Common use of Intellectual Property; Privacy Clause in Contracts

Intellectual Property; Privacy. (a) Each Seller Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conducted. Each Seller Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Entity in connection with its business operations, and such Seller Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller threatened, which challenge the rights of any Seller Entity with respect to Intellectual Property used, sold or licensed by such Seller Entity in the course of its business, nor has any Person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity and the use of any Intellectual Property by each Seller Entity does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Person. No Person has asserted to Seller in writing that any Seller Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities as currently conducted. To Seller’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller Entity, and each Seller Entity has taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information by any Seller Entity or any other Person.

Intellectual Property; Privacy. (a) Each Seller Malvern Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedMalvern Entity, and all registered trademarks are set forth on Section 4.14 of Malvern’s Disclosure Memorandum. Each Seller Malvern Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Malvern Entity in connection with its such Malvern Entity’s business operations, and such Seller Malvern Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Malvern Entity is in Default under any of its Intellectual Property licenseslicenses in any material respect. No To Malvern’s Knowledge, no proceedings have been instituted, or are pending or to the Knowledge of Seller threatened, threatened which challenge the rights of any Seller Malvern Entity with respect to Intellectual Property used, sold or licensed by such Seller Malvern Entity in the course of its business, nor has any Person person claimed or alleged to any Malvern Entity any violation of their rights with respect to such Intellectual Property. The To Malvern’s Knowledge, the conduct of the business of each Seller Entity the Malvern Entities and the use of any Intellectual Property by each Seller Entity Malvern and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Person. No Person has asserted to Seller Malvern in writing that Malvern or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Malvern Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement. At and after the Effective Time, the use of the “Spirit Malvern Bank” trademark and trade name in the present possession of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will any Malvern Entity shall be transferred to Buyer or Buyer First Bank in connection with the transactions contemplated by this Agreement Merger and after the Effective Time, no Person besides Buyer First Bank (or another First Bank Entity, if applicable) shall have right and title to the such “Spirit of Texas Bancshares,Malvern Bank” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks trademark and trade namesname. All of the Seller Entities’ The Malvern Bank’s right to the use of and title to the names name “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Malvern Bank,” and “Spirit of Texas Bank SSB” will not be transferred to Buyer in connection with the completion adversely impacted by consummation of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesMalvern and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, but excluding the public internet and other utilities, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities Malvern and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities Malvern and each of its Subsidiaries as currently conducted. To SellerMalvern’s Knowledge, since September 30, 2019, no third party or Representative has gained unauthorized access to any Systems owned or controlled by Malvern or any Seller Entityof its Subsidiaries in any material respect, and Malvern and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards designed to ensure that secure the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity has Malvern and each of its Subsidiaries have implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and to the Knowledge of Malvern, sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities Malvern and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity has Since September 30, 2019, Malvern and each of its Subsidiaries have (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures designed to ensure that protect all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerMalvern’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by Malvern, any Seller Entity of its Subsidiaries or any other Personperson acting on Malvern or any of its Subsidiaries’ behalf which either (i) remains uncured or (ii) is reasonably expected to result in, individually or in the aggregate, material Liability on the part of Malvern.

Intellectual Property; Privacy. (a) Each Seller Bryn Mawr Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Bryn Mawr Entity as it is currently conducted. Each Seller Bryn Mawr Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Bryn Mawr Entity in connection with its business operations, and such Seller Bryn Mawr Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Bryn Mawr Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller Bryn Mawr threatened, which challenge the rights of any Seller Bryn Mawr Entity with respect to Intellectual Property used, sold or licensed by such Seller Bryn Mawr Entity in the course of its business, nor has any Person claimed or alleged any rights to such Intellectual PropertyProperty owned or purported to be owned by any Bryn Mawr Entity. The To the Knowledge of Bryn Mawr, the conduct of the business of each Seller Bryn Mawr Entity and the use of any Intellectual Property by each Seller Bryn Mawr Entity does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Since December 31, 2017, no Person has asserted to Seller Bryn Mawr in writing that any Seller Bryn Mawr Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller Bryn Mawr Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Bryn Mawr Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Bryn Mawr Entities as currently conducted and (ii) the Bryn Mawr Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Bryn Mawr Entities as currently conducted. To SellerBryn Mawr’s Knowledge, no third party or Representative has gained unauthorized access to any Bryn Mawr Systems owned or controlled by any Seller Bryn Mawr Entity, and each Seller Entity has the Bryn Mawr Entities have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Bryn Mawr Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Bryn Mawr Entity has implemented backup and disaster recovery business continuity policies, procedures and systems with disaster recovery practices consistent with generally accepted industry standards applicable to such Bryn Mawr Entity and sufficient to reasonably maintain the operation of the respective businesses business of the Seller Entities such Bryn Mawr Entity in all material respects. Each Seller Bryn Mawr Entity has implemented and maintained maintains commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Since December 31, 2017, each Bryn Mawr Entity has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission disclosure or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerBryn Mawr’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by any Seller Bryn Mawr Entity or any other Person.

