privacy of Personal Information, and contractual obligations involving Personal Information and cybersecurity (together, “Privacy Requirements”), except as would not reasonably be expected to have, individually or in the aggregate, a Company Material Adverse Effect. As of the date hereof, the Company has not received written notice of any claims against the Acquired Companies by any Person alleging a violation of Privacy Laws and/or Privacy Requirements. To the Knowledge of the Company, as of the date hereof, there have been no (i) material losses or thefts of, or material security breaches relating to, Personal Information in the possession, custody or control of any Acquired Company, (ii) material unauthorized access or material unauthorized use of any Personal Information in the possession, custody, or control of any Acquired Company or (iii) material unauthorized disclosure of any Personal Information in the possession, custody or control of any Acquired Company.
Section 4.17. Foreign Corrupt Practices Act. Since January 1, 2021, none of the Acquired Companies, nor to the Knowledge of the Company, any of their respective directors, officers, employees, agents, or representatives (in each case, while acting on behalf of the Acquired Companies) have: (a) directly or indirectly, made, offered, promised or authorized any payment or gift of any money or anything of value to or for the benefit of any “foreign official” (as such term is defined in the U.S. Foreign Corrupt Practices Act of 1977, as amended (the “FCPA”)), foreign political party or official thereof or candidate for foreign political office for the unlawful purpose of (i) influencing any official act or decision of such official, party or candidate, (ii) inducing such official, party or candidate to use his, her or its influence to affect any act or decision of a foreign governmental authority, or (iii) securing any improper advantage, in the case of clauses (i), (ii) and (iii) above in order to assist the Acquired Companies or any of its Affiliates in obtaining or retaining business for or with, or directing business to, any Person; or (b) made or authorized any bribe, rebate, payoff, influence payment, kickback or other unlawful payment of funds or received or retained any funds in violation of any Law, rule or regulation. The Acquired Companies further represent that they have maintained systems of internal controls and procedures to promote compliance with the FCPA. None of the Acquired Companies, and to the Knowledge of the Company, none of its or any of the Acquired Companies’ officers, directors, employees, agents, or representatives (in each case, while acting behalf of the Acquired Companies), are the subject of any allegation, voluntary disclosure, investigation, prosecution or other enforcement action related to the FCPA or any other applicable anti-corruption Law.
Section 4.18. Trade Control Laws. Since January 1, 2021, the Acquired Companies have been in material compliance with all applicable import, export control, and economic and trade sanctions Laws, regulations, statutes, and orders, including, but not limited to, the Export Administration Regulations, the International Traffic in Arms Regulations, the regulations administered by the Office of Foreign Assets Control of the U.S. Department of the Treasury, and the Tariff Act of 1930, as amended, and have obtained, or are otherwise qualified to rely upon, all necessary import and export licenses, consents, notices, waivers, approvals, orders, authorizations, registrations, declarations or other authorizations from, and made any required filings with, any Governmental Entity required for (i) the import, export, and reexport of products, services, software and technologies and (ii) releases of technologies and software to foreign nationals.
Section 4.19. CFIUS. None of the Acquired Companies (a) are a “TID U.S. Business” as defined in the Department of the Treasury’s Office of Investment Security regulations at 31 C.F.R. § 800.248; (b) produce, design, test, manufacture, fabricate, or develop any “critical technologies” as defined at 31 C.F.R. § 800.215; (c) maintain or collect “sensitive personal data” as defined in 31 C.F.R. § 800.241; or (d) own, operate, manufacture, service or supply any “covered investment critical infrastructure” as defined in 31 C.F.R. § 800.212.
45