I. Personal Data Collected, Processed, and Disclosed by Personify (Including Sources, Purposes and Third-Party Recipients)

The table below includes the categories of personal data that Personify has collected within the last twelve (12) months, as well as categories of personal data Personify currently collects or reasonably anticipates collecting moving forward.  For each category of personal data, the table also identifies: (1) the sources from which such categories of personal data have been or may be collected; (2) the business or commercial purposes for which such categories of personal data have been or may be collected; and (3) the categories of third parties with which Personify has shared or may share such categories of personal data.

IDENTIFIERS

(e.g., information regarding your name, unique personal identifier, online identifier, Internet Protocol (IP) address, postal address, phone number, and email address)

and

PERSONAL INFORMATION CATEGORIES IN CALIFORNIA CUSTOMER RECORDS STATUTE

(Cal. Civ. Code § 1798.80(e))

(e.g., information regarding your name, address, phone number, bank account number, credit or debit card number, education, employment history, and medical information, health information, and health insurance information if such information is collected by our clients)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Our affiliates
  • Individuals (i.e., visitors on our Sites; attendees and organizers of conferences, seminars, and tradeshows)
  • Potential and actual clients
  • Content syndication vendors
  • Marketing list providers
  • Trade show sponsors
  • Website analytics service providers
  • Portal service providers (e.g., career portal)
  • Social media providers
  • Other service providers
  • Third parties that interact with us in connection with the services we perform
  • Governmental entities

PURPOSES 
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Providing requested information and services (e.g., pertinent to a product, service, or event), and otherwise communicating with clients, potential clients, and users of our Sites
  • Enabling users to communicate with others through our forums
  • Performing services on behalf of our clients
  • Monitoring and enhancing the quality of services provided
  • Marketing our products and services
  • Undertaking internal research for technological development and demonstration
  • Undertaking activities to verify or maintain the quality and safety of our services, and to improve, upgrade, or enhance the services
  • Sharing files through secure sites
  • Managing Site administration, account access, and identify authentication
  • Meeting our regulatory reporting requirements
  • Customizing and improving Site content, user experience, and Site functionality
  • Diagnosing, debugging, and repairing Site issues that impair intended functionality
  • Troubleshooting technology issues
  • Protecting against malicious, deceptive, fraudulent, or illegal activity and prosecuting those responsible for that activity
  • Detecting security incidents, ad responding to reports of security or technical issues with our Sites
  • Protecting our legal interests and meeting our legal obligations
  • Providing requested career or contracting information
  • Considering applicants for potential positions or opportunities
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization
  • Payment processing
  • Analyzing Site usage

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Our affiliates
  • Our clients
  • Website analytics service providers
  • Portal service providers (e.g., career portal)
  • Third-party authentication providers
  • Third-party electronic payment providers
  • Digital publishing partners
  • Website content management system providers
  • Other service providers
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Our independent contractors
  • Governmental entities
  • Litigants, court personnel, and providers of litigation-related services

CHARACTERISTICS OF PROTECTED CLASSIFICATIONS UNDER CALIFORNIA OR FEDERAL LAW

(e.g., information regarding your race, gender, veteran or military status, and disability or disabilities)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Personify affiliates
  • Individuals (i.e., visitors on our Sites; attendees and organizers of conferences, seminars, and tradeshows)
  • Portal service providers (e.g., career portal)
  • Other service providers

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Providing requested career, contracting or other information
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization
  • Considering applicants for potential positions or opportunities
  • Meeting our regulatory reporting requirements
  • Protecting our legal interests and meeting our legal obligations

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Portal service providers (e.g., career portal)
  • Other service providers
  • Litigants, court personnel, and providers of litigation-related services
  • Governmental entities
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Personify independent contractors

COMMERCIAL INFORMATION

(e.g., records of personal property; information regarding products or services you have purchased or obtained from us)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Our affiliates
  • Individuals (i.e., visitors on our Sites; attendees and organizers of conferences, seminars, and tradeshows)
  • Potential and actual clients
  • Governmental entities
  • Third parties that interact with us in connection with the services we perform
    Service providers