Intellectual Property; Privacy. (a) Each Seller Veritex Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary used or held for use to carry on the business of such Seller Veritex Entity as it is currently conducted. Each Seller To the extent a Veritex Entity engages in the sale or licensing to a third party of any Intellectual Property in connection with its business operations, such Veritex Entity is the owner of or has a license, with the right to sublicense, to any such Intellectual Property as such Intellectual Property is sold or licensed to a third party by such Seller Entity in connection with the conduct of its business operations, and such Seller Entity has the right to convey by sale or license any Intellectual Property so conveyedbusiness. No Seller Veritex Entity is in Default under any of its material Contract pursuant to which it licenses Intellectual Property licensesProperty. No Since January 1, 2015, no proceedings have been instituted, or are pending or to the Knowledge of Seller Veritex threatened, which challenge the rights of any Seller Veritex Entity with respect to Intellectual Property used, sold or licensed by such Seller Veritex Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual PropertyProperty owned or purported to be owned by a Veritex Entity. The To the Knowledge of Veritex, the conduct of the business of each Seller Entity and the Veritex Entity, including any Veritex Entity’s use of any Intellectual Property used or held for use by each Seller such Veritex Entity does not infringe, misappropriate misappropriate, dilute or otherwise violate the Intellectual Property rights of any other Person. No Since January 1, 2015, no Veritex Entity has received any written notice from any Person has asserted to Seller in writing (i) alleging that any Seller Veritex Entity has infringed, misappropriated misappropriated, diluted or otherwise violated the Intellectual Property rights of such Person. The Person or (ii) challenging the scope, validity, continuation and effectiveness enforceability, registrability, use or ownership of all licenses and other agreements relating to any Intellectual Property used owned or purported to be owned by any Seller Veritex Entity. (b) To the Knowledge of Veritex, no Person is infringing, misappropriating, diluting or otherwise violating any Intellectual Property owned, used, or held for use by any Veritex Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use conduct of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All respective businesses of the Seller Entities’ right to the use of Veritex Entities as currently conducted, and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancsharesno such claims have been asserted or threatened against any Person by any Veritex Entity since January 1, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement2015. (c) Veritex takes reasonable measures to protect the confidentiality of trade secrets, including requiring all Persons having access thereto to execute written non-disclosure agreements. To the Knowledge of Veritex, there has not been any disclosure of or access to any trade secret of any Veritex Entity (including any such information of any other Person disclosed in confidence to such Veritex Entity) to any Person in a manner that has resulted or is likely to result in the loss of trade secret or other rights in and to such information. (d) (i) The computer, information technology and data processing systems, facilities and services used by the Seller Veritex Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Veritex Entities as currently conducted and (ii) the Systems are in sufficiently good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Veritex Entities as currently conducted. To SellerVeritex’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller EntityVeritex Entity since January 1, and each Seller Entity has 2015. The Veritex Entities have taken commercially reasonable steps and implemented commercially reasonable safeguards (A) to ensure that protect the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materialsmaterials and (B) that are designed to reasonably mitigate the risks of cybersecurity breaches and attacks. Each Seller Veritex Entity has implemented reasonably appropriate backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain mitigate the risk of a material disruption to the operation of the respective businesses of the Seller Veritex Entities in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (ce) Each Seller Veritex Entity has (i) complied in all material respects with (A) all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission disclosure or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with (B) all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerVeritex’s Knowledge, there has been no material loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by any Seller Veritex Entity or any other PersonPerson since January 1, 2015.

