Intellectual Property; Data Security and Privacy. (i) Section 4.12(a) of the Schedules sets forth, as of the date hereof, an accurate and complete list of all United States and foreign issued Patents, pending Patent applications, registered Trademarks, pending applications for registration of Trademarks, material unregistered Trademarks, registered Copyrights, pending applications for registration of Copyrights, Company Software, social media identifiers, and registered domain names, in each case, owned by the Company or any of the Company’s Subsidiaries (the foregoing being, collectively, the “Owned Company Intellectual Property”). Section 4.12(a) of the Schedules lists (x) the record owner of each such item of Owned Company Intellectual Property and (y) the jurisdictions in which each such item of Owned Company Intellectual Property has been issued or registered or in which each such application for issuance or registration of such item of Owned Company Intellectual Property has been filed. No registrations or applications for material Owned Company Intellectual Property have expired or been canceled or abandoned except in accordance with the expiration of the term of such rights or where the Company has made a good faith business judgment to permit such registrations or applications to expire, be canceled, or become abandoned. Each item of Owned Company Intellectual Property (other than unregistered Intellectual Property and applications therefor) is subsisting and, to the Knowledge of the Company, valid and enforceable. (ii) The Company and its Subsidiaries own all right, title and interest to, or otherwise have a valid and enforceable right to use, all Intellectual Property necessary for or used in the conduct of the business of the Company and its Subsidiaries as currently conducted. All material Intellectual Property owned by the Company and its Subsidiaries is owned free and clear of all Liens (except for Permitted Liens). (iii) The conduct of the business of the Company and its Subsidiaries (including the products and services of the Company and its Subsidiaries) does not infringe, violate or constitute misappropriation, and has not at any time during the past three (3) years infringed, violated or constituted misappropriation, of any Intellectual Property of any third Person in any material respect. Neither the Company nor any Company Subsidiary is currently, nor has the Company nor any Company Subsidiary been in the past three (3) years, a party to any Proceeding alleging infringement or misappropriation of any Intellectual Property of any Person or breach of any material Third-Party Intellectual Property License that has not been resolved. During the past three (3) years, neither the Company nor any Company Subsidiary has received any written, nor to the Knowledge of the Company, oral threat or notice alleging infringement or misappropriation of any Intellectual Property owned by a third Person or that contests the validity, ownership or right of the Company or any Company Subsidiary to exercise any rights in the Company Intellectual Property. (iv) To the Knowledge of the Company, no third Person is infringing, violating, or misappropriating any material Intellectual Property owned by the Company or its Subsidiaries. (v) The Company and the Company’s Subsidiaries (i) have taken commercially reasonable measures to protect the confidentiality of the Intellectual Property of the Company and its Subsidiaries, and (ii) require every employee and contractor of the Company or any of the Company’s Subsidiaries who creates or develops material proprietary Intellectual Property on behalf of the Company or any of the Company’s Subsidiaries, to assign to the Company or such Company Subsidiary all of such employee’s or contractor’s, as applicable, rights in such Intellectual Property that do not vest in the Company or such Company Subsidiary by operation of law. To the Knowledge of the Company, and except as set forth on Section 4.12(e) of the Schedules, there has not been any unauthorized access or misappropriation of any of the Company’s Intellectual Property. (vi) No Software owned by the Company or any Company Subsidiary (“Company Software”) incorporates, is comprised of, or is distributed with, any Publicly Available Software, or is otherwise subject to the provisions of any “open source” or third party license agreement, that would reasonably be expected to require or condition the use or distribution of such Company Software or a portion thereof on the disclosure, licensing, or distribution of any source code for any portion of such Company Software. (vii) Neither the Company nor any of its Subsidiaries has disclosed to any escrow agent or other third party, or agreed to disclose to any third party, any source code of any Company Software, other than disclosures to (i) employees, independent contractors or consultants who are subject to confidentiality obligations with respect thereto and (ii) customers of the Company and its Subsidiaries in the ordinary course of business. (viii) All current Software (including Company Software), systems, servers, computers, hardware, firmware, middleware, networks, data communications lines, routers, hubs, switches and other information technology equipment material to the conduct of the business of the Company and its Subsidiaries both for internal purposes and for the Company’s customers, including current Company Products (collectively, the “Company IT Assets”) (a) have been properly maintained, in all material respects, by technically competent personnel, in accordance with applicable standards set by manufacturers or otherwise in accordance with prudent industry standards, to ensure proper operation, monitoring and use, (b) operate and perform in all material respects in accordance with their documentation and functional specifications, and (c) in the two (2) years prior to the date hereof, have experienced no material failures, breakdowns or continued substandard performance of the Company IT Assets that have caused any material disruption or material interruption in or use of the Company IT Assets as a whole or with respect to any material portion thereof. The Company and its Subsidiaries have, in all material respects, purchased a sufficient number of rights for all Software