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Providing requested information and services
  • Performing services on behalf of our clients
  • Marketing Personify services and products
  • Monitoring and enhancing the quality of services provided
  • Diagnosing, debugging, and repairing Site issues that impair intended functionality
  • Protecting our legal interests and meeting our legal obligations
  • Providing information pertinent to an actual or potential merger, acquisition, or reorganization

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Governmental entities
  • Litigants, court personnel, and providers of litigation-related services
    Personify independent contractors
  • Service providers
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization

INTERNET OR OTHER SIMILAR NETWORK ACTIVITY

(e.g., information regarding your browsing history and interaction with our Sites)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Personify affiliates
  • Individuals (i.e., visitors on our Sites)
  • Website analytics service providers
  • Other service providers
  • Cookies and similar technologies (see the Cookies & Similar Technologies section below for additional information)

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Analyzing Site usage and improving Site content
  • Managing Site administration
  • Protecting our legal interests and meeting our legal obligations
  • Diagnosing and repairing Site issues
  • Customizing and improving user experience and Site functionality
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Personify independent contractors
  • Website analytics service providers
  • Website content management system provider(s)
  • Other service providers
  • Governmental entities
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Litigants, court personnel, and providers of litigation-related services

GEOLOCATION DATA

(e.g., information regarding the geographic location of the device you use to connect to our Sites)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Personify affiliates
  • Individuals (i.e., visitors on our Sites)
  • Website analytics service providers
  • Other service providers

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Analyzing Site usage and improving Site content
  • Managing Site administration
  • Protecting our legal interests and meeting our legal obligations
  • Diagnosing and repairing Site issues
  • Customizing and improving user experience and Site functionality
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Website analytics service providers
  • Other service providers
  • Governmental entities
  • Litigants, court personnel, and providers of litigation-related services
  • Website content management system providers
  • Personify independent contractors
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization

SENSORY DATA

(e.g., audio, electronic, or similar information)

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Personify affiliates
  • Individuals (i.e., visitors on our Sites; individuals who interact with us via video conferencing or telephone)
  • Potential and actual Personify clients
  • Service providers

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Communicating with potential and actual Personify clients
  • Providing requested information and services
  • Improving client services
  • Information security purposes
  • Protecting our legal interests and meeting our legal obligations
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Personify independent contractors
  • Governmental entities
  • Providers of videoconferencing services
  • Other service providers
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Litigants, court personnel, and providers of litigation-related services

PROFESSIONAL OR EMPLOYMENT-RELATED INFORMATION
(e.g., information regarding your career interests, current job title and business name, salary requirements, education, experience, skills, work history, and resume)

SOURCES

(i.e., categories of sources from which such personal data was or may be collected)

  • Individuals (i.e., visitors on our Sites; attendees and organizers of conferences, seminars, tradeshows, and career fairs)
  • Personify affiliates
  • Career portal service providers
  • Social media providers
  • Other service providers
  • Third parties that interact with us in connection with the services we perform

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Providing requested career or contracting information
  • Considering applicants for potential positions or opportunities
  • Meeting our regulatory reporting requirements
  • Protecting our legal interests and meeting our legal obligations
  • Providing information pertinent to an actual or potential merger, acquisition, or other reorganization

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Personify has shared or may share such personal data for a business or commercial reason)

  • Personify affiliates
  • Personify independent contractors
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Portal service providers (e.g., career portal; supplier portal)
  • Litigants, court personnel, and providers of litigation-related services
  • Other service providers
  • Governmental entities

A. NO SALE OF PERSONAL DATA

Personify has not sold personal data for any business or commercial purpose at any point in time during the twelve (12) months prior to the effective date of this Privacy Policy. Personify similarly does not sell any personal data of minors under 16 years of age under any circumstances, including with or without affirmative authorization. Personify does not and will not sell personal data.

