Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. Neither the Company nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, and the Company and its Subsidiaries have taken commercially reasonable actions to prepare to comply with, and since May 25, 2018, have been and currently are in compliance with, the GDPR (EU 2016/679) (collectively, the “Privacy Laws”) except in each case, where such would not, either individually or in the aggregate, reasonably be expected to result in a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. Supplier agrees that it will Process any Personal Information to which it has access in connection with its performance under this Agreement (including any SOW) only on behalf of and for the benefit of DXC in accordance with this Agreement and as otherwise required by all applicable Data Privacy Laws, insofar as they apply to Supplier. Supplier agrees that it will not Process any Personal Information for any other purpose other than for the specific purposes of performing the services specified in this Agreement (including any SOW) absent specific written approval from DXC. In addition, to the extent applicable to Supplier, Supplier agrees to comply with any requirements of any applicable Data Privacy Law regarding the collection, storage, use, transfer, security, or Processing of Personal Information.
Compliance with Data Privacy Laws. (i) The Company and the Subsidiaries are, and at all times during the last three (3) years were, in compliance with all applicable state, federal and foreign data privacy and security laws and regulations, including, without limitation, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”); (ii) the Company and the Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (as defined below) (the “Policies”); (iii) the Company provides accurate notice of its applicable Policies to its customers, employees, third party vendors and representatives as required by the Privacy Laws; and (iv) applicable Policies provide accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter, and do not contain any material omissions of the Company’s then-current privacy practices, as required by Privacy Laws. “Personal Data” means (i) a natural person’s name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by GDPR; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any identifiable data related to an identified person’s health or sexual orientation. (i) None of such disclosures made or contained in any of the Policies have been inaccurate, misleading, or deceptive in violation of any Privacy Laws and (ii) the execution, delivery and performance of the Transaction Documents will not result in a breach of any Privacy Laws or Policies. Neither the Company nor the Subsidiaries (i) to the knowledge of the Company, has received written notice of any actual or potential liability of the Company or the Subsidiaries under, or actual or potential violation by the Company or the Subsidiaries of, any of the Privacy Laws; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any regulatory request or demand pursuant to any Privacy Law; or (iii) is a...
Compliance with Data Privacy Laws. The Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA, and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, complies with, and takes appropriate steps to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, processing, disclosure, handling, and analysis of Personal Data and Confidential Data (the “Policies”). The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. The Company and its subsidiaries are, and to the Knowledge of the Company at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations (collectively, the “Privacy Laws”). The Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. Neither the Company nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA (collectively, the “Privacy Laws”) and, to the Company’s knowledge, the Company and its Subsidiaries are not subject to any material requirements of the European Union General Data Protection Regulation (EU 2016/679). To ensure compliance with the Privacy Laws, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The Company and its Subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. Neither the Company nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. To the Company’s knowledge, the Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations (collectively, the “Privacy Laws”), except where failure to be so in compliance would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect. Except where failure to do so would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company and its subsidiaries have in place, comply with, and take commercially reasonable steps reasonably designed to comply in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (as defined below) (the “Policies”). Except where failure to do so would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company and its subsidiaries have at all times made all disclosures to users or customers required by the Privacy Laws, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been materially inaccurate or in violation of any Privacy Laws in any material respect. Except as would not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company further certifies that neither it nor any subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement from or with a governmental or regulatory authority or agency that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. The Company and its Subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation HIPAA, CCPA and the GDPR (to the extent applicable) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, complies with, and takes appropriate steps to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, processing, disclosure, handling, and analysis of Personal Data and Confidential Data (the “Policies”). The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any Subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Compliance with Data Privacy Laws. Except as would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect, the Company and its subsidiaries are presently in compliance with all applicable (i) laws or statutes (including, as applicable, the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act; the European Union General Data Protection Regulation and the California Consumer Privacy Act) (“Privacy Laws”), (ii) judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority having jurisdiction over the Company or its subsidiaries, and (iii) internal and external policies, industry standards with which the Company or any of its subsidiaries has represented compliance or is contractually bound to comply with, and contractual obligations of the Company and its subsidiaries, in each case of (i) – (iii), relating to the privacy and security of the IT Systems and the Company’s and its Subsidiaries’ collection, storage, transfer, processing, and/or use of Personal Data. The Company and its subsidiaries: (A) have not, except as would not reasonably be expected to, individually or in the aggregate, have a Material Adverse Effect, received any written notice of any actual or alleged violation of Privacy Laws by the Company or any of its subsidiaries; and (B) are not, to the knowledge of the Company, a party to any order, decree, or agreement that imposes any corrective obligation or liability by any governmental or regulatory authority under any Privacy Law.