currently used by the Company and its Subsidiaries in such operations. To the Knowledge of the Company, the Company IT Assets do not contain any Malicious Code. The Company and each of its Subsidiaries apply industry standard tools designed to identify and eliminate Malicious Code included in the Company Software. (ix) The Company and its Subsidiaries comply, and during the past three (3) years have complied, in all material respects, with all Privacy and Information Security Requirements. Neither the Company or its Subsidiaries nor, to the Knowledge of the Company, any other Person has received any written notice, allegation, complaint, or other communication from any Governmental Authority or any other Person regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries. To the Knowledge of the Company, there is no pending investigation or audit by any Governmental Authority, payment card association or other private party regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries. (x) The Company and its Subsidiaries have implemented and maintain an information security plan (a “Security Plan”), which includes commercially reasonable administrative, technical and physical safeguards designed to protect the Company IT Assets and the data stored therein (including Personal Data) from loss, damage, misuse or unauthorized use, access, modification, destruction or disclosure, including cybersecurity and malicious insider risks. The Security Plan conforms, and has at all times in the past three (3) years conformed, in all material respects to the Privacy and Information Security Requirements. The Company and its Subsidiaries have in place a commercially reasonable written disaster recovery program, including providing for the regular back-up and prompt recovery of the data and information necessary to the conduct of the business of the Company as currently conducted without material disruption to, or material interruption in, the conduct of the business of the Company as currently conducted. (xi) Neither the Company or any of its Subsidiaries nor, to the Knowledge of the Company, any Person Processing Personal Data on the Company’s or any of its Subsidiary’s behalf, has suffered a Data Incident. To the Knowledge of the Company, there has been no unauthorized or illegal use of or access to any Personal Data. No Company or Subsidiary of the Company has notified, or been required to notify, any Person of any Data Incident. (xii) The Company and its Subsidiaries have obtained all required consents and satisfied all other requirements (including, but not limited to, notification to, or registration with, any Governmental Authority), necessary for the Company’s and its Subsidiaries’ Processing (including international and onward transfer) of all Personal Data in connection with the consummation of the transactions contemplated hereunder. Neither the Company or any of its Subsidiaries is subject to any Privacy and Information Security Requirement that, following the Closing, would prohibit the Surviving Company or any of its Subsidiaries from receiving or using data or Personal Data in the manner in which the Company or any of its Subsidiaries receives and uses such data or Personal Data prior to the Closing. (xiii) All vendors, processors, subcontractors and other Persons acting for or on behalf of the Company or its Subsidiaries in connection with the Processing of Personal Data or that otherwise have been authorized to have access to Company IT Assets or Personal Data in the possession or control of the Company or its Subsidiaries is, to the extent required by applicable Privacy Laws, subject to reasonable Contract requirements regarding the Processing of Personal Data and, to the Knowledge of the Company, during the past three (3) years, have complied with all Privacy and Information Security Requirements.
Appears in 1 contract
Intellectual Property; Data Security and Privacy. (a) Section 3.12(a) of the Disclosure Schedules contains a correct, current, and complete list of: (i) Section 4.12(aall Company IP Registrations; (ii) all unregistered Trademarks included in the Company Intellectual Property; (iii) all proprietary Software of the Schedules sets forth, as Company; (iv) all domain names and social media account of the date hereof, an accurate Company; and (v) a complete list of all United States and foreign issued Patents, pending Patent applications, registered Trademarks, pending applications for registration of Trademarks, material unregistered Trademarks, registered Copyrights, pending applications for registration of Copyrights, Company Software, social media identifiers, and registered domain names, in each case, owned by IP Agreements: (1) under which the Company is a licensor or otherwise grants to any of the Company’s Subsidiaries (the foregoing beingPerson any right, collectively, the “Owned title or interest relating to any Company Intellectual Property”). Section 4.12(a; or (2) of the Schedules lists (x) the record owner of each such item of Owned Company Intellectual Property and (y) the jurisdictions in under which each such item of Owned Company Intellectual Property has been issued or registered or in which each such application for issuance or registration of such item of Owned Company Intellectual Property has been filed. No registrations or applications for material Owned Company Intellectual Property have expired or been canceled or abandoned except in accordance with the expiration of the term of such rights or where the Company has made is a good faith business judgment to permit such registrations licensee or applications to expire, be canceled, or become abandoned. Each item of Owned Company Intellectual Property (other than unregistered Intellectual Property and applications therefor) is subsisting and, to the Knowledge of the Company, valid and enforceable.
(ii) The Company and its Subsidiaries own all otherwise granted any right, title and or interest to, or otherwise have a valid and enforceable right relating to use, all Intellectual Property necessary for or used in the conduct of the business of the Company and its Subsidiaries as currently conducted. All material Intellectual Property owned by the Company and its Subsidiaries is owned free and clear of all Liens (except for Permitted Liens).