Intellectual Property; Privacy. (a) Each Seller Green Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary used or held for use to carry on the business of such Seller Green Entity as it is currently conducted. Each Seller To the extent a Green Entity engages in the sale or licensing to a third party of any Intellectual Property in connection with its business operations, such Green Entity is the owner of or has a license, with the right to sublicense, to any such Intellectual Property as such Intellectual Property is sold or licensed to a third party by such Seller Entity in connection with the conduct of its business operations, and such Seller Entity has the right to convey by sale or license any Intellectual Property so conveyedbusiness. No Seller Green Entity is in Default under any of its material Contract pursuant to which it licenses Intellectual Property licensesProperty. No Since January 1, 2015, no proceedings have been instituted, or are pending or to the Knowledge of Seller Green threatened, which challenge the rights of any Seller Green Entity with respect to Intellectual Property used, sold or licensed by such Seller Green Entity in the course of its business, nor has any Person person claimed or alleged any rights to any such Intellectual PropertyProperty owned or purported to be owned by a Green Entity. The To the Knowledge of Green, the conduct of the business of each Seller Entity and the Green Entity, including any Green Entity’s use of any Intellectual Property used or held for use by each Seller Entity such Green Entity, does not infringe, misappropriate misappropriate, dilute or otherwise violate the Intellectual Property rights of any other Person. No Since January 1, 2015, no Green Entity has received any written notice from any Person has asserted to Seller in writing (i) alleging that any Seller Green Entity has infringed, misappropriated misappropriated, diluted or otherwise violated the Intellectual Property rights of such Person. The Person or (ii) challenging the scope, validity, continuation and effectiveness enforceability, registrability, use or ownership of all licenses and other agreements relating to any Intellectual Property used owned or purported to be owned by any Seller Green Entity. (b) To the Knowledge of Green, no Person is infringing, misappropriating, diluting or otherwise violating any Intellectual Property owned, used, or held for use by any Green Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use conduct of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All respective businesses of the Seller Entities’ right to the use of Green Entities as currently conducted, and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancsharesno such claims have been asserted or threatened against any Person by any Green Entity since January 1, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement2015. (c) Green takes reasonable measures to protect the confidentiality of trade secrets, including requiring all Persons having access thereto to execute written non-disclosure agreements. To the Knowledge of Green, there has not been any disclosure of or access to any trade secret of any Green Entity (including any such information of any other Person disclosed in confidence to such Green Entity) to any Person in a manner that has resulted or is likely to result in the loss of trade secret or other rights in and to such information. (d) (i) The computer, information technology and data processing systems, facilities and services used by the Seller Green Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Green Entities as currently conducted and (ii) the Systems are in sufficiently good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Green Entities as currently conducted. To SellerGreen’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller EntityGreen Entity since January 1, and each Seller Entity has 2015. The Green Entities have taken commercially reasonable steps and implemented commercially reasonable safeguards (A) to ensure that protect the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materialsmaterials and (B) that are designed to reasonably mitigate the risks of cybersecurity breaches and attacks. Each Seller Green Entity has implemented reasonably appropriate backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain mitigate the risk of a material disruption to the operation of the respective businesses of the Seller Green Entities in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (ce) Each Seller Green Entity has (i) complied in all material respects with (A) all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission disclosure or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with (B) all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerGreen’s Knowledge, there has been no material loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by any Seller Green Entity or any other PersonPerson since January 1, 2015.

