otherwise make available such proceeds to any Subsidiary, joint venture partner or other person or entity, for the purpose of financing the activities of any person currently subject to any U.S. sanctions administered by OFAC. For purposes of this section, no person shall be an affiliate of the Company solely by reason of owning less than a majority of any class of voting securities of the Company.
(mm) (i) The Company and its Subsidiaries use and have used any and all software and other materials distributed under a “free,” “open source,” or similar licensing model (including but not limited to the MIT License, Apache License, GNU General Public License, GNU Lesser General Public License and GNU Affero General Public License) (“Open Source Software”) in compliance with all material license terms applicable to such Open Source Software; and (ii) neither the Company nor any of its Subsidiaries uses or distributes or has used or distributed any Open Source Software in any manner that requires or has required (A) the Company or any of its Subsidiaries to permit reverse engineering of any software code or other technology owned by the Company or any of its Subsidiaries or (B) any software code or other technology owned by the Company or any of its Subsidiaries to be (1) disclosed or distributed in source code form, (2) licensed for the purpose of making derivative works or (3) redistributed at no charge.
(nn) Except as would not have a material adverse effect on the Company and its Subsidiaries, taken as a whole, (i) the Company and each of its subsidiaries have complied and are presently in compliance with all internal and external privacy policies, contractual obligations, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company or any of its subsidiaries of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”, and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding non-compliance with any Data Security Obligation; and (iii) of there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or, to the knowledge of the Company, threatened alleging non-compliance with any Data Security Obligation.
(oo) The Company and each of its Subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, the “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its Subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and each of its Subsidiaries have taken reasonable technical and organizational measures to protect the IT Systems and Data used in connection with the operation of the Company’s and its Subsidiaries’ businesses. Without limiting the foregoing, the Company and its Subsidiaries have used reasonable efforts to establish and maintain, and have established, maintained, implemented and complied with, reasonable information technology, information security, cyber security and data protection controls, policies and procedures, including oversight, access controls, encryption, technological and physical safeguards and business continuity/disaster recovery and security plans that are designed to protect against and prevent breach, destruction, loss, unauthorized distribution, use, access, disablement, misappropriation or modification, or other compromise or misuse of or relating to any IT System or Data used in connection with the operation of the Company’s and its Subsidiaries’ businesses (“Breach”). To the Company’s knowledge, there has been no such material Breach, and the Company and its Subsidiaries have not been notified of and have no knowledge of any event or condition that would reasonably be expected to result in, any such material Breach.
12