prepared. The Company’s certifying officers have evaluated the effectiveness of the Company’s controls and procedures as of a date within 90 days prior to the filing date of the Form 10-K for the fiscal year most recently ended (such date, the “Evaluation Date”). The Company presented in its Form 10-K for the fiscal year most recently ended the conclusions of the certifying officers about the effectiveness of the disclosure controls and procedures based on their evaluations as of the Evaluation Date. Since the Evaluation Date, there have been no significant changes in the Company’s internal controls (as such term is defined in Item 307(b) of Regulation S-K under the Securities Act) or, to the Company’s knowledge, in other factors that could significantly adversely affect the Company’s internal controls. To the knowledge of the Company, the Company’s “internal controls over financial reporting” and “disclosure controls and procedures” are effective.
(gg) Open Source Software. (i) The Company uses and has used any and all software and other materials distributed under a “free,” “open source,” or similar licensing model (including but not limited to the MIT License, Apache License, GNU General Public License, GNU Lesser General Public License and GNU Affero General Public License) (“Open Source Software”) in material compliance with all license terms applicable to such Open Source Software; and (ii) except as would not reasonably be expected, individually or in the aggregate, to result in a Material Adverse Effect, the Company has not used or distributed and does not use or distribute any Open Source Software in any manner that requires or has required (A) the Company to permit reverse engineering of any software code or other technology owned by the Company or (B) any software code or other technology owned by the Company to be (1) disclosed or distributed in source code form, (2) licensed for the purpose of making derivative works or (3) redistributed at no charge.
(hh) Data Security. (i) The Company has complied in all material respects and is presently in compliance in all material respects with all contractual obligations, industry standards, applicable laws, statutes, judgments, orders, rules and regulations of any court or arbitrator or other governmental or regulatory authority and any other legal obligations, in each case, relating to the collection, use, transfer, import, export, storage, protection, disposal and disclosure by the Company of personal, personally identifiable, household, sensitive, confidential or regulated data (“Data Security Obligations”, and such data, “Data”); (ii) the Company has not received any notification of or complaint regarding and is unaware of any other facts that, individually or in the aggregate, would reasonably be expected to have a Material Adverse Effect; and (iii) except as would not reasonably be expected, individually or in the aggregate, to result in a Material Adverse Effect, there is no action, suit or proceeding by or before any court or governmental agency, authority or body pending or, to the Company’s knowledge, threatened alleging non-compliance with any Data Security Obligation nor are there any incidents under internal review or investigations relating to the same.
(ii) Data Protection; No Breaches. The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases are adequate for, and operate and perform in all material respects as required in connection with, the operation of the business of the Company as currently conducted, and, to the Company’s knowledge, are free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has taken commercially reasonably steps to protect the information technology systems and Data used in connection with the operation of
16