Intellectual Property; Privacy. (a) Each Seller Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the material Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conducted. Each Seller Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Entity in connection with its business operations, and such Seller Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Entity is in material Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller threatened, which challenge the rights of any Seller Entity with respect to Intellectual Property used, sold or licensed by such Seller Entity in the course of its business, nor has any Person claimed or alleged any rights to such Intellectual Property. The To the Knowledge of Seller, the conduct of the business of each Seller Entity and the use of any Intellectual Property by each Seller Entity does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to any Seller Entity in writing that any Seller Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas The First Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSBThe First Bank” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas The First Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSBThe First Bank” trademarks and trade names. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas The First Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSBThe First Bank” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities as currently conducted conducted, and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities as currently conducted. To Seller’s KnowledgeThere have not been any actual, suspected, or alleged Security Incidents or actual or alleged claims related to Security Incidents, and there are no third party facts or Representative has gained unauthorized access circumstances which could reasonably serve as the basis for any such allegations or claims. There are no known data security, information security, or other technological vulnerabilities with respect to any Systems owned or controlled by any Seller Entity, and each Seller Entity has or with respect to the Systems that could adversely impact their operations or cause a Security Incident. The Seller Entities have taken commercially reasonable steps and implemented commercially reasonable safeguards consistent with the state of the art for the industry in which the Seller Entities operate to ensure that the Systems are secure from loss, damage, and unauthorized access access, use, modification, or other misuse and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity has implemented commercially reasonable backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. Without limiting the generality of the foregoing, the Seller Entities’ information security programs are designed to (i) identify internal and external risks to the security of the Personal Information, Business Data, and Systems; and (ii) implement, monitor and improve adequate and effective safeguards to control those risks. The Seller Entities have timely and reasonably remediated and addressed any and all material audit or security assessment findings relating to its implementation of administrative, technical, and physical security measures. Each Seller Entity employee has received training regarding information security that is relevant to each such employee’s role and responsibility within the business and such employee’s access to Personal Information, Business Data and Systems. (c) Each Seller Entity and, to Seller’s Knowledge, each Third Party Service Provider, has (i) complied at all times and remains in all material respects compliance with all applicable Laws which govern the receiptPrivacy and Security Requirements, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Personal Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s Knowledge, there There has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Personal Information by any Seller Entity or any other Person. The Seller Entities have implemented and maintain documented policies and procedures to ensure compliance with the Privacy and Information Security Requirements. Each Seller Entity has provided all requisite notices and obtained all required consents, and satisfied all other requirements, necessary for the conduct of the business as currently conducted and in connection with the consummation of the transaction contemplated hereunder. The consummation of the transaction contemplated hereunder will comply with the Privacy and Information Security Requirements. (d) Each Seller Entity has contractually obligated all Third Party Service Providers to appropriate contractual terms relating to the protection and use of Personal Information and Systems, including obligations to (i) comply with applicable Privacy and Information Security Requirements, (ii) implement an appropriate information security program that includes reasonable administrative, technical, and physical safeguards, and (iii) restrict processing of Personal Information and ensure the return or adequate disposal or destruction of Personal Information. Each Seller Entity has taken reasonable measures to ensure that Third Party Service Providers have complied with their contractual obligations. (e) There is not currently pending or threatened Litigation against any Seller Entity, including by any privacy regulator or other Regulatory Authority, with respect to privacy, cybersecurity, or the Processing of Personal Information, and there are no facts upon which such Litigation could be based. (f) Each Seller Entity has taken commercially reasonable measures to protect the confidentiality of all trade secrets that are included in the Intellectual Property owned by them, and, to the Knowledge of Seller, such trade secrets have not been disclosed by any Seller Entity to any Person except pursuant to appropriate nondisclosure agreements. (g) Each current or former employee, consultant or contractor of the Seller Entity who has contributed to the creation or development of any Intellectual Property owned by any Seller Entity has executed a nondisclosure and assignment-of-rights agreement for the benefit of the Seller Entities, and the Seller Entities are the owner of all rights in and to all Intellectual Property created by each such employee, consultant or contractor in performing services for the Seller Entities vesting all rights in work product created in the Seller Entities.

Intellectual Property; Privacy. (a) Each Seller Reliance Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedReliance Entity. Each Seller Reliance Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Reliance Entity in connection with its such Reliance Entity’s business operations, and such Seller Reliance Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Reliance Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller Reliance threatened, which challenge the rights of any Seller Reliance Entity with respect to Intellectual Property used, sold or licensed by such Seller Reliance Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the Reliance Entities and the use of any Intellectual Property by each Seller Entity Reliance and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller Reliance in writing that Reliance or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Personperson. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Reliance Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,Reliance Bank” and “Spirit of Texas Reliance Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank ▇▇▇▇▇▇▇ in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer ▇▇▇▇▇▇▇ shall have right and title to the “Spirit of Texas Bancshares,Reliance Bank” and “Spirit of Texas Reliance Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All of the Seller Reliance Entities’ right to the use of and title to the names name “Spirit of Texas Bancshares,Reliance Bank” and “Spirit of Texas Reliance Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer ▇▇▇▇▇▇▇ in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesReliance and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities Reliance and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities Reliance and each of its Subsidiaries as currently conducted. To SellerReliance’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by Reliance or any Seller Entityof its Subsidiaries, and Reliance and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity Reliance and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities Reliance and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity Reliance and each of its Subsidiaries has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerReliance’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by Reliance, any Seller Entity of its Subsidiaries or any other Personperson.

