Company or any of its subsidiaries in compliance with all license terms applicable to such Open Source Software; and (ii) neither the Company nor any of its subsidiaries uses or distributes
or has used or distributed any Open Source Software in any manner that requires or has required (A) the Company or any of its subsidiaries to permit reverse engineering of any such software owned by the Company or any of its subsidiaries or
(B) any source code of such software code owned by the Company or any of its subsidiaries to be (1) disclosed or distributed in source code form, (2) licensed for the purpose of making derivative works or (3) redistributed at no
charge.
(x) Except as would not, individually or in the aggregate, reasonably be expected to have a material adverse effect on the
Company and its subsidiaries, taken as a whole, (i) the Company and each of its subsidiaries have complied and are presently in compliance with all of their internal and external privacy policies, and contractual obligations, industry
standards, and applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, processing,
transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data or information (Data Security
Obligations, and such data and information, Personal Data); (ii) the Company and its subsidiaries have not in the past three years received any written notification of or written complaint regarding, and are unaware of
any other facts that, individually or in the aggregate, would reasonably indicate, non-compliance with any Data Security Obligation by the Company or any of its subsidiaries; and (iii) there is no action,
suit or proceeding by or before any court or governmental agency, authority or body pending or, or to the Companys knowledge, threatened, against the Company or any of its subsidiaries alleging
non-compliance with any Data Security Obligation by the Company or any of its subsidiaries.
(y)
Except as would not, individually or in the aggregate, reasonably be expected to have a material adverse effect on the Company and its subsidiaries, taken as a whole, (i) the Companys and its subsidiaries respective information
technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, technology, data and databases (including Personal Data and the data and information of their respective customers, employees, suppliers,
vendors and any third party data maintained, processed or stored by or on behalf of the Company and its subsidiaries) used in connection with the operation of the Companys and its subsidiaries respective businesses (collectively,
IT Systems) are adequate for, and operate and perform as required in connection with, the operation of the business of the Company and its subsidiaries as currently conducted, and, to the Companys knowledge, the IT Systems
are free and clear of all bugs, errors, and defects, Trojan horses, time bombs, malware and other corruptants; (ii) the Company and each of its subsidiaries have taken commercially reasonable technical and organizational measures designed to
protect the IT Systems, and without limiting the foregoing, the Company and its subsidiaries have used commercially reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with, reasonable information
technology, information security, cybersecurity and data protection controls, policies and procedures that are designed to protect against and prevent breach, destruction, loss, unauthorized
9