(iii) The conduct of the business of the Company and its Subsidiaries (including the products and services of the Company and its Subsidiaries) does not infringe, violate or constitute misappropriation, and has not at any time during the past three (3) years infringed, violated or constituted misappropriation, of any Intellectual Property of any third Person in any material respectPerson, except for licenses offered under commercial off-the-shelf terms. Seller has provided Buyer with true and complete copies of all Company IP Agreements. Neither the Company nor any other party thereto is, or, to the Knowledge of Seller, is alleged to be, in breach of or default under any Company Subsidiary is currentlyIP Agreement. Neither the execution, delivery or performance of this Agreement, nor the consummation of the transactions contemplated hereunder, will result in the loss or impairment of, or require the consent of any other Person in respect of, the Company’s right to own or use any Intellectual Property.
(b) Except as may be otherwise set forth in Section 3.12(b) of the Disclosure Schedules, the Company is the sole and exclusive legal and beneficial owner of all right, title, and interest in and to the Company Intellectual Property, and has the valid and enforceable right to use all other Intellectual Property used in or necessary for the conduct of the Business as currently conducted, in each case, free and clear of Encumbrances other than Permitted Encumbrances. The Company nor has entered into binding, valid and enforceable, written Contracts with each current and former employee and independent contractor who contributed to the invention, creation, or development of any Intellectual Property during the course of employment or engagement with the Company whereby such employee or independent contractor grants to the Company a present, irrevocable assignment of any ownership interest such employee or independent contractor may have in or to such Intellectual Property, to the extent such Intellectual Property does not constitute a “work made for hire” under applicable Law.
(c) To the Knowledge of Seller, all of the Company Intellectual Property is valid and enforceable, and all Company IP Registrations are subsisting and in full force and effect. The Company has taken all reasonable and necessary steps to maintain and enforce the Company Intellectual Property and to preserve the confidentiality of any Trade Secrets included in the Company Intellectual Property. To the Knowledge of Seller, there are no Actions settled, pending, or threatened: (i) alleging any infringement, misappropriation, or other violation by the Company of the Intellectual Property of any Person; (ii) challenging the validity, enforceability, registrability, patentability, or ownership of any Company Subsidiary been Intellectual Property or the Company’s right, title, or interest in or to any Company Intellectual Property; or (iii) by the Company alleging any infringement, misappropriation, or other violation by any Person of the Company Intellectual Property. Neither Seller nor the Company is aware of any facts or circumstances that could reasonably be expected to give rise to any such Action.
(d) Except as may be otherwise set forth in Section 3.12(d) of the Disclosure Schedules, to the Knowledge of Seller, all Company IT Systems are in good working condition and are sufficient for the operation of the Company’s business as currently conducted. Except as may be otherwise set forth in Section 3.12(d) of the Disclosure Schedules, in the past three (3) years, there has been no material malfunction, failure, continued substandard performance, denial-of-service, or other cyber incident, including any cyberattack, or other impairment of the Company IT Systems. The Company has taken all commercially reasonable steps to safeguard the confidentiality, availability, security, and integrity of the Company IT Systems, including implementing and maintaining appropriate backup, disaster recovery, and Software and hardware support arrangements. To the Knowledge of Seller, there are no unremediated vulnerabilities of a party Critical or High CVE designation in any Company IT Systems. The Company has all necessary rights to any Proceeding alleging infringement or misappropriation use the Company IT Systems and has materially complied with the terms and conditions applicable to such Company IT Systems.
(e) The Company has complied with all Healthcare Laws and other applicable Laws, Company policies and contractual obligations concerning the collection, use, processing, storage, transfer, and security of any Intellectual Property Personal Data in the conduct of any Person or breach the Business. Except as may be otherwise set forth in Section 3.12(e) of any material Third-Party Intellectual Property License that has not been resolved. During the Disclosure Schedules, in the past three (3) years, neither the Company nor any Company Subsidiary has received any written, nor to the Knowledge of the CompanySeller, oral threat or notice alleging infringement or misappropriation of any Intellectual Property owned by a third Person or that contests the validity, ownership or right of the Company or any Company Subsidiary to exercise any rights in the Company Intellectual Property.
(iv) To the Knowledge of the Company, no third Person is infringing, violating, or misappropriating any material Intellectual Property owned by the Company or its Subsidiaries.
(v) The Company and the Company’s Subsidiaries has not (i) have taken commercially reasonable measures to protect the confidentiality of the Intellectual Property of the Company and experienced any actual, alleged, or suspected data breach or other security incident involving Personal Data in its Subsidiariespossession or control, and (ii) require every employee and contractor been required to give notice to any Person of the Company any security incident or noncompliance involving Personal Data pursuant to any Healthcare Laws, other applicable Laws or contractual commitments, or (iii) been subject to any notice of the Company’s Subsidiaries who creates audit, investigation, complaint or develops material proprietary Intellectual Property on behalf other Action by any Governmental Authority or Person in regard to an actual, alleged or suspected violation of the Company any Healthcare Laws or any of the Company’s Subsidiariesother applicable Law or contractual obligation concerning privacy, to assign to the Company data security, or such Company Subsidiary all of such employee’s or contractor’s, as applicable, rights in such Intellectual Property that do not vest in the Company or such Company Subsidiary by operation of law. To the Knowledge of the Companydata breach notification, and except as set forth on Section 4.12(e) of the Schedulesto Seller’s Knowledge, there has not been any unauthorized access are no facts or misappropriation of any of the Company’s Intellectual Property.
