries have been in compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to (x) the privacy and security of IT Systems and Data and to Data, (y) the protection of such IT Systems and Data from unauthorized use, access, misappropriation or modification and (z) the collection, use, transfer, storage, disposal and disclosure by the Company and its Subsidiaries of personally identifiable information and/or any other information collected from or provided by third parties, except as would not reasonably be expected to result not, in the case of this clause (ii), individually or in the aggregate, have a Material Adverse Effect; (iii) the Company and its Subsidiaries have implemented commercially reasonable backup and disaster recovery and security plans, procedures and facilities for their respective businesses consistent with industry standards and practices; and (iv) the Company and its Subsidiaries have taken commercially reasonable steps to protect the IT Systems and Data.