B. LEGAL GROUNDS FOR COLLECTING AND PROCESSING PERSONAL DATA

CONSENT. The legal ground for processing your personal data that we collect when you provide us with specific permission to do so, is your consent, which you may withdraw at any time by clicking on any unsubscribe link that we provide or by emailing privacy@personifycorp.com.

CONTRACTUAL NECESSITY. We may process your personal data when it is necessary in order to enter into a contract with you (e.g., if you request that we provide you a quote for potential services) or when it is necessary for the performance of a contract to which you are a party (e.g., processing credit card details in order to effect payment).

COMPLIANCE WITH LEGAL OBLIGATIONS. We also may conduct certain personal data processing activities for purposes of meeting our legal obligations in the EU and in EU member states (e.g., our regulatory retention obligations).

VITAL INTERESTS. Under special circumstances (e.g., in connection with natural disasters or emergency situations), we may need to process your personal data in order to protect the vital interests of you or one or more persons.

LEGITIMATE INTERESTS. The last legal ground for processing the personal data that we collect for other purposes identified in the table above are Personify’s legitimate interests in providing client services; providing quality support to clients, potential clients, and Site users; providing conference, seminar, or tradeshow attendees with pertinent event information; providing clients and potential clients with marketing materials to promote our services and products; providing clients with secure sites for project collaboration and large file sharing; identifying qualified candidates to fill our open positions or available contracting opportunities; maintaining compliance with applicable global laws and regulations; providing more relevant content for users of our Sites; identifying and fixing problems with our Sites; understanding how our clients interact with our products, services, apps and websites so we can enhance the client experience and functionality of our products, services, apps and websites; and improving the overall user experience on our Sites.

III. THIRD-PARTY PRIVACY PRACTICES

Our Sites may provide links to other third-party Internet sites as a service to you. We are not responsible for the privacy practices of such other third-party Internet sites. If you link to such a site through our Sites, you should always review any privacy notice that is available for that site. For example, NextRoll provides Personify with marketing and digital media services. You may review NextRoll’s Privacy Notice at this link.

If you choose to log in to our career portal with your social media credentials (e.g., Facebook, Google, LinkedIn, Microsoft), your social media provider may provide our career portal service provider with your profile, picture, experience, education, skills, recommendations, current city, email address, phone number, work history, and other personal data. The specific information we and our career portal service provider receive, and the handling of personal data by your social media provider will be governed by your social media provider’s privacy policy.

IV. CHILDREN’S PRIVACY

Our Sites are not directed to individuals under the age of 16, and we do not collect and process such data for our own purposes. However, some of our clients may collect the personal data of individuals under 16 years of age through or on our Sites. Each of our clients is responsible for its own data collection and privacy and security practices. If you or your child submit personal data to one of our clients, you should review our client’s privacy policy to obtain information about our client’s data collection and privacy practices, including its parental or guardian consent practices. No personal data should be submitted to our Sites directly by visitors under 16 years of age. If we learn that we have collected personal data directly from someone under 16, we will take steps to delete the personal data as soon as possible.

V. RETENTION OF PERSONAL DATA

Personify will retain your personal data for the time period necessary to fulfill the purposes for which your personal data was originally collected or received and to meet our legal obligations.

VI. PROTECTING YOUR PERSONAL DATA

We implement technical and organizational measures designed to assist in maintaining the security and confidentiality of personal data; safeguarding against anticipated threats to the confidentiality, integrity, and availability of personal data; and protecting your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized access or disclosure.

However, whenever personal data is processed, there is a risk that such data could be lost, misused, modified, hacked, breached, and/or otherwise accessed by an unauthorized third party. No system or online transmission of data is completely secure. In addition to the technical and organizational measures that we have in place to protect your personal data, you should use appropriate security measures to protect your personal data. If you believe that any personal data you provided to us is no longer secure, please notify us immediately at privacy@personifycorp.com.