(vi) No Software owned by the Company or any Company Subsidiary (“Company Software”) incorporates, is comprised of, or is distributed with, any Publicly Available Software, or is otherwise subject to the provisions of any “open source” or third party license agreement, circumstances that would could reasonably be expected to require or condition the use or distribution of such Company Software or a portion thereof on the disclosure, licensing, or distribution of any source code for any portion of such Company Software.
(vii) Neither the Company nor any of its Subsidiaries has disclosed give rise to any escrow agent or other third party, or agreed to disclose to any third party, any source code of any Company Software, other than disclosures to (i) employees, independent contractors or consultants who are subject to confidentiality obligations with respect thereto and (ii) customers of the Company and its Subsidiaries in the ordinary course of businesssuch Action.
(viii) All current Software (including Company Software), systems, servers, computers, hardware, firmware, middleware, networks, data communications lines, routers, hubs, switches and other information technology equipment material to the conduct of the business of the Company and its Subsidiaries both for internal purposes and for the Company’s customers, including current Company Products (collectively, the “Company IT Assets”) (a) have been properly maintained, in all material respects, by technically competent personnel, in accordance with applicable standards set by manufacturers or otherwise in accordance with prudent industry standards, to ensure proper operation, monitoring and use, (b) operate and perform in all material respects in accordance with their documentation and functional specifications, and (c) in the two (2) years prior to the date hereof, have experienced no material failures, breakdowns or continued substandard performance of the Company IT Assets that have caused any material disruption or material interruption in or use of the Company IT Assets as a whole or with respect to any material portion thereof. The Company and its Subsidiaries have, in all material respects, purchased a sufficient number of rights for all Software currently used by the Company and its Subsidiaries in such operations. To the Knowledge of the Company, the Company IT Assets do not contain any Malicious Code. The Company and each of its Subsidiaries apply industry standard tools designed to identify and eliminate Malicious Code included in the Company Software.
(ix) The Company and its Subsidiaries comply, and during the past three (3) years have complied, in all material respects, with all Privacy and Information Security Requirements. Neither the Company or its Subsidiaries nor, to the Knowledge of the Company, any other Person has received any written notice, allegation, complaint, or other communication from any Governmental Authority or any other Person regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries. To the Knowledge of the Company, there is no pending investigation or audit by any Governmental Authority, payment card association or other private party regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries.
(x) The Company and its Subsidiaries have implemented and maintain an information security plan (a “Security Plan”), which includes commercially reasonable administrative, technical and physical safeguards designed to protect the Company IT Assets and the data stored therein (including Personal Data) from loss, damage, misuse or unauthorized use, access, modification, destruction or disclosure, including cybersecurity and malicious insider risks. The Security Plan conforms, and has at all times in the past three (3) years conformed, in all material respects to the Privacy and Information Security Requirements. The Company and its Subsidiaries have in place a commercially reasonable written disaster recovery program, including providing for the regular back-up and prompt recovery of the data and information necessary to the conduct of the business of the Company as currently conducted without material disruption to, or material interruption in, the conduct of the business of the Company as currently conducted.
(xi) Neither the Company or any of its Subsidiaries nor, to the Knowledge of the Company, any Person Processing Personal Data on the Company’s or any of its Subsidiary’s behalf, has suffered a Data Incident. To the Knowledge of the Company, there has been no unauthorized or illegal use of or access to any Personal Data. No Company or Subsidiary of the Company has notified, or been required to notify, any Person of any Data Incident.
(xii) The Company and its Subsidiaries have obtained all required consents and satisfied all other requirements (including, but not limited to, notification to, or registration with, any Governmental Authority), necessary for the Company’s and its Subsidiaries’ Processing (including international and onward transfer) of all Personal Data in connection with the consummation of the transactions contemplated hereunder. Neither the Company or any of its Subsidiaries is subject to any Privacy and Information Security Requirement that, following the Closing, would prohibit the Surviving Company or any of its Subsidiaries from receiving or using data or Personal Data in the manner in which the Company or any of its Subsidiaries receives and uses such data or Personal Data prior to the Closing.
(xiii) All vendors, processors, subcontractors and other Persons acting for or on behalf of the Company or its Subsidiaries in connection with the Processing of Personal Data or that otherwise have been authorized to have access to Company IT Assets or Personal Data in the possession or control of the Company or its Subsidiaries is, to the extent required by applicable Privacy Laws, subject to reasonable Contract requirements regarding the Processing of Personal Data and, to the Knowledge of the Company, during the past three (3) years, have complied with all Privacy and Information Security Requirements.