Intellectual Property; Privacy. (a) Each Seller First Mariner Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedFirst Mariner Entity. Each Seller First Mariner Entity is the owner of or has a license, with the right to sublicense, license to any material Intellectual Property sold or licensed to a third party by such Seller First Mariner Entity in connection with its such First Mariner Entity’s business operations, and such Seller First Mariner Entity has the right to convey by sale or license any material Intellectual Property so conveyed. No Seller First Mariner Entity is in Default under any of its material Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller First Mariner threatened, which challenge the rights of any Seller First Mariner Entity with respect to Intellectual Property used, sold or licensed by such Seller First Mariner Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the First Mariner Entities and the use of any Intellectual Property by each Seller Entity First Mariner and its Subsidiaries does not infringe, misappropriate or otherwise violate the any Intellectual Property rights of any other Person. No Person has asserted to Seller First Mariner or its Subsidiaries in writing that First Mariner or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The Subject to any trademark filings required by Law in connection with the Merger, the validity, continuation and effectiveness of all licenses and other agreements relating to material Intellectual Property used by any Seller First Mariner Entity in the course of its business Ordinary Course and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of all material Intellectual Property of each of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” First Mariner Entities’ trademarks will be transferred to Buyer or Buyer Bank ▇▇▇▇▇▇ in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer ▇▇▇▇▇▇ shall have right and title to the “Spirit of Texas Bancshares1st Mariner,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas 1st Mariner Bank,” and “Spirit of Texas Bank SSB1st Mariner Mortgage” trademarks and trade namestradenames. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (gg) (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesFirst Mariner and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities First Mariner and its Subsidiaries as currently conducted conducted; and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities First Mariner and each of its Subsidiaries as currently conducted. To SellerFirst Mariner’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by First Mariner or any Seller Entityof its Subsidiaries, and First Mariner and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity First Mariner and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards for a community bank, and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities First Mariner and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information by any Seller Entity or any other Person.

Intellectual Property; Privacy. (a) Each Seller Target Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedTarget Entity. Each Seller Target Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Target Entity in connection with its such Target Entity’s business operations, and such Seller Target Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Target Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller Target threatened, which challenge the rights of any Seller Target Entity with respect to Intellectual Property used, sold or licensed by such Seller Target Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the Target Entities and the use of any Intellectual Property by each Seller Entity Target and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller Target in writing that Target or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Personperson. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Target Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas First South Bank,” and “Spirit of Texas Bank SSBFSB Insurance, Inc.” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas First South Bank,” and “Spirit of Texas Bank SSBFSB Insurance, Inc.” trademarks and trade names. All of the Seller Target Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas First South Bank,” and “Spirit of Texas Bank SSBFSB Insurance, Inc.” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesTarget and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities Target and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities Target and each of its Subsidiaries as currently conducted. To SellerTarget’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by Target or any Seller Entityof its Subsidiaries, and Target and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity Target and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities Target and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity Target and each of its Subsidiaries has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerTarget’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by Target, any Seller Entity of its Subsidiaries or any other Personperson.

Intellectual Property; Privacy. (ai) Each Seller Entity owns Section 3.03(c) of the Disclosure Statement sets forth a complete and accurate list of all patents, patent applications, trademark registrations and pending applications for registration, copyright registrations and pending applications for registration and internet domain name registrations owned by the Companies; and all such listed Intellectual Property is subsisting and unexpired, and to Sellers’ Knowledge, valid and enforceable. The Acquired Companies exclusively own such listed Intellectual Property and all other Intellectual Property owned or has a valid license purported to be owned by the Companies, and own or have the right to use (in each case, free and clear of any Liens all other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conducted. Each Seller Entity is the owner of for, used or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Entity in connection with its business operations, and such Seller Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller threatened, which challenge the rights of any Seller Entity with respect to Intellectual Property used, sold or licensed by such Seller Entity held for use in the course conduct of its business, nor has any Person claimed or alleged any rights to such the Acquired Companies’ business as currently conducted (the “Fortress Intellectual Property. ”). (ii) The conduct of the Acquired Companies’ business of each Seller Entity and the use of any Intellectual Property by each Seller Entity as currently conducted does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Person. No Person has asserted ; and to Seller in writing that any Seller Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective TimeSellers’ Knowledge, no Person besides Buyer shall have right is infringing, misappropriating or otherwise violating any Fortress Intellectual Property owned by the Acquired Companies; and title there are no claims (including cease and desist letters and invitations to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All take a patent license) alleging any of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreementsame. (iiii) The computerExcept where failure to do so does not or would not reasonably be expected to have a Material Adverse Effect on the Acquired Companies, information technology and data processing systemstaken as a whole, facilities and services used by the Seller Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct each of the respective businesses of the Seller Entities as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities as currently conducted. To Seller’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller Entity, and each Seller Entity Acquired Companies has taken commercially reasonable steps to protect and implemented commercially reasonable safeguards to ensure that maintain: (A) its confidential information and trade secrets; (B) its exclusive ownership of material proprietary Intellectual Property; and (C) the Systems are secure from unauthorized access security, operation and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, integrity of its material systems and software, data or other materials. Each Seller Entity has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (civ) Each Seller Entity has (i) complied Except where failure to do so does not or would not reasonably be expected to have a Material Adverse Effect on the Acquired Companies, taken as a whole, the Acquired Companies use, storage, sharing, disclosure, processing, dissemination and disposal of any personal data is in compliance in all material respects with all applicable Laws which govern the receiptprivacy policies, collection, compilation, terms of use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer contractual obligations and applicable Laws. Each of the Acquired Companies maintains policies, safeguards and procedures regarding data security and privacy that are commercially reasonable and consistent with industry standards. Each of the Acquired Companies has not been subject to any security breaches relating to, or violations of any security policy regarding, or any unauthorized access of, any personal data used by or information on behalf of customers such Acquired Company, other than those that were resolved without material cost, material liability or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all the duty to notify any Person arising under applicable Law or terms of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information by any Seller Entity or any other Personapplicable Contracts.

