Privacy Policy

Last Modified: April 22nd, 2024 (“Effective Date”)
© Copyright 2021~24, CardWare. All rights reserved.

INTRODUCTION

This privacy policy (“Privacy Policy”) is designed to inform you about CardWare, Inc., and CardWare Inc’s (“CardWare,” “we,” “us,” or “our”) policies and procedures for collecting, using, and disclosing your information in connection with your use of our services. CardWare provides software, documentation and a web-based portal (the “Service(s)”) designed to assist visitors (“Users”) learn more about CardWare, news content, informational materials, software, products, purchasing, files, and folders (collectively referred to as the “Content”) and analyzing how their Content is viewed and/or received by their customers, prospective customers, and other third parties that may review the data collected (“Viewers”).

Users can access the Service through our web-sites located at Card-Plus.com,CardPlus.com, or CardWare.com (the “Sites”), applications on Devices, Products, through APIs, through Software Developer Kits, and through third-parties. A “Device” is any computer used to access the CardWare Service, including without limitation a desktop, laptop, mobile phone, tablet, TV, or other electronic device capable of accessing content on the Site.

SCOPE

This Privacy Policy governs your access of the CardWare Service, regardless of how you access it, and explains what data we collect when you use the Site and/or the Service, why we collect the data, how it is used, and your rights and choices. This policy applies to personal data and other information collected by us from or about: (i) visitors to, or users of, our Site, (ii) prospective clients, (iii) current clients, (iv) job applicants.

While providing our Service, we collect information related to you on behalf of CardWare and our Viewers. Our use of information on behalf of our Users is governed by our contract with the applicable User and the User’s own privacy policies. We are not responsible for the privacy policies or privacy practices of Users or other third parties.

CardWare complies with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (“Frameworks”) as set forth by the U.S. Department of Commerce regarding the processing of personal data transferred from the EU and Switzerland to the U.S. (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). CardWare has certified that it adheres to the Privacy Shield Principles (described below). If there is any conflict between the policies in this Privacy Policy and the EU or Swiss Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Frameworks and to view our certification page, please visit https://www.privacyshield.gov/

By using our Site or the Service you consent to the collection, transfer,

processing, storage, disclosure and other uses described in this Privacy Policy.

INFORMATION WE COLLECT

When you interact with the Site or the Service and in connection with our events, and sales and marketing activities, we collect information that alone or in combination with other information could be used to identify you (“Personal Data”), as described below:

A. Information You Provide as a User

When you register an account as a User, you may be asked to provide Personal Data including without limitation, your name, phone number, email address, home address or business address.

You may also choose to submit Personal Data to us when you send us an email, or use any interactive features, or feedback surveys, that we may make available on the Service. And for example, you may give us your social networking information if you repost material available on the Service, including giving us access to your account on social network connection services.

You may also choose to provide your payment information when purchasing a product or service through the Sites. If your payment information includes sensitive or

B. Events

We may also collect data from you including without limitation when you attend one of our events, during phone calls with sales representatives, or when you contact customer support.

C. Employment Applications

When you apply for employment through the Site, our provider of recruiting services will collect your resume and any additional information that you elect to provide to us, including but not limited to your employment history and education. In addition, where permitted by law, we may use a third-party to carry out a background check to determine your suitability for a position.

D. Other Information We Receive

You may be requested to provide information (including Personal Data) via the Service in order to view Content. In particular, in order to access Content that is shared via the Site. And may be asked to provide email address and or password, upon opening a content or link to content. CardWare stores this information on behalf of our Users. In the event you provide CardWare or third-party service with this information, you do so in accordance with that User’s privacy practices and policies. CardWare is not responsible for the privacy practices of its Users, or third-parties and does not access this information except with a User’s permission, in order to provide the Service and related support and assistance. If you wish to learn more about the third-party support, services, policies, terms-of-use or other information, contact them directly.

E. Content

In providing the Service, we provide Content that CardWare and Users (and as appropriate representatives, employees or other data subjects as elected by Users) upload, download, or access with, share, or send through the Service (“Content”). If you add Content to that previously uploaded by you or another user, we may associate all or a portion of the previous Content with your account rather than storing a duplicate.

We may also provide surveys, polls, blogs and other methods for collecting feedback (collectively, the “Surveys”), through which you or other users may provide information. The information is important to give insights into general trends and to guide product , marketing and future technology decisions. You understand that Survey participation, and giving feedback is entirely voluntary. We may use Third Party services, such as SurveyMonkey.com, Amazon MTurk and AIP-Rakuten, to present and collect Survey responses, and those parties may use IP tracking and cookies in order to mitigate multiple responses.