Appears in 1 contract
Sources: Membership Interest Purchase Agreement (Kingsway Financial Services Inc)
Intellectual Property; Data Security and Privacy. (ia) Section 4.12(a3.15(a) of the Schedules Company Disclosure Letter sets forth, forth a true and complete list as of the date hereof, an accurate and complete list hereof of (i) all United States and foreign issued Patentsmaterial active registered patents, pending Patent patent applications, registered TrademarksTrademark registrations and applications, pending copyright registrations and applications for registration of Trademarks, material unregistered Trademarks, registered Copyrights, pending applications for registration of Copyrights, Company Software, social media identifiers, and registered domain namesname registrations, in each case, owned by the Company or any of the Company’s its Subsidiaries (the foregoing being, collectively, the “Owned Registered Company Intellectual Property”), and (ii) all material social media accounts registered to the Company or any of its Subsidiaries. The items identified on Section 4.12(a3.15(a)(i) of the Schedules lists (x) Company Disclosure Letter are subsisting and in good standing with the record owner Governmental Authorities or the applicable internet domain name registrar with which such items are registered or pending, and to the Knowledge of each such item of Owned the Company, all Registered Company Intellectual Property is valid and enforceable.
(yb) Except as would not have a Company Material Adverse Effect, the jurisdictions in which each such item Company or one of Owned its Subsidiaries (i) exclusively owns the Company Intellectual Property free and clear of all liens (other than Permitted Liens), and (ii) has been issued a valid license or registered or in which each such application for issuance or registration of such item of Owned Company otherwise has sufficient rights to use all other Intellectual Property has been filed. No registrations or applications for material Owned Company Intellectual Property have expired or been canceled or abandoned except used in accordance connection with the expiration operation of their businesses as currently conducted.
(c) Except as would not have a Company Material Adverse Effect, within the term of such rights past three years, there have been no proceedings pending or where threatened in writing against the Company has made a good faith business judgment to permit such registrations or applications to expireany of its Subsidiaries challenging the ownership, be canceled, validity or become abandoned. Each item enforceability of Owned any Company Intellectual Property (other than unregistered including Trademark opposition or cancellation proceedings).
(d) Except as would not have a Company Material Adverse Effect, (i) the Company and its Subsidiaries, and the operation of the business of the Company and its Subsidiaries, have not in the past three years infringed, misappropriated or otherwise violated any Intellectual Property of any Person, (ii) to the Knowledge of the Company, no Person has in the past three years infringed, misappropriated or otherwise violated any Company Intellectual Property, and applications therefor(iii) no proceeding alleging any of the foregoing in this Section 3.15(d) is subsisting andpending or, to the Knowledge of the Company, valid and enforceablethreatened against the Company or any of its Subsidiaries.
(iie) The Company and its Subsidiaries own all right, title have taken commercially reasonable precautions to maintain and interest to, protect the confidentiality of its Trade Secrets or otherwise have a valid and enforceable right to use, all other confidential Company Intellectual Property necessary for or used in the conduct of the business of the Company and its Subsidiaries as currently conducted. All material Intellectual Property owned by the Company and its Subsidiaries is owned free and clear of all Liens (except for Permitted Liens).
(iii) The conduct of the business of the Company and its Subsidiaries (including the products and services of the Company and its Subsidiaries) does not infringe, violate or constitute misappropriation, and has not at any time during the past three (3) years infringed, violated or constituted misappropriation, of any Intellectual Property of any third Person in any material respect. Neither the Company nor any Company Subsidiary is currently, nor has the Company nor any Company Subsidiary been in the past three (3) years, a party to any Proceeding alleging infringement or misappropriation of any Intellectual Property of any Person or breach of any material Third-Party Intellectual Property License that has not been resolved. During the past three (3) years, neither the Company nor any Company Subsidiary has received any written, nor to the Knowledge of the Company, oral threat except as would not have a Company Material Adverse Effect, there has been no material unauthorized uses or notice alleging infringement or misappropriation disclosures of any such Trade Secrets or other confidential Company Intellectual Property. Except as would not have a Company Material Adverse Effect, each Person who has been involved in the development of material Intellectual Property for the Company and its Subsidiaries that would not otherwise be owned by a third Person or that contests the validity, ownership or right of the Company or any Company Subsidiary one of its Subsidiaries as a matter of law under a work-for-hire or similar doctrine has presently assigned to exercise any rights in the Company or one of its Subsidiaries ownership of such Intellectual Property.
(ivf) The Company and its Subsidiaries have in the past three years: (i) materially complied and are in material compliance with the Data Protection Legislation, the Company’s and its Subsidiaries’ external and employee privacy policies, and binding industry standards and the terms of any Contracts related to the collection, use and processing of Personal Data (collectively, the “Privacy Requirements”); and (ii) not violated the Privacy Requirements in a manner which would have a Company Material Adverse Effect.
