A. General
B. Data Processed by Embee
C. How We Collect Data

D. Data Sharing
E. Cookies and Tracking Technologies
F. Children
G. Links to Third Party Website and Services
H. Security

I. Retention
J. Data Transfers
K. User Rights
L. Amendments
M. Opt-out
N. Contact Us

Exhibit A. CCPA Privacy Exhibit

A. General

This Privacy Policy ("Privacy Policy") explains the way Embee Mobile, Inc. (“Embee,” “we,” “us” or “our”) processes, uses, transfers and shares the information of those individuals who: (i) access and use our website available at: https://embeemobile.com/ (“Visitor(s)” and “Website,” respectively); and (ii) access, use or interact with our MobProfit application (“Application” and “User(s),” respectively) and use the services provided therein, including, without limitation, your participation in our metered panels (“Panels”) and surveys (“Survey(s)”). The Panels, Surveys as well as the other services available within the Application shall be collectively referred to herein as the “Services”. Each of the Visitors and Users are collectively referred to within this Privacy Policy as “you” or “your”. This Privacy Policy also explains the rights you have in relation to your Personal Data that we process and the security procedures that we have implemented to protect Personal Data.

Do not use our Website, Application or Services if our data processing practices, as explained in this Privacy Policy, are unacceptable to you.

We may amend this Privacy Policy from time to time to keep it up to date with legal requirements and the way we operate our business (as further explained in the amendments section below). Please make sure to check this Privacy Policy regularly for the latest version of the Privacy Policy.

Controller

For the purposes of the EU General Data Protection Regulation (Regulation 2016/679) (“GDPR”) and the UK data protection laws, Embee is the Controller of the personal data that we collect from our Visitors and Users.

UK Representative: Christian Penfold

Address: Addleshaw Goddard - Milton Gate, 7th Floor, 60 Chiswell St., London EC1Y 4AG, United Kingdom

You can contact our Data Protection Officer directly at: DPO@Embeemobile.com.

To learn more about Embee please visit: https://embeemobile.com/ or contact us directly by using the information in the Contact Us section below.

In the event that you are a California resident, the California Consumer Privacy Act (“CCPA”) may apply to you. Please make sure to review our CCPA Privacy Exhibit attached hereto as Exhibit A to learn more about our privacy practices with respect to the CCPA.

Data Processed by Embee

Depending on your interaction with us, we may collect one or both of the following types of data from you:

Non-Personal Data: This type of data is non-identifiable, anonymous and aggregated data (“Non-Personal Data”). We are unable to identify the individual who we collected the Non-Personal Data from. Non-Personal Data mainly consists of technical data such as, without limitation, the type of operating system and type of browser you may use, what device you use, the actions you take while accessing the website or while on your device, the battery state of your device, your network type, time zone, signal strength and speed and the roaming or connection status of your device. Some of this information is collected by way of cookies or similar technologies. Please review the Cookies section below for more information.
Personal Data: This type of data is individually identifiable information which means information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”). For the purposes of this Privacy Policy, Personal Data shall also include “Personal Information,” as such term is defined under the CCPA.

For the avoidance of doubt, any Non-Personal Data that is connected or linked to any Personal Data will be considered and treated by us as Personal Data for as long as such connection exists. Additionally, please be advised, that you are not required by law to provide us with any of your information and you may choose to refrain from providing us with certain types of Personal Data as you see fit.

We will use your Personal Data for the purposes listed in the table below. We will only collect, use and share your Personal Data where we are satisfied that we have an appropriate legal basis to do so. We have also included the legal bases which we rely on in the table below, which will impact which rights you have in relation to your Personal Data (see below for more details).

Data Processed from Visitors: ^[a]^[b]

Types of Personal Data

Purpose of Processing and Lawful Bases

Contact Details

When you contact us for support or other inquiries whether via our designated contact form available on our Website, by email, or via any other means of communication, you may need to provide us with your full name, email address, phone number, Device ID (as such term is defined below) as well as why you are contacting us.

