Coredeq (hereinafter referred to as "the Company", "us", or "we") acknowledges that your privacy is important. This policy discloses the privacy practices for Coredeq's website (hereinafter the "Website"), as well as related products and services that we may offer you (hereinafter the "Service"). This policy also covers how personal and other information that we receive or collect about you and your customers ("Customers") is treated. Please read the information below to learn about the following regarding your use of this Website.

We reserve the right to change this privacy policy from time to time. We will notify you of significant changes in how we treat personal information by sending a notice to the primary email address specified in your account, by placing a prominent notice on our website, and by updating any privacy information on this page. Your continued use of the Website and/or the Services available through this Website after such modifications will constitute your (a) acknowledgment of the modified policy, and (b) your consent to abide and be bound by that policy.

IMPORTANT: BY USING THE WEBSITE AND/OR AVAILABLE OFFERINGS ON THIS WEBSITE, YOU CONSENT TO ALL PERSONAL DATA THAT YOU SUBMIT MAY BE PROCESSED BY US IN THE MANNER AND FOR THE PURPOSES DESCRIBED BELOW. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, DO NOT USE THE WEBSITE.

1. Types of information we collect

To provide you with our Service, we collect two types of information about our users: Personally Identifiable Information ("PII") and Aggregated Information.

Personally Identifiable Information: This refers to information that allows us to know details about who you are. When you perform certain activities on this Website, such as registering for an account, downloading or purchasing a product or service, submitting content and/or posting content in a public forum on this Website, or sending feedback to us, we may ask you to provide certain information about yourself.

Examples of PII may include your first and last name, email address, mailing address (including zip code), employer, position and department, phone and fax numbers, and other identifying information. When ordering products or services on the Website, you may be asked to provide a credit card number.

Aggregated Information is information that does not identify a specific individual. This type of information is collected based on where you visit on our website and which other websites may have referred you to us. The information is collected in various ways and analyzed both personally and in an aggregated manner. Information may include the URL that points to the website you visited before coming to our website, which URL you go to after visiting our website, which browser you are using, and your IP address.

2. How we collect information

Coredeq does not collect any personally identifiable information (PII) about you unless you voluntarily provide it to us. However, you may be required to provide certain PII to us when you choose to use certain products or services available on the website. This may include: (a) registering for an account on our website, (b) transferring individual transaction data obtained from your third-party billing or accounting applications (such as "QuickBooks," "Xero," "Clio," etc.), (c) transferring user-generated content and other information uploaded to the website, (d) sending us an email, (e) submitting a form or transferring other information via phone or mail, or (f) providing your credit card or other payment information when ordering and purchasing products and services on our website.

We will primarily use your PII to provide product or service offerings to you. We will also use certain PII to improve the operation of our website, enhance our internal marketing and promotional efforts, analyze website usage, improve our product and service offerings, and customize the content, layout, and services on our website. We may also use certain information about you without identifying you as an individual to allow third parties to analyze how the service is used, diagnose service or technical problems, maintain security, and customize content. We may also use PII to provide information to you and contact you regarding administrative notices. Finally, we may use your PII to resolve disputes, troubleshoot problems, and enforce our agreements with you, including our terms of use and this privacy policy.

We may also collect or allow our third-party advertising partners to collect certain Aggregated Information. For example, we may use your IP address to diagnose problems with our servers, software, to administer our website, and to collect demographic information. Our third-party advertising partners may also provide us with aggregated, but not individual reports that inform us of how many ads were displayed and clicked on our website.

3. Cookies

Depending on how you use our website, we will store cookies on your computer to collect certain aggregated data about our users and customize certain aspects of your specific user experience. A cookie is a small data text file that is stored on your computer and uniquely identifies your browser. Cookies may also contain more personalized information, such as your IP address, browser type, the server your computer is logged onto, area code and zip code associated with your server, and your first name to welcome you back to our website. We may use cookies to perform tasks such as: monitor aggregated website usage metrics, store and remember your passwords (if you allow us to do so), store account and advertising preferences that you have set, and customize the services that we make available to you. However, we do not use cookies to track your browsing behavior. Most browsers are initially set to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some parts of the website may not function properly if you choose to disable cookies.

4. Information Disclosure

Coredeq will not sell, trade, or rent your PII to others. We provide some of our product and service offerings through contractual arrangements with subsidiaries, service providers, partners, and other third parties ("Service Partners"). We and our Service Partners may need to use certain PII to perform tasks between our respective websites or to deliver products or services to you. For example, we may need to release your credit card information to the card-issuing bank to confirm payment for products and services purchased on this website, release your address information to the delivery service to deliver products you have ordered, and provide order information to third parties that assist us in providing customer service.

We will encourage our Service Partners to adopt and promote strong privacy policies. However, the use of your PII by our Service Partners is governed by the respective privacy policies of those providers and is not subject to our control. Except as otherwise discussed in this privacy policy, this document addresses only the use and disclosure of information we collect from you. Other websites accessible through this website, including our advertising and service partners, have their own privacy policies and data collection, use, and disclosure practices. Please consult each website's privacy policy. We are not responsible for the policies or practices of third parties.

