PAGES2ENCRYPT PRIVACY STATEMENT

Information you provide to us

Personal information you may provide to us through the Platform or otherwise includes:

• Contact data, such as your first and last name, salutation, email address, mailing address, professional title and company name, and phone number.
• Communications data based on our exchanges with you, including when you contact us through the Platform, social media, email or otherwise.
• Research data, such as your responses to surveys that we might ask you to complete for research purposes related to our business.
• Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
• Authentication data obtained via third-party OAuth providers (including access tokens, refresh tokens, and account identifiers), as well as associated user information such as email address and profile data from such services, used to authorize and maintain your account access on the Platform.
• Payment data needed to complete transactions, including payment card information or bank account number. Payment data is collected directly by our payment processor, Stripe, as described further below.
• Other data not specifically listed here, which we will use as described in this Privacy Statement or as otherwise disclosed at the time of collection.

Third-party sources

We may combine personal information we receive from you with personal information we obtain from other sources, such as:

• Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
• Data providers, such as information services and data licensors that provide demographic and other information that we use to provide the Platform.

Automatic data collection

We, our service providers, and our business partners may automatically log certain data about you, your computer or mobile device, and your interaction over time with the Platform, our communications and other online services, such as:

• Device data, such as your computer or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 5G), and general location information such as city, state or general geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing the Platform, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
• Communication interaction data, such as your interactions with our email, or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.

Cookies and similar technologies

Some of the automatic collection described above is facilitated by the following technologies:

• Cookies, which are small text files that websites store on user devices to allow web servers to record users' web browsing activities and remember their submissions, preferences, and login status as they navigate a site. Cookies used on our sites include both "session cookies" that are deleted when a session ends, "persistent cookies" that remain longer, "first party" cookies that we place and "third party" cookies that our service providers place.
• Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
• Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

We may use cookies to allow the technical operation of the Platform, enhance the functionality of the Platform, and help us understand user activity on the Platform (including which pages are most and least visited and how visitors move around the Platform, as well as user interactions with our emails).

Platform delivery and operations

We may use your personal information to:

• provide, operate and improve the Platform and our business;
• communicate with you about the Platform, including by sending announcements, updates, security alerts, and support and administrative messages;
• understand your needs and interests, and personalize your experience with the Platform and our communications; and
• provide support for the Platform, and respond to your requests, questions and feedback.

Research and development

We may use your personal information for research and development purposes, including to analyze and improve the Platform and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We convert personal information into anonymous or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Platform and promote our business.

Marketing

We and our service providers may collect and use your personal information to send you direct marketing communications. You may opt-out of our marketing communications as described in the "Opt-out of marketing" section below.

Compliance and protection

We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• protect our, your or others' rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern the Platform; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent

In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

Right to Know.

You have the right know the categories of personal information we collect and the purpose for which we use it including:

• The categories of personal information we collected. Please see the section above entitled "PERSONAL INFORMATION WE COLLECT";
• The sources from which personal information was collected. Please see the section above entitled "PERSONAL INFORMATION WE COLLECT";
• The commercial purpose for collecting personal information (in accordance with the services offered through the Platform). Please see the section above entitled "HOW WE USE YOUR PERSONAL INFORMATION";
• The categories of third parties with whom we shared personal information. Please see the section above entitled "HOW WE SHARE YOUR PERSONAL INFORMATION"; and
• The specific pieces of personal information we have collected about you.

We disclose the following categories of personal information for business or commercial purposes to the categories of recipients listed below:

• We disclose Basic Identifying Information with service providers and third parties, such as analytics, payment processors and anti-money laundering software.
• We disclose de-identified geolocation data with businesses, service providers, and third parties such as analytics.

The above noted information is shared. We do not sell your personal information. We typically retain your information for as long as necessary or relevant for the listed purposes in this Privacy Statement, or as required by any applicable legal and regulatory retention obligations.

The Right to Request and the Right to Access.

You have the right to request and obtain access to personal information about you that we have collected, used or disclosed over the past 12 months including those categories above. If you would like more information, please submit a request to contact@pages2encrypt.com.

Right to Correct or Delete.

You have the right to request that we correct or delete the personal information we have collected from you over the last 12 months. If you request that we delete your information, there are some exceptions pursuant to which we are not permitted to delete your personal information.

Right to Limit the Use of Sensitive Personal Information.

California residents have the right to limit the use of sensitive personal information. We only collect sensitive personal information, as defined by applicable California law, with your consent and only use the sensitive personal information for the use disclosed at the time of collection. We do not use sensitive personal information for inferring characteristics about you.

Right Not to Be Discriminated Against.

You have the right not to be discriminated against for exercising your consumer privacy rights under the CCPA.

Right Not to Sell or Share My Personal Information.

The CCPA gives California residents the right to ask companies not to sell to or share their personal information with third parties. We do not sell your personal information. Other than as described in the foregoing, we do not share your personal information. If you are a California resident and would like to exercise your CCPA rights, correct or delete your personal information, please contact us at contact@pages2encrypt.com.