Additionally, if you contact us in order to request a demo via our online demo form available here you will be asked to provide us with your full name, email address and your phone number.

Some of this processing is necessary in order to enable us to enter into a contract with you, at your request and perform our contract with you.

We will process some of this information subject to our legitimate interest and we will use your Personal Data solely in order to contact you, respond to your inquiries and provide you with the support or information that you requested. We have a legitimate interest in responding to communications and meeting our business objectives.

We may process the contents of our correspondence with you as well in order to improve our Services and to resolve any potential disputes or complaints with you (as necessary). We may also process some of this information in our legitimate interest or the interest of a third party, in order to enforce our rights and the rights of our Affiliates (as such term is defined below), including the terms of our agreements. Additionally, we may use your Personal Data in order to protect the rights of other Users and third parties including by using it to investigate potential violations of such rights.

Newsletter:

In the event you choose to subscribe to our newsletter, you will be asked to provide us with your full name and email address. You can unsubscribe at any time by using the unsubscribe option within the body of the email that you receive from us or by contacting us via email and asking us to remove you from our subscription list.

We will process this information on the basis of your consent and solely in order to provide you with the content that you requested to receive from us.

We use a third-party service provider to manage our direct marketing activities.

Device and Browser Data; Technical Non-Personal Data:

We may process certain online and device identifiers from you when you access or use our Website (e.g., IP address, UUID, and GAID) (“Device ID”).

Additionally, as explained above, we may collect certain types of Non-Personal Data from you when you access or use our website, the Application or services.

We will process this information in our legitimate interest, in order to provide an enhanced customer friendly Website and in order to better understand how our Website is used as well as for analyzation purposes.

Where required by applicable law, we will make sure to obtain your consent for the collection and processing of this data. Some of the Non-Personal Data may also be collected by our third party service providers.

If you are a User, we will also process the Personal Data included in the User table below, in addition to the Personal Data that we included in the table above.

Data Processed from Users:

Types of Personal Data

Purpose of Processing and Lawful Bases

When you download and sign up for our Application either directly or via your social media account (i.e., Facebook or Google) you will need to provide us with your full name, date of birth, and Email address.

Additionally, during the sign-up process, we will need you to activate certain access permissions on your device in order to proceed with the sign-up process, which may include: (i) location permissions which will provide us with your precise physical location (“Location Permission”); and (ii) the accessibility permission, as shall be further explained in the onboarding process within the Application (“Access Permission”). (i) and (ii) collectively, the “Permissions”.

This information will be processed by us in order to assess your eligibility to take part in and receive our Services.

The nature of the Application and Services requires that we have access to the Access Permission in order to collect and process Usage Data (as defined below). This processing is necessary in order to enable us to enter into a contract with you, to perform our contract with you and enable you to use our Services.

We will use such Personal Data in order to operate, provide, maintain and manage our Services. Furthermore, some of this data will be processed on the basis of our legitimate interests to perform research, conduct analytics and statistical activities, detect fraud, security or technical issues with respect to the services. Such processing in our legitimate interest will be carried out in a proportionate manner. The Location Permission will only be collected for the aforementioned purposes and will not be retained once that purpose has been fulfilled.

Additionally, the Personal Data that we collect via the Permissions will be processed subject to your consent, if we are required to obtain your consent in accordance with applicable law. We will use such Personal Data in order to operate, provide, maintain and manage our Services.

Direct Marketing

We may use your contact data to let you know about Services that we believe will be of interest to you or to provide you with our newsletter (if applicable). We may contact you via email, regular mail, telephone or via other communication channels that we think you may find helpful.

In all cases, we will respect your preferences for how you would like us to manage our marketing activities with you.

We will obtain your consent prior to sending you any marketing materials, if required to do so under applicable law.

We will take steps to limit marketing to a reasonable and proportionate level and will only send communications which we believe may be of interest or relevance to you.

