Common use of Privacy and Data Protection Clause in Contracts

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except such breaches, compromises or incidents that have not, singly or in the aggregate, resulted in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business; the Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure compliance with the Health Care Laws that govern privacy and data security and take, and has taken reasonably appropriate steps designed to assure compliance with such policies and procedures. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company and its subsidiaries own or have a valid right to access and use all material computer systems, networks, hardware, software, databases, websites, and equipment used to process, store, maintain and operate data, information, and functions used in connection with the business of the Company and its subsidiaries (the “Company IT Systems”). The Company IT Systems (i) are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and (ii) are free of any viruses, “back doors,” “Trojan horses,” “time bombs,” “worms,” “drop dead devices” or other software or hardware components that are designed to interrupt use of, permit unauthorized access to, or disable, damage or erase, any software material to the business of the Company or any of its subsidiaries, except in the case of (i) and (ii) as would not be reasonably be expected to result in a Material Adverse Effect. The Company and its subsidiaries have implemented commercially reasonable backup, security and disaster recovery technology consistent in all material respects with applicable regulatory standards and customary industry practices. To the knowledge of the Company, no third party has operated its business breached or compromised the integrity or security of the Company IT Systems in a manner compliant which would reasonably be expected to result in a Material Adverse Effect. The Company and its subsidiaries have at all times complied in all material respects with all United States federal, state, local and non-United States applicable Laws relating to privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis the collection and use of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data information collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable informationused, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business or any of the Company as now operated and as currently proposed to be conducted as described its subsidiaries in the Registration Statementconduct of its business. No claims have been asserted or, in the General Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, threatened against the Company has or any subsidiary alleging a violation of any person’s privacy or personal information or data rights, and the consummation of the transactions contemplated hereby will not suffered breach or incurred otherwise cause any security breachesviolation of any Law related to privacy, compromises data protection, or incidents with respect to the collection and use of personal information collected, used, or held for use by the Company or any Company IT Asset or Sensitive Company Data, except such breaches, compromises or incidents that have not, singly or of its subsidiaries in the aggregate, resulted in a Material Adverse Effect; and there has been no unauthorized or illegal use conduct of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effectits business. The Company has not been required and its subsidiaries take reasonable measures to notify any individual of any ensure that such information security breachis protected against unauthorized access, compromise use, modification, or incident involving Sensitive Company Dataother misuse.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no No unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their its documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect: (i) the Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure data (collectively, “Data Protection Laws”); (ii) the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital ; and (iii) the information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use maintained by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, for the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company DataData that have required notification under applicable Data Protection Laws, except where such breaches, compromises or incidents that have would not, singly or in the aggregate, resulted reasonably be expected to result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use of or access would not reasonably be expected tonot, individually singly or in the aggregate, have reasonably be expected to result in a Material Adverse Effect. The To Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Final Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Company Registration Statement, in the General Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse EffectChange; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse EffectChange. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset Assets or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and and, to the Company's knowledge, there has been no unauthorized or illegal use of or access to any Company IT Asset Assets or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Except where failure to comply would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, in each case, (i) the Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The , and (ii) the Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The Except where failure to comply would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, in each case, (i) the tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration StatementStatements, in the General Time of Sale Disclosure Package and in the Prospectus. The , and (ii) the Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have would not, singly individually or in the aggregate, resulted reasonably be expected to result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected tonot, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The To the Company’s knowledge, the Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data, except where the failure to give such notice would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Company Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.

Privacy and Data Protection. The Company has operated its business in a manner compliant in all material respects with all United States federal, state, local and non-United States privacy, data security and data protection laws and regulations applicable to the Company’s collection, use, transfer, protection, disposal, disclosure, handling, storage and analysis of personal data. The Company has been and is in compliance in all material respects with internal policies and procedures designed to ensure the integrity and security of the data collected, handled or stored in connection with its business. The Company has taken commercially reasonable steps to maintain the confidentiality of its personally identifiable information, protected health information, consumer information and other confidential information of the Company and any third parties in its possession (“Sensitive Company Data”). The tangible or digital information technology systems (including computers, screens, servers, workstations, routers, hubs, switches, networks, data communications lines, technical data and hardware), software and telecommunications systems used or held for use by the Company (the “Company IT Assets”) are in all material respects adequate and operational for, in accordance with their documentation and functional specifications, the business of the Company as now operated and as currently proposed to be conducted as described in the Registration Statement, in the General Time of Sale Disclosure Package and in the Prospectus. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for the business consistent with industry standards and practices in all material respects, including, without limitation, for the Company IT Assets and data held or used by or for the Company. To the Company’s knowledge, the Company has not suffered or incurred any security breaches, compromises or incidents with respect to any Company IT Asset Assets or Sensitive Company Data, except where such breaches, compromises or incidents that have notwould not reasonably be expected to, singly or in the aggregate, resulted result in a Material Adverse Effect; and there has been no unauthorized or illegal use of or access to any Company IT Asset Assets or Sensitive Company Data by any unauthorized third party, except where such unauthorized or illegal use or access would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect. The Company has not been required to notify any individual of any information security breach, compromise or incident involving Sensitive Company Data.