(g) To the Knowledge of the Company, no third Person is infringing, violating, or misappropriating the Company and its Subsidiaries have not in the past three years: (i) been subject to any material Intellectual Property owned Personal Data breach or any material loss, destruction or damage of Personal Data used in its respective business; or (ii) received or been subject to any material complaint, investigation, notice, dispute or proceedings with or by the Company or any person (including any Governmental Authority) in relation to its Subsidiariescompliance with Data Protection Legislation.
(vh) The Company and its Subsidiaries either exclusively own or use with the Company’s Subsidiaries consent or other appropriate license or permission of the owner all Company IT Assets except as would not reasonably be expected to have a Company Material Adverse Effect.
(i) Except as would not reasonably be expected to have taken commercially reasonable measures to protect the confidentiality of the Intellectual Property of a Company Material Adverse Effect, (i) the Company and its SubsidiariesSubsidiaries maintain an information security program and have used commercially reasonable efforts to ensure the confidentiality, integrity and security of Company IT Assets, including Personal Data stored or contained therein or transmitted thereby, (ii) require every employee and contractor to the Knowledge of the Company there has been no unauthorized or any of the Company’s Subsidiaries who creates or develops material proprietary Intellectual Property on behalf of the Company or any of the Company’s Subsidiaries, to assign improper access to the Company or such Company Subsidiary all of such employee’s or contractor’sIT Assets within the past two years, as applicable, rights in such Intellectual Property that do not vest in the Company or such Company Subsidiary by operation of law. To (iii) to the Knowledge of the Company, and except as set forth on Section 4.12(e) of the Schedules, there has not been any unauthorized access or misappropriation of any of the Company’s Intellectual Property.
(vi) No Software owned by the Company or any Company Subsidiary (“Company Software”) incorporates, is comprised of, or is distributed with, any Publicly Available Software, or is otherwise subject to the provisions of any “open source” or third party license agreement, that would reasonably be expected to require or condition the use or distribution of such Company Software or a portion thereof on the disclosure, licensing, or distribution of any source code for any portion of such Company Software.
(vii) Neither the Company nor any of its Subsidiaries has disclosed to any escrow agent or other third party, or agreed to disclose to any third party, any source code of any Company Software, other than disclosures to (i) employees, independent contractors or consultants who are subject to confidentiality obligations with respect thereto and (ii) customers of the Company and its Subsidiaries in the ordinary course of business.
(viii) All current Software (including Company Software), systems, servers, computers, hardware, firmware, middleware, networks, data communications lines, routers, hubs, switches and other information technology equipment material to the conduct of the business of the Company and its Subsidiaries both for internal purposes and for the Company’s customers, including current Company Products (collectively, the “Company IT Assets”) (a) have been properly maintained, in all material respects, by technically competent personnel, in accordance with applicable standards set by manufacturers or otherwise in accordance with prudent industry standards, to ensure proper operation, monitoring and use, (b) Assets operate and perform in all material respects in accordance with their documentation and functional specifications, and (civ) in the two (2) years prior to the date hereofKnowledge of the Company, the Company IT Assets are free from material bugs and other material defects, (v) the Company IT Assets have experienced no material not been subject to any failures, breakdowns or continued substandard performance of security breaches within the Company IT Assets that have caused any material disruption or material interruption in or use of the Company IT Assets as a whole or with respect past two years, and (vi) to any material portion thereof. The Company and its Subsidiaries have, in all material respects, purchased a sufficient number of rights for all Software currently used by the Company and its Subsidiaries in such operations. To the Knowledge of the Company, the Company IT Assets do not contain any Malicious Code. The Company material virus, malware, trojan horse, worm, back door, time bomb, drop dead device or other program, routine, instruction, device, code, contaminant, logic or effect designed or intended to disable, disrupt, erase, enable any Person to access without authorization, or otherwise materially and each of its Subsidiaries apply industry standard tools designed to identify and eliminate Malicious Code included in adversely affect the Company Software.
(ix) The Company and its Subsidiaries comply, and during the past three (3) years have complied, in all material respects, with all Privacy and Information Security Requirements. Neither the Company or its Subsidiaries nor, to the Knowledge of the Companyfunctionality of, any other Person has received any written noticesuch Company IT Asset, allegationexcept, complaint, or other communication from any Governmental Authority or any other Person regarding any actual or possible violation of any Privacy and Information Security Requirement by or solely with respect to the Company or its Subsidiaries. To the Knowledge of the Company, there is no pending investigation or audit by any Governmental Authority, payment card association or other private party regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries.
(x) The Company and its Subsidiaries have implemented and maintain an information security plan (a “Security Plan”vi), which includes commercially reasonable administrative, technical and physical safeguards designed to protect the Company IT Assets and the data stored therein (including Personal Data) from loss, damage, misuse or unauthorized use, access, modification, destruction or disclosure, including cybersecurity and malicious insider risks. The Security Plan conforms, and has at all times in the past three (3) years conformed, in all material respects to the Privacy and Information Security Requirements. The Company and its Subsidiaries have in place a commercially reasonable written disaster recovery program, including providing for the regular back-up and prompt recovery of the data and information necessary to the conduct of the business of the Company as currently conducted without material disruption to, or material interruption in, the conduct of the business of the Company as currently conducted.