VII. CALIFORNIA PRIVACY RIGHTS

California residents have certain rights under California privacy law, including but not limited to the California Consumer Privacy Act (“CCPA”), which gives California residents (“consumers” or “you”) certain rights and control over their personal data. This section of our Privacy Policy applies solely to Site visitors, users, and other persons whose personal data we collect and/or maintain who reside in the State of California.

Terms used in this Section, but not otherwise defined, will have the same meaning as those terms in the CCPA.

The following are the rights provided by the CCPA to California residents: First, you have the right to request that we disclose information about the personal information we collect, use, disclose and/or sell concerning you. Second, you have the right to request the deletion of personal information we have collected or maintain about you, subject to any exceptions set forth in the CCPA or related regulations. Third, you have the right to direct any business that sells your personal data not to sell your personal data. Fourth, you have the right to not receive discriminatory treatment for exercising your rights under the CCPA.

Additionally, under California’s “Privacy Rights for California Minors in the Digital World” law, California residents under the age of 18 have the right to request removal of certain content that such persons have publicly posted on our Sites. There may be circumstances under which the law does not require or permit removal even if requested. Additionally, complete or comprehensive removal of content or information posted on the site or app cannot be ensured. If you are a California resident under the age of 18 who seeks removal of any personal data that you have posted on our Sites, please submit your request using one of the methods set forth in Section X of this Privacy Policy.

VIII. EUROPEAN PRIVACY RIGHTS

A. GDPR AND U.K. PRIVACY RIGHTS
1. OVERVIEW OF GDPR and U.K. RIGHTS
If you reside in the European Union or the U.K., you have the right, subject to the conditions set forth in by applicable data protection law (i.e., the General Data Protection Regulation (GDPR) or the U.K. Data Protection Act 2018), to request access to and correction (i.e., rectification) or erasure of your personal data, to data portability, to restriction of processing of your personal data, to object to the processing of your personal data under certain circumstances, and to lodge a complaint with a supervisory authority. For more information about these rights, please visit the European Commission’s “My Rights” page relating to GDPR, which can be displayed in a number of languages.

2. RIGHT TO OBJECT TO PROCESSING OF PERSONAL DATA
FOR DIRECT MARKETING PURPOSES: You have the absolute right to object to the processing of your personal data for direct marketing purposes, including profiling for purposes of direct marketing
FOR PUBLIC INTEREST OR EXERCISE OF OFFICAL AUTHORITY: You have the right to object if the processing of your personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
FOR LEGITIMATE INTERESTS: You have the right to object if the processing of your personal data is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child

B. PRIVACY SHIELD RIGHTS
If you reside in the European Union or Switzerland and if Personify, Inc. collects or otherwise processes your personal data, you also have the right, under the Privacy Shield, to access and to correct, amend or delete your personal data where it is inaccurate or where it has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to your privacy or where the rights of other individuals would be violated.

If you reside in the European Union or Switzerland, your rights under the Privacy Shield include the right to notice of the choices and means that Personify, Inc. offers you for limiting the use and disclosure of your personal data. Personify, Inc. provides you with the opportunity to choose how your personal data may be used under certain circumstances. If your personal data is to be used for a new purpose that is materially different from that for which your personal data was originally collected or subsequently authorized, or if your personal data is to be disclosed to a third-party controller, Personify, Inc. will provide you with an opportunity to choose whether to have your personal data so used or disclosed. When sharing your personal data with third-party processors that Personify, Inc. has retained to perform services on its behalf and pursuant to its instructions, Personify, Inc. may disclose your personal data without offering an opportunity to opt out.
Personify, Inc. also provides you with specific rights related to any Sensitive Data. “Sensitive Data” under the EU-U.S. Privacy Shield Framework is defined as personal data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of an individual. Under the Swiss-U.S. Privacy Shield Framework, “Sensitive Data” means personal data specifying medical or health conditions, personal sexuality, racial or ethnic origin, political opinions, religious, ideological or trade union-related views or activities, or information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings. If your sensitive personal data is to be used for a new purpose that is different from that for which your sensitive personal data was originally collected or subsequently authorized, or is to be disclosed to a third party, Personify, Inc. will obtain your affirmative express consent prior to such use or such disclosure.