You can unsubscribe from receiving these messages by clicking on the unsubscribe button located in any of the messages that you will be receiving or by contacting us at: mobsupport@embeemobile.com^[c]^[d]^[e]. It is important to note, that even if you choose to unsubscribe from these marketing messages, we may still retain your contact information in order to send you service-related messages.

You can change the way your browser manages cookies, which may be used to deliver online advertising, by updating your cookie settings as explained in the Cookie Section below.

Panel Registration

Once you have signed up for the Application and in order to be eligible to receive the Services, you will need to provide us with your exact date of birth, gender and your ethnicity.

This processing is necessary in order to be able to enter into a contract with you (i.e. assessing your Panel eligibility to enable you to earn points (“Points”)) and to perform our contract with you so you can use our Services.

We will obtain your explicit consent at this registration stage, for the processing of sensitive data (such as ethnicity), in order to determine whether you are eligible to participate in one of our Panels and receive our Services. Providing this information is entirely voluntary.

Survey Registration and Surveys

In order to participate in one of our Surveys you will need to go through a longer registration process where you may need to provide us with the following information as shall be determined from time-to-time and reflected in the Application: age, gender, education level, ethnicity, name of your city and postal code, household income, occupational status, number of people in your household, if you have children under the age of 18, preferred language for media consumption, preferred spoken language, device make and model, as well as your responses to the Survey questions (once you have completed a Survey) that we have provided.

Some of the Personal Data that is collected at this stage may be categorized as sensitive data under some data protection and privacy laws. We will therefore obtain your explicit consent for the processing of such data if we are required to do so under applicable law.

The information collected during the Survey registration process is necessary in order to enable us to enter into a contract with you (i.e., to ascertain whether you will meet the target audience for the Survey) and to perform our contract with you.

We will use the information collected from the Surveys in its pseudonymized form, for various market research and business purposes as well as for fraud prevention and in order to improve our Services.

The results of the Surveys you undertake may be aggregated (on the basis of our legitimate interests) and shared in any event in a pseudonymized form with our Partners for the purpose of market research on brands and products, marketing campaigns, advertising efficacy and investment research, as further described herein and in our Terms and Conditions (“Terms”). Please note that our Partners will not be able to identify you from the aggregated and/or pseudonymized data that is shared with them.

Some Surveys may be provided by our Partners via the Application. We will not have access to the responses that you provide for our Partner’s Surveys and the information you provide via these Surveys will be processed in accordance with the applicable Partner’s privacy policy as shall be reflected in the Application and the Survey terms.

Point Redemption:

As part of the Services and in order to redeem your Points (as further explained in the Terms), you may need to provide us with a PayPal registered email address or other additional information if you wish to receive a gift card for such Points (depending on how you choose to redeem your Points), as shall be updated from time-to-time within the Application.

This information will be processed by us in order to perform our contract with you and to provide you with our Services.

Usage Data:

Our Application will need to access certain usage data which may include your internet usage, browser and URL history, as well as information regarding your use of other applications on your device including: (i) the applications you use; (ii) how often you use them; (iii) and how long you remain in any particular application. Additionally, for certain applications^[f]^[g]^[h] we will process your internal usage of the application including what you view and your actions within the application. Some of this data may include Personal Data and sensitive Personal Data depending on the searches, your actions and what you view within such applications.

When you agree to participate in our Services, install the Application and allow us access to the requested Permissions, this will enable us to be able to monitor your usage and collect Usage Data as part of the Services. This processing is necessary in order to perform our contract with you, i.e., to assess and allocate points to you.

We will ask for your explicit consent to collect and use any sensitive Personal Data obtained during said monitoring, when we are required to do so in accordance with applicable law.

In line with our legitimate interests, we will use this information in its pseudonymized form for various market research and business purposes such as providing customer service, fraud prevention, research into user preferences and habits, improving our Services and providing our services to our Partners.