(xi) Neither the Company or any of its Subsidiaries nor, to the Knowledge of the Company, any Person Processing Personal Data on the Company’s or any of its Subsidiary’s behalf, has suffered a Data Incident. To the Knowledge of the Company, there has been no unauthorized or illegal use of or access to any Personal Data. No Company or Subsidiary of the Company has notified, or been required to notify, any Person of any Data Incident.
(xii) The Company and its Subsidiaries have obtained all required consents and satisfied all other requirements (including, but not limited to, notification to, or registration with, any Governmental Authority), necessary for the Company’s and its Subsidiaries’ Processing (including international and onward transfer) of all Personal Data in connection with the consummation of the transactions contemplated hereunder. Neither the Company or any of its Subsidiaries is subject to any Privacy and Information Security Requirement that, following the Closing, would prohibit the Surviving Company or any of its Subsidiaries from receiving or using data or Personal Data in the manner in which the Company or any of its Subsidiaries receives and uses such data or Personal Data prior to the Closing.
(xiii) All vendors, processors, subcontractors and other Persons acting for or on behalf of the Company or its Subsidiaries in connection with the Processing of Personal Data or that otherwise have been authorized to have access to Company IT Assets or Personal Data in the possession or control of the Company or its Subsidiaries is, to the extent required included by applicable Privacy Laws, subject to reasonable Contract requirements regarding the Processing of Personal Data and, to the Knowledge developer or owner of the Company, during Company IT Asset in the past three ordinary course of business to monitor and manage usage (3) years, have complied with all Privacy and Information Security Requirementsincluding to disable unauthorized use).
Appears in 1 contract
Intellectual Property; Data Security and Privacy. (ia) Section 4.12(a) of the Schedules sets forth, as of the date hereof, an accurate and complete list of all United States and foreign issued Patents, pending Patent applications, registered Trademarks, pending applications for registration of Trademarks, material unregistered Trademarks, registered Copyrights, pending applications for registration of Copyrights, Company Software, social media identifiers, and registered domain names, in each case, owned by the Company or any of the Company’s Subsidiaries (the foregoing being, collectively, the “Owned Company Intellectual Property”). Section 4.12(a) of the Schedules lists (x) the record owner of each such item of Owned Company Intellectual Property and (y) the jurisdictions in which each such item of Owned Company Intellectual Property has been issued or registered or in which each such application for issuance or registration of such item of Owned Company Intellectual Property has been filed. No registrations or applications for material Owned Company Intellectual Property have expired or been canceled or abandoned except in accordance with the expiration of the term of such rights or where the Company has made a good faith business judgment to permit such registrations or applications to expire, be canceled, or become abandoned. Each item of Owned Company Intellectual Property (other than unregistered Intellectual Property and applications therefor) is subsisting and, to the Knowledge of the Company, valid and enforceable.
(iib) The Company and its Subsidiaries own all right, title and interest to, or otherwise have a valid and enforceable right to use, all Intellectual Property necessary for or used in the conduct of the business of the Company and its Subsidiaries as currently conducted. All material Intellectual Property owned by the Company and its Subsidiaries is owned free and clear of all Liens (except for Permitted Liens).
(iiic) The conduct of the business of the Company and its Subsidiaries (including the products and services of the Company and its Subsidiaries) does not infringe, violate or constitute misappropriation, and has not at any time during the past three (3) years infringed, violated or constituted misappropriation, of any Intellectual Property of any third Person in any material respect. Neither the Company nor any Company Subsidiary is currently, nor has the Company nor any Company Subsidiary been in the past three (3) years, a party to any Proceeding alleging infringement or misappropriation of any Intellectual Property of any Person or breach of any material Third-Party Intellectual Property License that has not been resolved. During the past three (3) years, neither the Company nor any Company Subsidiary has received any written, nor to the Knowledge of the Company, oral threat or notice alleging infringement or misappropriation of any Intellectual Property owned by a third Person or that contests the validity, ownership or right of the Company or any Company Subsidiary to exercise any rights in the Company Intellectual Property.
(ivd) To the Knowledge of the Company, no third Person is infringing, violating, or misappropriating any material Intellectual Property owned by the Company or its Subsidiaries.
(ve) The Company and the Company’s Subsidiaries (i) have taken commercially reasonable measures to protect the confidentiality of the Intellectual Property of the Company and its Subsidiaries, and (ii) require every employee and contractor of the Company or any of the Company’s Subsidiaries who creates or develops material proprietary Intellectual Property on behalf of the Company or any of the Company’s Subsidiaries, to assign to the Company or such Company Subsidiary all of such employee’s or contractor’s, as applicable, rights in such Intellectual Property that do not vest in the Company or such Company Subsidiary by operation of law. To the Knowledge of the Company, and except as set forth on Section 4.12(e) of the Schedules, there has not been any unauthorized access or misappropriation of any of the Company’s Intellectual Property.