1. PRIVACY SHIELD RIGHT TO ACCESS, CORRECT, AMEND, OR DELETE
You may have the right to access and to correct, amend or delete your personal data where it is inaccurate or where it has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to your privacy or where the rights of other individuals would be violated.

2. PRIVACY SHIELD RIGHT TO CHOOSE
You have the right to receive notice of the choices and means that Personify, Inc. offers you for limiting the use and disclosure of your personal data. Personify, Inc. provides you with the opportunity to choose how your personal data may be used under certain circumstances. If your personal data is to be used for a new purpose that is materially different from that for which your personal data was originally collected or subsequently authorized, or if your personal data is to be disclosed to a third-party controller, Personify, Inc. will provide you with an opportunity to choose whether to have your personal data so used or disclosed. When sharing your personal data with third-party processors that Personify, Inc. has retained to perform services on its behalf and pursuant to its instructions, Personify, Inc. may disclose your personal data without offering an opportunity to opt out.

3. PRIVACY SHIELD RIGHTS RELATED TO SENSITIVE DATA
Personify, Inc. also provides you with specific rights related to any Sensitive Data. If your sensitive personal data is to be used for a new purpose that is different from that for which your sensitive personal data was originally collected or subsequently authorized, or is to be disclosed to a third party, Personify, Inc. will obtain your affirmative express consent prior to such use or such disclosure.
• “Sensitive Data” under the EU-U.S. Privacy Shield Framework is defined as personal data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of an individual.
• “Sensitive Data” under the Swiss-U.S. Privacy Shield Framework, is defined as personal data specifying medical or health conditions, personal sexuality, racial or ethnic origin, political opinions, religious, ideological or trade union-related views or activities, or information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.

IX. OTHER PRIVACY RIGHTS

If you are located outside California or the European Union, you may have privacy rights under your local laws.

X. EXERCISING PRIVACY RIGHTS

In this section, we provide an explanation of our process for permitting individuals to exercise any privacy rights to which they are entitled by law, for designating an authorized agent, and for verifying the identity of individuals who submit privacy right requests.
A. SUBMITTING REQUESTS TO EXERCISE PRIVACY RIGHTS
To exercise your rights described in this Privacy Policy, please submit a verifiable consumer request to us through one of the following methods:

SUBMISSION METHODS:
Emailing us at privacy@personifycorp.com;
Calling us at (877) 891-7681

SPECIAL PROCESS FOR DELETION REQUESTS: To help ensure that none of your information is inappropriately deleted, we utilize a two-step process for requests to delete personal data. First, you must submit a clear request to delete. Second, we contact you separately, and you must confirm to us that you do, in fact, want your personal data deleted.

SUBMISSION CONTENTS: Requests to exercise your privacy right(s) should include the following information:
Your name;
The country in which you currently reside, and if in the United States, the state in which you currently reside;
Which privacy right(s) you are exercising;
Details that will assist us in responding to your request, including:
If you are exercising access rights, the information to which you are requesting access;
If you are exercising deletion rights, the information for which you are requesting ‘deletion;
Any other relevant information about your personal data and/or the right you are exercising; and
A phone number and/or email address at which we can reach you.

B. DESIGNATING AN AUTHORIZED AGENT TO MAKE A REQUEST
Only you or a person that you authorize to act on your behalf may make a verifiable consumer request related to your personal data. If desired, you may designate an authorized agent to make a verifiable consumer request on your behalf by submitting such request to us via email at privacy@personifycorp.com with “Request for Authorized Agent” in the subject line. Before taking action in response to such a request, we will require your authorized agent to verify his/her authority and identity.

C. VERIFICATION OF REQUESTS
Before responding to your request to exercise your rights, we will verify your identity through reasonable verification measures.