Device and Browser Data; Technical Non-Personal Data:

We may process your Device ID when you access or use our Application or Services.

Additionally, as explained above, we may collect certain types of Non-Personal Data from you when you access or use our Application or Services.

We will use such Personal Data in order to operate, provide, maintain and manage our Services. Furthermore, some of this data will be processed on the basis of our legitimate interests to perform research, conduct analytics and statistical activities, detect fraud, security or technical issues with respect to the Services and for our legitimate business purposes. Such processing in our legitimate interest will be carried out in a proportionate manner.

Where required by applicable law, we will make sure to obtain your consent for the collection and processing of this data.

How We Collect Data

Depending on the way you interact with us, we may collect data from you in the following ways:

Automatically: we may automatically collect some data from you when you use our Website, the Application and the Services.
Voluntarily: we will collect certain data from you when you choose to provide us with it, as explained in this Privacy Policy.

Data Sharing

Embee will not share any of your Personal Data with a third party, except under the following circumstances:

Agents and Service Providers: We may share some of your Personal Data with our authorized third-party service providers and agents (e.g., PayPal, Amazon Web Services and Zendesk) as necessary and reasonable for our business purposes, including investigations of potential violations of our Terms. These third-party service providers and agents have agreed to confidentiality restrictions and only have access to Personal Data that they need in order to perform their services and functions and they are not permitted to use it for any other purpose.
Security: We may share your Personal Data in order to detect, prevent or otherwise address fraud, security or other technical issues.
Legal: we may share your personal data with regulators, in order to comply with any applicable law, regulation, requests of law enforcement, legal process, subpoena or other similar investigative demand or governmental request.
Business Transfers and Affiliates: We may share your information when we are undergoing a change in control of any kind including by way of a merger, acquisition or purchase of all or substantially all of our assets. Additionally, we may share your Personal Data with our parent company, any of our parent company’s subsidiaries, joint ventures or other companies under common control with Embee (“Affiliates”) when necessary for the purposes described in this Privacy Policy (including as necessary and reasonable for our business purposes, market analytics and market research activities and services that we and our Affiliates may provide or do) or upon the occurrence of the corporate transactions listed above.
Explicit Consent: We will share your Personal Data if you provide us with your explicit consent to share this information, prior to its disclosure.
Business Partners: We will share your Personal Data in order to provide our services (including our market research services) to our customers and partners (collectively, “Partners”) in most cases, in a pseudonymized form. Our Partners may license this information and utilize our services to develop insights-based products and services, which they may then provide to their clients and customers.

Cookies and Tracking or Analytic Technologies

We or our third-party service providers may use cookies, other similar tracking technologies or methods of web and mobile analysis to gather, store, and track certain information related to your access of, activity and interaction with our Website, the Application or your device. A “cookie” is a small piece of information that a website assigns to your device when you access the Website. Cookies are very helpful and may be used for a variety of different purposes. These purposes include, without limitation, allowing you to navigate between pages more efficiently, enabling the automatic activation of certain features, remembering your preferences and making the interaction between you and our Website quicker and easier, to prevent fraud and protect our Services. For further information, please contact us at mobsupport@embeemobile.com.

Please visit: www.allaboutcookies.org to learn more about cookies.

We use the following cookies, third-party tracking or analytic technologies on our Website and Application:

Application:

Name

Type and Purpose

Google Analytics

Analytical, Measurement and Performance

http://www.google.com/policies/privacy/partners

Firebase

Essential, Functional, Operational and Security: We will use firebase for authentication purposes. This type of technology is essential and therefore will not be able to be disabled.

https://firebase.google.com/support/privacy

Website:

Name

Type and Purpose

Google Analytics

Analytical, Measurement and Performance Cookie

http://www.google.com/policies/privacy/partners

https://policies.google.com/technologies/managing?hl=en

https://tools.google.com/dlpage/gaoptout/

Please click here for more information regarding our use of Google products.

