governmental or regulatory entity, any other legal obligations, and applicable data privacy and security laws and regulations, including, without limitation, the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (42 U.S.C. Section 17921 et seq.); the California Consumer Privacy Act (“CCPA”); the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, “Privacy Laws”) and any other applicable contractual obligation, in each case relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its Subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”). To ensure compliance with the Data Security Obligations, the Company and its Subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural persons’ name, street address, telephone number, email address, photograph, social security number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. To the Knowledge of the Company, the execution, delivery and performance of this Agreement, any Terms Agreement or any other agreement referred to in this Agreement will not result in a breach of any Privacy Laws or Policies. Neither the Company nor any of its Subsidiaries (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation or other corrective action pursuant to any Privacy Law; (iii) is a party to any order, decree, or agreement that imposed any obligation or liability under any Privacy Law or (iv) is a party to any action, suit or proceeding by or before any court or governmental agency, authority or body pending or threatened alleging non-compliance with any Data Security Obligation.
(x) Tax Law Compliance. The Company and its Subsidiaries each (i) have timely filed all necessary federal, state, local and foreign tax returns, and all such returns were true, complete and correct in all material respects, (ii) have paid all federal, state, local and foreign taxes, for which it is liable, including, without limitation, all sales and use taxes and all taxes which the Company or any of its Subsidiaries is obligated to withhold from amounts owing to employees, creditors and third parties, and (iii) do not have any tax deficiency or claims outstanding or assessed or, to its Knowledge, proposed against any of them, except those, in each of the cases described in clauses (i), (ii) and (iii) above, that would not reasonably be expected to, singularly or in the aggregate, have a Material Adverse Effect.
(y) Company Not an “Investment Company”. The Company has been advised of the rules and requirements under the Investment Company Act of 1940, as amended (the “Investment Company Act”). The Company is not, and after receipt of payment for the