(vif) No Software owned by the Company or any Company Subsidiary (“Company Software”) incorporates, is comprised of, or is distributed with, any Publicly Available Software, or is otherwise subject to the provisions of any “open source” or third party license agreement, that would reasonably be expected to require or condition the use or distribution of such Company Software or a portion thereof on the disclosure, licensing, or distribution of any source code for any portion of such Company Software.
(viig) Neither the Company nor any of its Subsidiaries has disclosed to any escrow agent or other third party, or agreed to disclose to any third party, any source code of any Company Software, other than disclosures to (i) employees, independent contractors or consultants who are subject to confidentiality obligations with respect thereto and (ii) customers of the Company and its Subsidiaries in the ordinary course of business.
(viiih) All current Software (including Company Software), systems, servers, computers, hardware, firmware, middleware, networks, data communications lines, routers, hubs, switches and other information technology equipment material to the conduct of the business of the Company and its Subsidiaries both for internal purposes and for the Company’s customers, including current Company Products (collectively, the “Company IT Assets”) (a) have been properly maintained, in all material respects, by technically competent personnel, in accordance with applicable standards set by manufacturers or otherwise in accordance with prudent industry standards, to ensure proper operation, monitoring and use, (b) operate and perform in all material respects in accordance with their documentation and functional specifications, and (c) in the two (2) years prior to the date hereof, have experienced no material failures, breakdowns or continued substandard performance of the Company IT Assets that have caused any material disruption or material interruption in or use of the Company IT Assets as a whole or with respect to any material portion thereof. The Company and its Subsidiaries have, in all material respects, purchased a sufficient number of rights for all Software currently used by the Company and its Subsidiaries in such operations. To the Knowledge of the Company, the Company IT Assets do not contain any Malicious Code. The Company and each of its Subsidiaries apply industry standard tools designed to identify and eliminate Malicious Code included in the Company Software.
(ixi) The Company and its Subsidiaries comply, and during the past three (3) years have complied, in all material respects, with all Privacy and Information Security Requirements. Neither the Company or its Subsidiaries nor, to the Knowledge of the Company, any other Person has received any written notice, allegation, complaint, or other communication from any Governmental Authority or any other Person regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries. To the Knowledge of the Company, there is no pending investigation or audit by any Governmental Authority, payment card association or other private party regarding any actual or possible violation of any Privacy and Information Security Requirement by or with respect to the Company or its Subsidiaries.
(xj) The Company and its Subsidiaries have implemented and maintain an information security plan (a “Security Plan”), which includes commercially reasonable administrative, technical and physical safeguards designed to protect the Company IT Assets and the data stored therein (including Personal Data) from loss, damage, misuse or unauthorized use, access, modification, destruction or disclosure, including cybersecurity and malicious insider risks. The Security Plan conforms, and has at all times in the past three (3) years conformed, in all material respects to the Privacy and Information Security Requirements. The Company and its Subsidiaries have in place a commercially reasonable written disaster recovery program, including providing for the regular back-up and prompt recovery of the data and information necessary to the conduct of the business of the Company as currently conducted without material disruption to, or material interruption in, the conduct of the business of the Company as currently conducted.
(xik) Neither the Company or any of its Subsidiaries nor, to the Knowledge of the Company, any Person Processing Personal Data on the Company’s or any of its Subsidiary’s behalf, has suffered a Data Incident. To the Knowledge of the Company, there has been no unauthorized or illegal use of or access to any Personal Data. No Company or Subsidiary of the Company has notified, or been required to notify, any Person of any Data Incident.
(xiil) The Company and its Subsidiaries have obtained all required consents and satisfied all other requirements (including, but not limited to, notification to, or registration with, any Governmental Authority), necessary for the Company’s and its Subsidiaries’ Processing (including international and onward transfer) of all Personal Data in connection with the consummation of the transactions contemplated hereunder. Neither the Company or any of its Subsidiaries is subject to any Privacy and Information Security Requirement that, following the Closing, would prohibit the Surviving Company or any of its Subsidiaries from receiving or using data or Personal Data in the manner in which the Company or any of its Subsidiaries receives and uses such data or Personal Data prior to the Closing.
(xiiim) All vendors, processors, subcontractors and other Persons acting for or on behalf of the Company or its Subsidiaries in connection with the Processing of Personal Data or that otherwise have been authorized to have access to Company IT Assets or Personal Data in the possession or control of the Company or its Subsidiaries is, to the extent required by applicable Privacy Laws, subject to reasonable Contract requirements regarding the Processing of Personal Data and, to the Knowledge of the Company, during the past three (3) years, have complied with all Privacy and Information Security Requirements.
Appears in 1 contract
Sources: Merger Agreement (Compass Group Diversified Holdings LLC)