It is important to note that most browsers allow you to erase cookies from your computer’s hard drive, block the acceptance of certain cookies, or receive a warning before a cookie is stored on your device. Please note however, that by choosing to block or erase certain cookies you may be limiting or diminishing your online experience with us. We encourage you to visit the following links to learn more about how you can block or erase cookies via your browser of choice: Google Chrome; Firefox; Internet Explorer; Safari; Edge; Opera.

Children

Our Website, Application and Services are not directed to and are not meant to be used by individuals who are under the age of 18. If you are under 18 years of age, we request that you not use our Website, Services or our Application. We do not knowingly collect Personal Data from individuals who are considered children in their jurisdictions (i.e., under the age of 16 or as otherwise defined under the applicable law in their jurisdictions). If we become aware of the fact that Personal Data of individuals less than 18 years-of-age has been collected through our Website, Services, or Application, we will take the appropriate steps to delete this information. Please contact us at: mobsupport@embeemobile.com. If you become aware of or have any reason to believe that a child has shared Personal Data with us.

Links to Third Party Websites and Services

Our Services and our Website may contain links to third party services or websites that are not operated by us. These links are provided as a service and do not imply any endorsement of the activities or content of these websites, nor any association with their operators. Embee is not responsible for the privacy policies or privacy practices of any third party including, without limitation, websites directly linked to our Services or our website. We encourage you to review the privacy policies of any such third-party websites or services before you access them.
Security

Embee takes reasonable and has put in place industry standard technical and organizational precautions to protect the confidentiality, security and integrity of your Personal Data and in order to prevent any unauthorized use of such Personal Data. In addition, we limit access to your Personal Data on our servers. The data collected by us is stored mainly on the servers of Amazon Web Services (AWS) located in the United States and in the UK. Please visit the following link for more information regarding the data security provided by AWS: https://aws.amazon.com/privacy/.

Please contact us at: mobsupport@embeemobile.com. If you believe that your privacy was treated in a way that was not in accordance with this Privacy Policy. We will make a reasonable effort to notify you or any applicable supervisory authority in the event that a security incident occurs in which your Personal Data may be at risk, provided that we are required to do so in accordance with applicable law.

Retention

We will store and retain your Personal Data for no longer than is necessary for the purposes set forth above, as otherwise required in accordance with applicable law or until you have requested to opt-out of our collection of such Personal Data, subject to applicable law. We may at our sole discretion delete or amend information that is stored by us, without providing you with any prior notice of our intention to do so once it is no longer necessary for us to retain it for our purposes.

Data Transfers

We may store or process your Personal Data in the UK, the EU, the United States or in other countries. As such, please be advised that any information you provide us may be transferred to and processed in countries other than the country from which you accessed our Website or Application. We will make sure to implement appropriate measures to ensure that your Personal Data receives an adequate level of data protection while it is being transferred. When Personal Data that was collected within the European Economic Area (“EEA”) or the UK is transferred outside the EEA or the UK (as applicable), we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data. You may exercise your rights, where applicable, to receive information regarding the transfer mechanism that was used during the transferring of your Personal Data. Personal Data that is being transferred outside the EEA to a country which has not received an adequacy decision from the European Commission (“Adequacy Decision”)will be transferred pursuant to the standard contractual clauses approved by the European Union (“Standard Contractual Clauses”). Personal Data that we transfer outside of the UK to a country that is not in the EEA, has not received an Adequacy Decision or an adequacy regulation has not been passed regarding it by the UK will be transferred, depending on the situation, either pursuant to the International Data Transfer Agreement or the addendum to be used with the Standard Contractual Clauses, both as issued by the UK’s Information Commissioner.