Our verification processes may include requiring you to provide answers to questions pertaining to the information we have on file for you (e.g., your account number); requesting confirmation of the request using the your email address on file; or calling the phone number we have on file for you to confirm the request.
If we cannot verify your identity based on information we already have, we may request additional information from you. If this is necessary, we will only use the additional information for purposes of verifying your identity and for and fraud-prevention. And if we are unable to reasonably verify your identity (and thus unable to comply with your request), we will advise you why that is the case.

XI. DISABILITY ASSISTANCE

We are committed to ensuring that this Privacy Policy is accessible to everyone. Individuals with difficulty accessing information in this Privacy Policy are encouraged to contact us by email at privacy@personifycorp.com or by calling us at (877) 891-7681 to access the notice in another format.

XII. DO NOT TRACK

We do not track our Site users over time and across third-party websites and online services (e.g., mobile apps), and therefore we do not respond to Do Not Track signals. However, third parties may collect personal data relating to your online activities over time and across different sites and apps when you use our Sites in order to provide you with content that is likely to be of interest to you.

XIII. THIRD-PARTY MARKETING

We do not disclose personal data received through our Sites to third parties for their direct marketing use.

XIV. CROSS-BORDER TRANSFERS OF PERSONAL DATA

When you use our Site or Personify otherwise receives your personal data, your personal data will be stored on servers in the United States. If you are a member, customer, or employee of a Personify client, our client may transfer your personal data to us in the United States. If

The data protection and privacy laws of the United States may not be as comprehensive as the laws in your country. For example, personal data transferred to the United States may be subject to lawful access requests by federal and state authorities in the United States.

Personify, Inc. participates in and complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Personify, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern with respect to data processing by Personify, Inc. To learn more about the Privacy Shield program, and to view our certification, visit https://www.privacyshield.gov/. Personify, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, which has jurisdiction over Personify Inc.’s compliance with the Privacy Shield.

Personify, Inc. is committed to subject to the Privacy Shield Principles all personal data received from the European Union or Switzerland in reliance on the Privacy Shield. Personify, Inc. will remain responsible for any processing of personal data in a manner inconsistent with the Privacy Shield Principles by third party agents to which Personify, Inc. has transferred personal data unless Personify, Inc. proves it is not in any way responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Personify, Inc. is committed to resolving complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Personify, Inc. by email at privacy@personifycorp.com. Personify, Inc. has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you. Additionally, you may, under certain conditions, invoke binding arbitration for Privacy Shield complaints that are not resolved by any of the other Privacy Shield dispute resolution mechanisms.

XV. DATA CONTROLLER

Personal data received directly from clients and used by Personify itself for its business purposes, as well as personal data collected by us through our Sites, is controlled by Personify, Inc., which is headquartered at 6500 River Place Blvd, Bldg. III, Ste 125, Austin, TX 78730. If your personal data was collected by or on behalf of Personify (e.g., through our website), then such personal data is controlled by Personify, Inc., which is located at 6500 River Place Blvd, Bldg. III, Ste 125, Austin, TX 78730 and which you can contact by email at privacy@personifycorp.com. However, if your personal data was collected by or on behalf of one of our clients, then such personal data collection and usage is controlled by that client, with Personify assisting such client as a service provider (i.e., processor).

XVI. PRIVACY POLICY UPDATES

We will update this Privacy Policy at least once every twelve (12) months. We also may update this Privacy Policy from time to time as we add new services or offerings; as we improve our current services and offerings; and as technologies and laws change. It is our policy to post any changes we make to our Privacy Policy on our Sites. Any changes will become effective upon our posting of the revised Privacy Policy on the Sites. The date this Privacy Policy became effective is identified at the top of the first page. If we make material changes to how we treat the personal data that falls within the scope of this Privacy Policy, we will notify you by email or through a prominent notice on the homepage of our Site.

XVII. HOW TO CONTACT US

If you have any questions about this privacy policy or our privacy practices, any complaints or any need for assistance relating to your personal data, you may contact us via email at privacy@personifycorp.com or by writing us at the following address: Personify, attention Security Officer, 6500 River Place Blvd, Bldg. III, Ste 125, Austin, TX 78730.