Common use of Data Privacy and Security Laws Clause in Contracts

Data Privacy and Security Laws. The Company is, and since its inception has been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; and (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Company isand its subsidiaries are, and at all times since its inception has May 25, 2018 have been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability California Consumer Privacy Act, HIPAA, HITECH Act, and Accountability Act of 1996 the European Union General Data Protection Regulation (“HIPAAGDPR”) (EU 2016/679) (and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as amended by of the Health Information Technology date hereof as becoming effective within 12 months after the date hereof, and for Economic and Clinical Health Act (the “HITECH Act”which any non-compliance with same would be reasonably likely to create a material liability) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with its their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the unfair and deceptive trade practice authority of the Federal Trade Commission (“FTC”) pursuant to the FTC Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR, (v) “personal information” as defined by the California Consumer Privacy Act (“CCPA”) and (ivvi) any other piece of information that allows the identification of such natural person, or his or her family or householdfamily, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies that: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; and (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Except as would not reasonably be expected to have a Material Adverse Effect, the Company isand its subsidiary are, and since its inception has beenat all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulationsall judgements, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, policies, applicable industry standards such as the Payment Card industry Data Security Standards, and contractual obligations relating (i) to the privacy and security of IT Assets and Data, including without limitation the Health Insurance Portability collection, storage, transfer, processing and/or use of Data, and Accountability Act (ii) to the protection of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic such IT Assets and Clinical Health Act (the “HITECH Act”) Data from unauthorized use, access, misappropriation or modification (collectively, the “Privacy LawsData Protection Requirements”). To ensure compliance with the Privacy LawsData Protection Requirements, the Company has and its subsidiary have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with its their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has and its subsidiary have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsData Protection Requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies thatthat neither it nor its subsidiary: (iA) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy LawsData Protection Requirements, and has no knowledge of any unauthorized use or disclosure of Data or any event or condition that would reasonably be expected to result in any such notice; (iiB) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy LawData Protection Requirement; and or (iiiC) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy LawData Protection Requirement. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a material breach of any Data Protection Requirements.

Data Privacy and Security Laws. The Company isand its subsidiaries are, and since its inception has beenat all times during the past three (3) years were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) regulations (collectively, the “Privacy Laws”)) except where the noncompliance would not, individually or in the aggregate, have a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company has and its subsidiaries have in place, comply in material respects with, and take appropriate steps reasonably designed to ensure compliance in all material respects with its their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” for protection under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAAapplicable Privacy Laws; and (iviii) any other piece of information that allows the identification of such natural person, or his or her family or householdfamily, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times and its subsidiaries have made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Neither the Company further certifies thatnor any subsidiary: (i) it has not received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; and or (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Data Privacy and Security Laws. The Company isand its subsidiaries are, and since its inception has beenat all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with its their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family or householdfamily, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies thatthat neither it nor any subsidiary: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; and or (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.