Furthermore, you understand that by participating in any Surveys, you automatically give us the right to use the responses, statistics and data-trends regarding the responses, and any other Feedback and information derived from the responses, in any manner we see fit. Including to present and publicly disclose responses, statistics, summaries and findings from the Surveys.

F. Information We Receive from Third Parties

We may also receive Personal Data (such as your email address) through other Users, mail-lists, surveys, or third-parties, for example if they have tried to share something with you or tried to refer you to CardWare. We may supplement the information that we collected from Users and Viewers with additional information obtained from publicly available and third-party databases or services that provide information about business people and companies (including an individual’s name, job title, business contact information, and company information), survey responses, analytics and we may display this information as a part of our Services.

G. Automatically Collected Information

i. Log Data.

When you use the Service, we automatically record information from your Device, its software, and your activity using the Service. This includes the Device’s Internet Protocol (IP) address, operating system, browser type, the web pages you visited before you came to the Site, the web pages you view immediately after leaving our Site, information you search for on the Site, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning the Content, and other interactions with the Content and the Service.

We collect this information in order to deliver the Service and to provide our Users with reporting and analytics relating to the use of the Service. This information is made available to Users via the Service (for example, we provide Users with information on a Viewer’s location based on that Viewer IP address) and may be associated with other information about the User and its Viewers (including Personal Data) that Users provide us.

If you are a Viewer who views Content you receive from a User via the Service, we automatically collect information about your interaction with such Content and our Service. The information we collect includes:

Whether or not a you have viewed or are viewing Content; Date and time you viewed the Content; Number of times and length of time Content was viewed; Which portions of the Content were viewed; and Your IP address and location.

ii. Cookies and Other Tracking Technologies.

We may use “cookies” (small data files that we transfer to your Device) and other tracking technologies to operate and administer the Site and the Service, analyze trends and improve your access to, and use of, our Service. For more information about the cookies and similar technologies used on our Site and Service, please refer to our Cookie Policy.

HOW WE USE INFORMATION

A. Provide Information; Respond to Requests

When you ask for information about the Service, or register to a webinar or an event, we will use your contact information to respond to your request. For EU data subjects, such use is necessary to respond to or implement your request.

B. Provide the Service to Users

We use account-related data provided by Users in connection with the purchase, sign-up, use, or support of the User account (such as usernames, email address and billing information) to provide you with access to the Service and/or the Site, contact you regarding your use of the Service and/or the Site, or to notify you of important changes to the Service and/or the Site. For EU data subjects, such use is necessary for the performance of the contract between you and us.

We process Personal Data relating to Viewers and your Content on your behalf for the purpose of providing the Service and to provide our Users with reporting and analytics relating to your interaction with your Content and our Service, in accordance with the applicable User contract. Data relating to Viewers that we receive through the Service will be made available to Users who communicate with Viewers via the Service, and may be associated by Users with other information about Viewers (including Personal Data) that Users have provided us or that Viewers have provided to Users via the Service. CardWare does not use or access Viewers’ Personal Data collected by its Users through their use of the Service except with a User’s permission, in order to provide the Service, and to provide related support and assistance.

C. Sending Users Marketing Communications and Other Announcements We will use your email or mail address to send you information (as applicable) by email and post about new products and services, upcoming events or other promotions. You may opt out of receiving such emails by following the “unsubscribe” instructions in each promotional email we send you. Please note that if you opt out from marketing communications, we may still contact you regarding issues related to our Service and to respond to your requests. Our sales representatives may also use your phone number to contact you directly by phone, in connection with such new products and services, upcoming events or other promotions.

Where required by applicable law (for example, if you are an EU data subject), we will only send you marketing information by email or mail, or contact you by phone, if you consent to us doing so at the time you provide us with your Personal Data. When you provide us with your consent to be contacted for marketing purposes, you have the right to withdraw your consent at any time by following the instructions to “opt-out” of receiving marketing communication in each marketing email we send you. In addition, if at any time you do not wish to receive future marketing communications or wish to have your name deleted from our mailing or calling lists, please contact us at privacy@CardWare.com. Please note that if you opt out from marketing communications, we may still contact you regarding issues related to our Service and to respond to your requests.