Intellectual Property; Privacy. (a) Each Seller ▇▇▇▇▇▇▇ Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller ▇▇▇▇▇▇▇ Entity as it is currently conducted. Each Seller ▇▇▇▇▇▇▇ Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller ▇▇▇▇▇▇▇ Entity in connection with its such ▇▇▇▇▇▇▇ Entity’s business operations, and such Seller ▇▇▇▇▇▇▇ Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller ▇▇▇▇▇▇▇ Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller ▇▇▇▇▇▇▇ threatened, which challenge the rights of any Seller ▇▇▇▇▇▇▇ Entity with respect to Intellectual Property used, sold or licensed by such Seller ▇▇▇▇▇▇▇ Entity in the course of its business, nor has any Person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller ▇▇▇▇▇▇▇ Entity and the use of any Intellectual Property by each Seller ▇▇▇▇▇▇▇ Entity does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Person. No Person has asserted to Seller ▇▇▇▇▇▇▇ in writing that any Seller ▇▇▇▇▇▇▇ Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller ▇▇▇▇▇▇▇ Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Landmark Bank,” and “Spirit of Texas Bank SSBThe ▇▇▇▇▇▇▇ Company” trademarks will be transferred to Buyer or Buyer Bank ▇▇▇▇▇▇▇ in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer ▇▇▇▇▇▇▇ shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Landmark Bank,” and “Spirit of Texas Bank SSBThe ▇▇▇▇▇▇▇ Company” trademarks and trade names. All of the Seller ▇▇▇▇▇▇▇ Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Landmark Bank,” and “Spirit of Texas Bank SSBThe ▇▇▇▇▇▇▇ Company” will be transferred to Buyer ▇▇▇▇▇▇▇ in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller ▇▇▇▇▇▇▇ Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller ▇▇▇▇▇▇▇ Entities as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities as currently conducted▇▇▇▇▇▇▇ Entities. To Seller’s ▇▇▇▇▇▇▇’▇ Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller ▇▇▇▇▇▇▇ Entity, and each Seller ▇▇▇▇▇▇▇ Entity has taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller ▇▇▇▇▇▇▇ Entity has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller ▇▇▇▇▇▇▇ Entities in all material respects. Each Seller ▇▇▇▇▇▇▇ Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller ▇▇▇▇▇▇▇ Entity has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s ▇▇▇▇▇▇▇’▇ Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information by any Seller ▇▇▇▇▇▇▇ Entity or any other Person.

Intellectual Property; Privacy. (a) Each Seller First Texas Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedFirst Texas Entity. Each Seller First Texas Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller First Texas Entity in connection with its such First Texas Entity’s business operations, and such Seller First Texas Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller First Texas Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller First Texas threatened, which challenge the rights of any Seller First Texas Entity with respect to Intellectual Property used, sold or licensed by such Seller First Texas Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the First Texas Entities and the use of any Intellectual Property by each Seller Entity First Texas and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller First Texas in writing that First Texas or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Personperson. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller First Texas Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks listed on Schedule 4.13(a) will be transferred to Buyer or Buyer Bank ▇▇▇▇▇▇▇ in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer ▇▇▇▇▇▇▇ shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” such trademarks and trade namestradenames. All of the Seller First Texas Entities’ right to the use of and title to the names “Spirit of First Texas Bancshares,” “Spirit of Texas BancsharesBHC, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSBSouthwest Bank” will be transferred to Buyer ▇▇▇▇▇▇▇ in connection with the completion of the transactions contemplated by this Agreement. (b) (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesFirst Texas and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities First Texas and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities First Texas and each of its Subsidiaries as currently conducted. To Seller’s First Texas’ Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by First Texas or any Seller Entityof its Subsidiaries, and First Texas and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity First Texas and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities First Texas and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity First Texas and each of its Subsidiaries has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s First Texas’ Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by First Texas, any Seller Entity of its Subsidiaries or any other Personperson.