Sometimes we may be required by law or legal authorities to provide PII to appropriate government authorities. In such cases, we will disclose PII upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation. We fully cooperate with law enforcement agencies to identify those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.

We may also provide Aggregated Information about our customers' sales, traffic patterns, and related website information to third-party advertisers, but these statistics do not include any personally identifiable information.

5. Updating and Correcting Information

We believe you should have the opportunity to access and edit the PII you have provided to us. You can at any time change any of your PII in your online account by linking to your account as instructed elsewhere on this website.

We encourage you to promptly update your PII if it changes. You may request the information on your account to be deleted or removed. However, some information, such as past transactions, logs of technical support calls, or other information, may not be deleted. Additionally, it may be impossible to completely erase your information without any residual information due to backups.

6. User Choice Regarding Collection and Use of Information

We may occasionally send email to you regarding new products and services that we believe may interest you. If you indicated at registration that you are interested in receiving offers or information from us and our partners, we may occasionally call or send direct mail to you about products and services that may be of interest to you. Only Coredeq (or agents working for Coredeq under confidentiality agreements) send these marketing messages to you, and only if you have previously indicated that you want them. If you do not wish to receive marketing messages from us, you can "unsubscribe" by editing your account information online and opting out of receiving these offers and mailings.

You also have choices regarding cookies, as described above. By changing your browser settings, you can choose to accept all cookies, receive notification when a cookie is sent, or reject all cookies. If you choose to reject all cookies, some parts of our website may not function properly for you.

7. Security of Your Personally Identifiable Information (PII)

On our website, you can be assured that your PII is secure in accordance with current industry standards. We strive to take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of your PII. For example:

• We work hard to ensure that the data we collect is reliable, accurate, complete, and current. We encrypt all PII to prevent unauthorized parties from viewing such information when it is transmitted to us. We also retain collected information for a reasonable period of time and use it only for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

• We limit access to PII only to specific employees, contractors, and agents who have a reasonable need to come into contact with your information. For example, we may provide members of our technical support team with limited access to your account to allow them to troubleshoot any problems you may have with the website.

• Additionally, we also use a number of physical, electronic, and procedural safeguards to protect PII. Our secure servers and data centers are protected by industry-standard encryption, and our servers are behind firewalls and use high-level password protection.

• Finally, access to your PII is available through a password and a unique customer ID that you have chosen. This password is encrypted. We recommend that you do not disclose your password to anyone.

In order to serve you in the best possible way, credit card transactions and order fulfillment are handled by established third-party banks and processing agents (such as PayPal). They receive the information needed to verify and authorize your credit card or other payment information and to process and ship your order.

Unfortunately, no data transmission over the internet or any wireless network can be guaranteed to be 100% secure. Therefore, while we strive to protect your personally identifiable information, you acknowledge that: (a) there are security and privacy limitations inherent to the internet which are beyond our control; and (b) the security, integrity, and privacy of all information and data exchanged between you and us through this website cannot be guaranteed. Because we do not have any control or ability to monitor the security of your device, you should take reasonable available measures to secure your device.

If personally identifiable information is compromised due to a security breach, Coredeq will promptly notify the individuals whose personally identifiable information has been compromised, in accordance with the notification procedures outlined in this privacy policy, via email or as required by applicable law. You agree to promptly notify us and your customers if you experience a security breach on your device that may have affected the security of our website or service.

8. Miscellaneous

You must be at least 18 years old to be permitted to use this website. By accepting our policy, you hereby confirm that you are at least 18 years old. Our policy is that we do not knowingly collect, use, or disclose personally identifiable information about visitors under the age of 18.

You should also be aware that when personally identifiable information is voluntarily disclosed (i.e., your name, email address, etc.) in discussion forums or other public areas on this website, that information, along with any information disclosed in your communication, may be collected and used by third parties and may result in unwanted messages (including unwanted spam messages) from third parties. Such activities are beyond our control, and this policy does not apply to such information. Please refer to our user agreement and website behavior policy for our website behavior policy.

If you have any questions, concerns, or requests regarding our privacy policy, or our use of your personally identifiable information, or our privacy practices, please contact us at: info@coredeq.com

Our customers use Coredeq software to collect and process personal data about individuals, which may include individuals in the EU and/or the UK. In particular, they use the software to manage their marketing lists and campaigns, which includes processing their customers' personal data.

For GDPR (and UK GDPR), Coredeq acts as a data processor for the personal data of data subjects. The data controller for the personal data of data subjects is either our customer or our customer's customers.

We only process such personal data in accordance with the instructions from our customer and in compliance with our obligations as a data processor. We ensure that a data processing agreement is entered into between us and our customer to ensure that appropriate safeguards are in place.