D. For Legitimate Business Interests

We use data relating to your use of and interaction with the Site and the Service, including information that we receive through cookies and similar technologies, for certain legitimate business interests, which include the following:

to provide, administer, and support the Site and the Service;

to personalize and improve your access to and use of the Site and the Service (including to increase

our Service’s functionality, product features, and user-friendliness);

to verify Users have the authorization needed for the Service to process their requests; to inform our marketing strategy and personalize our communications with you (including providing or offering software updates, information on our features and other marketing and service-related announcements relevant to the content and features you engage with);

to conduct analytics and report on trends on content usage and performance;

to meet our corporate and social responsibility objectives;

and for internal business/technical operations, including troubleshooting, data analysis, testing, to prevent fraud or criminal activity, misuses of our products or services and ensure the security of our IT systems, architecture, and networks;

for tracking potential misuse or infringement of our intellectual property including content, code, materials, copyright, trademarks, patents and other intellectual property (collectively, the “IP”);

if you ask us to delete your data or to be removed from our marketing lists and we are required to fulfil your request, we will keep basic data to identify you and prevent further unwanted processing, except with regards to IP infringement (item 8).

For EU data subjects, this use of your Personal Data is necessary for our legitimate interests in understanding how the Site and our Service are being used by you and to improve your experience on it. For cookies placed through our Site, where required by the applicable law we rely on your consent – please read our Cookie Policy for more information on how we use cookies and other tracking technologies.

INFORMATION SHARING AND DISCLOSURE

A. Your Use

We will display your Personal Data on your profile page and elsewhere on the Service according to the preferences you set in your account. You may access and change these preferences at any time as described in Section 4. Any Personal Data you choose to provide should reflect how much you want others to know about you.

When Viewers view content, we may use our own Site information or services provided by third parties (for example Google Analytics, Mailchimp or Docsend), to collect email-address, name, IP-addresses, location, browser, time, type of device, page refreshes, resolution and other statistical information provided by the Viewer or the Viewer’s Device. And where we make the Content accessible through other services such as Docsend, or MailChimp, we may review information the Viewer has provided to such services, including his or her name, email-address and viewing statistics.

We may also share or disclose your information with your consent, for example if you use a third-party application to access your account (see below). Through certain features of the Service, you may also have the ability to make some of your information public. Public information may be broadly and quickly disseminated. Please consider carefully what Personal Data you disclose in your profile page and our Service, and your desired level of anonymity.

B. Employees, Service Providers, Business Partners, and Others

We will disclose your Personal Data to our employees as necessary to deliver and improve the Service, and we may use certain third-party companies and individuals to help us provide, support, analyze, and improve the Service, such as providers of data storage services, maintenance services, payment processing, database management, providers of analytics services who help us understand how you use and interact with the Site and the Service, providers of digital advertising services, providers of CRM (customer relationship management), marketing, and sales software solutions, vendors who assist with recruiting, talent and background checking). These third parties may have access to your Personal Data for the purpose of performing these tasks on our behalf and pursuant to our instructions, under obligations similar to those in this Privacy Policy.

As of the Effective Date, we may use Internet Service Provider (ISP) storage service (including, but not limited to: Godaddy, NameCheap or Vercel) to store some of your information (for example, usage data). You can find more information on security from the sites:

https://www.godaddy.com/trust-center

https://www.namecheap.com/security

https://vercel.com/docs

C. Third-Party Applications

We may share your information with a third-party application with your consent, for example when you choose to access our Service through such an application or Device, or by clicking a link on our Site. We are not responsible for what those parties do with your information. You are wholly responsible for making sure, in advance, you trust the application, the device, or third-party, and that it has a privacy policy acceptable to you.

D. Compliance with Laws and Law Enforcement Requests; Protection of CardWare’s Rights

We may disclose to parties outside CardWare, information about you that we have collected when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation, or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of CardWare or its users; or (d) to protect CardWare’s Intellectual Property Rights. If we provide your Content to a third party as set forth above, we will remove any encryption from the data before providing them to third party.

E. BUSINESS TRANSFERS

If we are involved in a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you (for example, via email and/or a prominent notice on our Site) of any change in control or use of your Personal Data or Content, or if either become subject to a different Privacy Policy. We will also notify you of choices you may have regarding the information.

CHANGING OR DELETING YOUR INFORMATION

If you are a registered User, a means may be provided to you to update, review or correct the Personal Data you provide in your registration or account profile by changing your “account settings.” If you would like to delete your account, please contact us as indicated below. If your Personal Data changes, or if you no longer desire

our Service, you may update it by making the change on your account settings. In some cases we may retain copies of your information as described in Section 5 below. For questions about your Personal Data on our Service, please contact privacy@CardWare.com.

