amendment or supplement thereto, at the time it was delivered, complied and will comply in all material respects with any applicable laws or regulations of foreign jurisdictions in which the same is distributed. The Company has not offered, or caused the Representatives to offer, Reserved Securities to any person with the specific intent to unlawfully influence (i) a customer or supplier of the Company or any of its affiliates to alter the customers or suppliers level or type of business with any such entity or (ii) a trade journalist or publication to write or publish favorable information about the Company or any of its affiliates, or their respective businesses or products.
(xxxvii) Lending Relationship. The Company (i) does not have any material lending or other relationship with any bank or lending affiliate of any Underwriter and (ii) does not intend to use any of the proceeds from the sale of the Securities to repay any outstanding debt owed to any affiliate of any Underwriter.
(xxxviii) Statistical and Market-Related Data. Any statistical and market-related data included in the Registration Statement, the General Disclosure Package or the Prospectus are based on or derived from sources that the Company believes, after reasonable inquiry, to be reliable and accurate and, to the extent required, the Company has obtained the written consent to the use of such data from such sources.
(xxxix) No Rated Debt. No securities issued or guaranteed by, or loans to, the Company are rated by any nationally recognized statistical rating organization (as defined by the Commission in Section 3(a)(62) of the 1934 Act).
(xl) Data Privacy and Security Laws. The Company and its subsidiaries are, and at all prior times were, in material compliance with all applicable data privacy and security laws and regulations, including without limitation HIPAA and the HITECH Act, and the Company and its subsidiaries have taken commercially reasonable actions to prepare to comply with the European Union General Data Protection Regulation (GDPR) (EU 2016/679) and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with same would be reasonably likely to create a material liability (collectively, the Privacy Laws). To the Companys knowledge, since May 25, 2018, the Company and its subsidiaries have been and currently are in material compliance with the GDPR. To ensure material compliance with the Privacy Laws, the Company and its subsidiaries have taken, and currently take, commercially reasonable steps reasonably designed to ensure compliance in all material respects with Privacy Laws relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data that the Company has collected, and collects, or is in the Companys possession. Personal Data means (i) a natural persons name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, drivers license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as personally identifying information under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) personal data as defined by GDPR, and (v) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified persons health or sexual orientation. The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable Privacy Laws, except where the failure to do so would not, individually or in the aggregate, have a Material Adverse Effect. None of such disclosures made have been inaccurate, misleading, deceptive or in violation of any Privacy Laws in any material respect. The execution, delivery and performance of this Agreement or any other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws. The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law, except, in the case of (i), (ii), or (iii), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
(xli) Cybersecurity; Data Protection. (A) There has been no security breach or incident, unauthorized access or disclosure, or other compromise of or relating to the Company or its subsidiaries information technology and computer systems, networks, hardware, software, data and databases (including the data and information of their respective customers, employees, suppliers, vendors and any third party data maintained, processed or stored by the Company and its subsidiaries, and any such data processed or stored by third parties on behalf of the Company and its subsidiaries), equipment or technology (collectively, IT Systems and Data): (B) neither the Company nor its subsidiaries have been notified of, and have no knowledge of any event or condition that would result in, any security breach or incident, unauthorized access or disclosure or other compromise to their IT Systems and Data and (C) the Company and its subsidiaries have