Common use of Data Privacy and Security Laws Clause in Contracts

Data Privacy and Security Laws. The Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAA; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Company and its subsidiaries are, and at all prior times during the past three (3) years were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) regulations (collectively, the “Privacy Laws”)) except where the noncompliance would not, individually or in the aggregate, have a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply in material respects with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” for protection under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAAapplicable Privacy Laws; and (viii) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Neither the Company further certifies that neither it nor any subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Company and its subsidiaries areis, and at all prior times weresince its inception has been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAA; and (viv) any other piece of information that allows the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries have has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiarythat: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Company and its subsidiaries are, and at all prior times weresince May 25, 2018 have been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability California Consumer Privacy Act, HIPAA, HITECH Act, and Accountability Act of 1996 the European Union General Data Protection Regulation (“HIPAAGDPR”) (EU 2016/679) (and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as amended by of the Health Information Technology date hereof as becoming effective within 12 months after the date hereof, and for Economic and Clinical Health Act (the “HITECH Act”which any non-compliance with same would be reasonably likely to create a material liability) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s nameThe execution, street address, telephone number, e-mail address, photograph, social security number delivery and performance of this Agreement or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAA; and (v) any other piece agreement referred to in this Agreement will not result in a breach of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules Privacy Laws or requirements in any material respectPolicies. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the unfair and deceptive trade practice authority of the Federal Trade Commission (“FTC”) pursuant to the FTC Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR, (v) “personal information” as defined by the California Consumer Privacy Act (“CCPA”) and (vi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation.

Data Privacy and Security Laws. The Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAA; and (viv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Except as would not reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries subsidiary are, and at all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulationsall judgements, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, policies, applicable industry standards such as the Payment Card industry Data Security Standards, and contractual obligations relating (i) to the privacy and security of IT Assets and Data, including without limitation the Health Insurance Portability collection, storage, transfer, processing and/or use of Data, and Accountability Act (ii) to the protection of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic such IT Assets and Clinical Health Act (the “HITECH Act”) Data from unauthorized use, access, misappropriation or modification (collectively, the “Privacy LawsData Protection Requirements”). To ensure compliance with the Privacy LawsData Protection Requirements, the Company and its subsidiaries subsidiary have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) “personal data” as defined by the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); (iv) Protected Health Information as defined by HIPAA; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company and its subsidiaries subsidiary have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsData Protection Requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that neither it nor any its subsidiary: (iA) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy LawsData Protection Requirements, and has no knowledge of any unauthorized use or disclosure of Data or any event or condition that would reasonably be expected to result in any such notice; (iiB) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy LawData Protection Requirement; or (iiiC) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy LawData Protection Requirement. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a material breach of any Data Protection Requirements.