Intellectual Property; Privacy. (a) Each Seller IAB Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedIAB Entity. Each Seller IAB Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller IAB Entity in connection with its such IAB Entity's business operations, and such Seller IAB Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller IAB Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller IAB threatened, which challenge the rights of any Seller IAB Entity with respect to Intellectual Property used, sold or licensed by such Seller IAB Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the IAB Entities and the use of any Intellectual Property by each Seller Entity IAB and its Subsidiaries does not infringe, misappropriate or otherwise violate the any Intellectual Property rights of any other Person. No Person has asserted to Seller IAB in writing that IAB or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller IAB Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (b) In each case, except as would not reasonably be likely to have, either individually or in the aggregate, a Material Adverse Effect on IAB: (i) The the computer, information technology and data processing systems, facilities and services used by the Seller EntitiesIAB and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “"Systems”"), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities IAB and such Subsidiaries as currently conducted conducted; and (ii) the Systems are in good working condition condition, ordinary wear and tear excepted, to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities IAB and each of its Subsidiaries as currently conducted. To Seller’s IAB's Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by IAB or any Seller Entityof its Subsidiaries, and IAB and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity IAB and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards for a community bank, and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities IAB and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity has IAB and each of its Subsidiaries has: (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information and personally identifiable information; and, (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s IAB's Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by IAB, any Seller Entity of its Subsidiaries or any other Personperson.

Intellectual Property; Privacy. (a) Each Seller FSB Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller FSB Entity as it is currently conducted. Each Seller FSB Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller FSB Entity in connection with its business operations, and such Seller FSB Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller FSB Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller FSB threatened, which challenge the rights of any Seller FSB Entity with respect to Intellectual Property used, sold or licensed by such Seller FSB Entity in the course of its business, nor has any Person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller FSB Entity and the use of any Intellectual Property by each Seller FSB Entity does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller FSB in writing that any Seller FSB Entity has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Person. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks will be transferred to Buyer or Buyer Bank in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks and trade names. All of the Seller Entities’ right to the use of and title to the names “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” will be transferred to Buyer in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller FSB Entities, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller FSB Entities as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller FSB Entities as currently conducted. To SellerFSB’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by any Seller FSB Entity, and each Seller Entity has the FSB Entities have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller FSB Entity has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller FSB Entities in all material respects. Each Seller FSB Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller FSB Entity has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of Personally Identifiable Information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerFSB’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information by any Seller Entity or any other Person.20

Intellectual Property; Privacy. (a) Each Seller First Texas Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedFirst Texas Entity. Each Seller First Texas Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller First Texas Entity in connection with its such First Texas Entity’s business operations, and such Seller First Texas Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller First Texas Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller First Texas threatened, which challenge the rights of any Seller First Texas Entity with respect to Intellectual Property used, sold or licensed by such Seller First Texas Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the First Texas Entities and the use of any Intellectual Property by each Seller Entity First Texas and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller First Texas in writing that First Texas or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Personperson. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller First Texas Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement, the use of the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks listed on Schedule 4.13(a) will be transferred to Buyer or Buyer Bank ▇▇▇▇▇▇▇ in connection with the transactions contemplated by this Agreement and after the Effective Time, no Person besides Buyer ▇▇▇▇▇▇▇ shall have right and title to the “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” such trademarks and trade namestradenames. All of the Seller First Texas Entities’ right to the use of and title to the names “Spirit of First Texas Bancshares,” “Spirit of Texas BancsharesBHC, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSBSouthwest Bank” will be transferred to Buyer ▇▇▇▇▇▇▇ in connection with the completion of the transactions contemplated by this Agreement. (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesFirst Texas and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities First Texas and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities First Texas and each of its Subsidiaries as currently conducted. To Seller’s First Texas’ Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by First Texas or any Seller Entityof its Subsidiaries, and First Texas and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity First Texas and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities First Texas and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity First Texas and each of its Subsidiaries has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To Seller’s First Texas’ Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by First Texas, any Seller Entity of its Subsidiaries or any other Personperson.