DATA RETENTION

We will retain your Personal Data for as long as is necessary for the purposes set out in this Privacy Policy, for as long as your account is active, or as needed to provide you the Service or for the duration required by law, whichever is the longer. If you wish to delete your account or request that we no longer use your information to provide you the Service, you may ask that we delete your account by emailing privacy@CardWare.com. We may retain, use or disclose your information (including Personal Data) as necessary to comply with our legal obligations, to resolve disputes or enforce our agreements, and a legitimate business interest (such as for analytics purposes, safety, and security). Consistent with and subject to these requirements, we will try to delete your information quickly upon request. In addition, we do not delete from our servers Content that you have in common with other Users.

FEEDBACK, COMMENTS, SUGGESTIONS

CardWare may offer the ability for Viewers to provide information, comment, send suggestions, Surveys, provide written feedback, post follow-up questions or answers (the “Feedback”) on the materials, content, technology, methods, processes and Services it provides. The Feedback may be provided by email, via web-submission, or by posting via the Services. You are in no way or means obligated to provide Feedback, it is your / the Viewer’s responsibility to perform any diligence or forethought before providing any Feedback. And for the sake of clarity : you agree that any Feedback you provide is given on an entirely voluntary basis.

You agree not to create any confidentiality obligation for or upon CardWare, except as may be mutually agreed through a separate written agreement. You agree not to give Feedback that is subject to license terms that seek to require any CardWare product, technology, service or documentation incorporating or derived from such Feedback, nor any CardWare intellectual property, to be licensed or otherwise shared with any third party. By providing any such Feedback, you are giving us the right to use, delete, copy, distribute, sell, exploit, republish or transmit any such Feedback, in any way CardWare deems fit, necessary or appropriate. Where such comments include useful information, intellectual property, copyright or other patentable information or material, you automatically give CardWare world-wide royalty-free, fully paid, rights to use, reproduce or file patents on such information, or to use such information in any way CardWare sees fit, entirely without obligation or restriction of any kind on account of intellectual property rights or otherwise, and to do so without reference to the Feedback source.

BLOGS AND COMMUNITY INFORMATION

Our Service may offer publicly accessible community services such as blogs, forums, comments, and wikis. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account. For questions about your Personal Data on our Service, please contact privacy@CardWare.com

COLLECTION AND USE OF INFORMATION BY THIRD PARTIES

A. General

Third parties are under no obligation to comply with this Privacy Policy with respect to Personal Data that you provide directly to those third parties or that those third parties collect for themselves. We do not control the third-party sites that may be accessible through this Service. Thus, this Privacy Policy does not apply to information you provide to third-party sites or gathered by the third parties that operate them. Before visiting a third-party site, whether by means of a link on this Service or otherwise, and before providing any Personal Data to any third-party, you should inform yourself of the privacy policies and practices (if any) of the third-party responsible for that site, and should take those steps necessary to your discretion, to protect your privacy.

B. Other Third-Party Collection of Other Information

We may use third-party companies including Google, Docsend to provide us with analytics information. These companies may collect Personal Data and other information from you via our Site and Service.

You can find out more information about what information Google collects and how it uses and discloses that information here: http://www.google.com/policies/privacy

You can find out more information about what information Docsend collects and how it uses and discloses that information here: http://www.docsend.com/privacy

We may also allow you to log in to our Service using third-party accounts such as LinkedIn, Twitter and Google. If you use these services, they may collect Personal Data from you via our Site and Service. You can find out more information about what information LinkedIn collects and how it uses and discloses that information here: http://www.linkedin.com/legal/privacy-policy

EU DATA SUBJECTS

A. Scope

This section applies solely to EU data subjects (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, where applicable, Switzerland). Our Privacy Policy describes why and how CardWare collects, uses and stores your Personal Data, the lawful basis on which your Personal Data is processed, and what your rights and our obligations are in relation to such processing (please see “Your Rights” section below).

B. Data Controller

CardWare is the data controller for processing of your Personal Data, but we act as a data processor for Personal Data that we process on behalf of our Users. Please see the “Contacting Us” section below to find out how to contact us.

C. Your Rights

Subject to applicable EU law, you have the following rights in relation to your

Personal Data:

Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.

Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.

Right to erasure: You may ask us to delete or remove your Personal Data, such as where our legal basis for the processing is your consent and you withdraw consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly. We may continue processing Personal Data where this is necessary for a legitimate interest in doing so, as described in this Privacy Policy.

Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it. We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.

Right to data portability: Effective 25 May 2018, you have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.

Right to object: You may ask us at any time to stop processing your

Personal Data, and we will do so:

If we are relying on a legitimate interest to process your Personal Data

— unless we demonstrate compelling legitimate grounds for the processing

or

If we are processing your Personal Data for direct marketing.

Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing of your data before we received notice that you wished to withdraw your consent.

Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns.

You may exercise your rights by contacting us as indicated under “Contacting Us” section below.

D. Legitimate Interest

“Legitimate interests” means our interests in conducting our business, managing and delivering the best Service to you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

E. Data Transfers

We rely on the EU-U.S. and Swiss-U.S. Privacy Shield certification to transfer Personal Data and other information that we receive from the EU and Switzerland to CardWare in the U.S. (for more information, please read the “Privacy Shield” section below).

PRIVACY SHIELD

A. General

We rely on our Privacy Shield certification to transfer Personal Data and other information that we receive from the EU and Switzerland to CardWare in the U.S. and we process such in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (“Privacy Shield Principles”), as described below.

B. Notice And Choice

This Policy provides notice of the Personal Data collected and transferred under the Privacy Shield and the choice that you have with respect to such data. It

also provides information about other Privacy Shield Principles that are set forth below.

C. Accountability for Onward Transfers

We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers (as described in the “Information Sharing and Disclosure” section above) if they process Personal Data in a manner inconsistent with the Privacy Shield Principles and we are responsible if they do so and for the harm caused.

D. Security

We maintain security measures to protect Personal Data as described in the “Security” section of this Policy.

E. Data Integrity and Purpose Limitation

We take reasonable steps to ensure that Personal Data is reliable for its intended use, and that it is accurate, complete and current for as long as we retain it. We keep your Personal Data only for as long as is reasonably necessary for the purposes described in this Privacy Policy, or for the duration required by law or our Client agreement, whichever is the longer.

F. Access

You have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please see the “EU Data Subject” section above for more information on rights of EU data subjects (and, to the extent applicable, data subjects in Switzerland). When we process Personal Data on behalf of our Users, we will process such requests pursuant to our contract with that User.

G. Recourse, Enforcement, Liability

In compliance with the Privacy Shield Principles, CardWare commits to resolve complaints about our processing of your Personal Data. European Union and Swiss individuals with inquiries or complaints regarding this Private Shield Policy should first contact CardWare as follows:

Email: privacy@CardWare.com

Attention: Privacy

Postal Mail: 111 Congress Ave, Suite 500, Texas, 78701, USA

We have further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider JAMS (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield

CardWare will cooperate with JAMS pursuant to the JAMS International Mediation Rules, available on the JAMS website at https://www.jamsadr.com/international-mediation-rules

If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit:https://www.privacyshield.gov/article?id=ANNEX-I-introduction

We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks.

SECURITY

The security of your information is important to us. We follow generally accepted standards to protect the Personal Data submitted to us at the time of writing, both during transmission and once we receive it. However, no method of electronic transmission or storage is totally secure. Additionally, it has been demonstrated that quantum computers may be able to reverse almost all current forms of encryption. Therefore, we do not guarantee absolute security, nor do we make any promises or warranties regarding level of security now or in the future. If you have any questions about security on our Site, you can contact us at: security@CardWare.com

OUR POLICY TOWARD CHILDREN

Our Service is not directed to persons under 13. We do not knowingly collect Personal Data from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without their consent, he or she should contact us at privacy@CardWare.com and we will endeavor to delete it.

ONLINE TRACKING

We currently do not respond to “Do Not Track” (DNT) or similar signals. We operate as described in this Privacy Policy whether or not a DNT signal is received.

YOUR CALIFORNIA PRIVACY RIGHTS

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2017 will receive information regarding 2016 sharing activities).

To obtain this information, please send an email message to privacy@CardWare.com with “Request for California Privacy Information” on the subject line and in the body of your message. We will endeavour to provide the requested information to you at your verified e-mail address in response.

Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

CHANGES TO OUR PRIVACY POLICY

This Privacy Policy may change from time to time. If we make a material change to this privacy policy, we will provide you with notice (for example, by email if you have provided your email address to us and your email address is current), and we may provide notice of changes in other circumstances as well. It is therefore important that you register with us and notify us if you change your email address. If you do not provide us with a current email address, you should regularly review this policy to ensure that you are informed of any changes.

CONTACTING US

If you have any questions about this Privacy Policy, please contact us at privacy@CardWare.com, or by post at:

CardWare, Inc.

Attention: Legal Department

111 Congress Ave, Suite 500,

Austin Texas 78701, United States

If you are an individual in the European Union, you can also contact VeraSafe, who may function as CardWare’s representative in the European Union pursuant to Article 27 of the General Data Protection Regulation, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27- representative

Alternatively, VeraSafe can be contacted at: VeraSafe Czech Republic s.r.o Klimentská 46, Prague 1, 11002, Czech Republic