Intellectual Property; Privacy. (a) Each Seller Delanco Entity owns or has a valid license to use (in each case, free and clear of any Liens other than any Permitted Liens) all of the Intellectual Property necessary to carry on the business of such Seller Entity as it is currently conductedDelanco Entity. Each Seller Delanco Entity is the owner of or has a license, with the right to sublicense, to any Intellectual Property sold or licensed to a third party by such Seller Delanco Entity in connection with its such Delanco Entity’s business operations, and such Seller Delanco Entity has the right to convey by sale or license any Intellectual Property so conveyed. No Seller Delanco Entity is in Default under any of its Intellectual Property licenses. No proceedings have been instituted, or are pending or to the Knowledge of Seller Delanco threatened, which challenge the rights of any Seller Delanco Entity with respect to Intellectual Property used, sold or licensed by such Seller Delanco Entity in the course of its business, nor has any Person person claimed or alleged any rights to such Intellectual Property. The conduct of the business of each Seller Entity the Delanco Entities and the use of any Intellectual Property by each Seller Entity Delanco and its Subsidiaries does not infringe, misappropriate or otherwise violate the Intellectual Property rights of any other Personperson. No Person has asserted to Seller Delanco in writing that Delanco or any Seller Entity of its Subsidiaries has infringed, misappropriated or otherwise violated the Intellectual Property rights of such Personperson. The validity, continuation and effectiveness of all licenses and other agreements relating to Intellectual Property used by any Seller Delanco Entity in the course of its business and the current terms thereof will not be affected by the transactions contemplated by this Agreement. At and after the Effective Time, the use of the “Spirit of Texas Bancshares,Delanco Federal Savings Bank” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” trademark and “Spirit of Texas Bank SSB” trademarks will trade name shall be transferred to Buyer or Buyer First Bank in connection with the transactions contemplated by this Agreement Merger and after the Effective Time, no Person besides Buyer First Bank (or another First Bank Entity, if applicable) shall have right and title to the “Spirit of Texas Bancshares,Delanco Federal Savings Bank” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Bank,” and “Spirit of Texas Bank SSB” trademarks trademark and trade namesname. All of the Seller Entities’ The Delanco Bank’s right to the use of and title to the names name “Spirit of Texas Bancshares,” “Spirit of Texas Bancshares, Inc.,” “Spirit of Texas Delanco Federal Savings Bank,” and “Spirit of Texas Bank SSB” will not be transferred to Buyer in connection with the completion adversely impacted by consummation of the transactions contemplated by this Agreement. (b) (i) The computer, information technology and data processing systems, facilities and services used by the Seller EntitiesDelanco and each of its Subsidiaries, including all software, hardware, networks, communications facilities, platforms and related systems and services (collectively, the “Systems”), are reasonably sufficient for the conduct of the respective businesses of the Seller Entities Delanco and its Subsidiaries as currently conducted and (ii) the Systems are in good working condition to effectively perform all computing, information technology and data processing operations necessary for the operation of the respective businesses of the Seller Entities Delanco and each of its Subsidiaries as currently conducted. To SellerDelanco’s Knowledge, no third party or Representative has gained unauthorized access to any Systems owned or controlled by Delanco or any Seller Entityof its Subsidiaries, and Delanco and each Seller Entity has of its Subsidiaries have taken commercially reasonable steps and implemented commercially reasonable safeguards to ensure that the Systems are secure from unauthorized access and free from any disabling codes or instructions, spyware, Trojan horses, worms, viruses or other software routines that permit or cause unauthorized access to, or disruption, impairment, disablement, or destruction of, software, data or other materials. Each Seller Entity Delanco and each of its Subsidiaries has implemented backup and disaster recovery policies, procedures and systems consistent with generally accepted industry standards and sufficient to reasonably maintain the operation of the respective businesses of the Seller Entities Delanco and each of its Subsidiaries in all material respects. Each Seller Entity has implemented and maintained commercially reasonable measures and procedures designed to reasonably mitigate the risks of cybersecurity breaches and attacks. (c) Each Seller Entity Delanco and each of its Subsidiaries has (i) complied in all material respects with all applicable Laws which govern the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, transmission or transfer of the personal data or information of customers or other individuals (“Personally Identifiable Information”) and similar Laws governing data privacy, and with all of its published privacy and data security policies and internal privacy and data security policies and guidelines, including with respect to the receipt, collection, compilation, use, storage, processingtransmission, sharing, safeguarding, security, disposal, destructiontransfer, disclosure, transmission or transfer destruction and use of Personally Identifiable Information personally identifiable information and (ii) taken commercially reasonable measures to ensure that all Personally Identifiable Information personally identifiable information in its possession or control is protected against loss, damage, and unauthorized access, use, modification, or other misuse. To SellerDelanco’s Knowledge, there has been no loss, damage, or unauthorized access, use, modification, or other misuse of any such Personally Identifiable Information information by Delanco, any Seller Entity of its Subsidiaries or any other Personperson.