User Rights

Depending on your jurisdiction, data protection and privacy laws may provide you with the ability to exercise certain rights with respect to your Personal Data. We have included some of these rights below for your reference and convenience:

Right to Access: You may have the right to access your Personal Data by asking us to confirm what Personal Data we process about you, as well as additional information regarding how and the purposes for such processing, and to request and obtain a copy of such Personal Data. The right to access under the GDPR and CCPA are slightly different from one another. The GDPR enables access to all Personal Data processed by the controller, while the CCPA's "Access Right" only applies to Personal Data collected in the 12 months prior to the access request.
Right to be Informed: You have the right to be informed regarding Embee’s information (e.g., our name and address) as well as what Personal Data we process, and how and why we process Personal Data. Under the CCPA, you may also have the right to be informed regarding the categories of Personal Data collected, sold, or disclosed by us in the past 12 months. As such, we will make sure that our Privacy Policy (including Exhibit A of the Privacy Policy) discloses all of the above and is updated every 12 months, as required under the CCPA.
Right to Rectification: You may have the right to require us to update and complete any Personal Data that we have about you that is inaccurate or incomplete and to require us to inform third parties that process such Personal Data on our behalf to update such inaccurate or incomplete data.
Right to Erasure: You may have the right, depending on the circumstances, to request that we delete your Personal Data that is held by us. We are not required to comply with your request to erase Personal Data if the processing of your Personal Data is necessary for our compliance with a legal obligation; or the establishment, exercise or defense of legal claims.
Right to Restrict the Processing: Depending on the circumstances, you may have the right to limit the purposes for which we process your Personal Data. We can continue to use your Personal Data following your request to restrict the processing of your Personal Data, where we have your consent; or to establish, exercise or defend legal claims; or to protect the rights of another natural or legal person.
Right to Data Portability: You may have the right to request that we send or “port” the Personal Data that we process about you to a third-party, but in each case only where the processing is based on your consent or on the performance of a contract with you, and the processing is carried out by automated means. It is important to note that the GDPR and the CCPA differ in the application of this right and therefore we will handle the fulfillment according to the applicable laws in your jurisdiction
Right to Object: You may have the right to object to the processing of your Personal Data on the basis of our legitimate interest. The right to object does not exist, in particular, if the processing of your Personal Data is necessary in order to enter into a contract with you or to perform a contract with you.
Right to Object to Direct Marketing: You can request that we change the manner in which we contact you for marketing purposes. You can request that we not transfer your Personal Data to unaffiliated third parties for the purposes of direct marketing or any other purpose.
Right to Withdraw Consent: If you have given us your consent for the processing of your Personal Data, you may have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before your consent was withdrawn.
Data Transfer Rights: You may be able to obtain a copy of, or reference to, the safeguards under which your Personal Data is being transferred outside the UK/EEA. We have included links and explanations regarding these mechanisms in section J above.
Rights in relation to automated decision making and profiling: You may have the right to not be subject to a decision based solely on automatic decision making or profiling.
Non-Discrimination: If the CCPA applies to you, then you have the right to not be discriminated against for exercising any of your privacy rights, including by being denied goods or services, charging you different fees for goods, services (including by using discounts) or other benefits, imposing penalties or by it being suggested to you that you will receive a different price or rate for goods or services. Notwithstanding the above, the CCPA does permit schemes for providing financial incentives and you can opt-in to become part of these schemes.

Where you believe that we have not complied with our obligation under this Privacy Policy, the GDPR, the UK data protection laws, or the CCPA you have the right to make a complaint to an EU Data Protection Authority or the UK Information Commissioner's Office (as applicable).

If you would like to exercise any of your rights listed above, please contact us at: mobsupport@embeemobile.com to submit a request to exercise such rights. We reserve the right to ask that you send us reasonable evidence in order to verify your identity before we provide you with any of the information that you requested, subject to applicable law. We aim to respond to a verifiable request without undue delay and in any event in accordance with applicable law. We will notify you if we require more time to respond to your request and inform you of the reason and length of the extension period in writing. Our response to your request may also explain the reasons why we cannot fulfill your request, if applicable. When you request to exercise your data portability right, we will provide your Personal Data in a format that is able to be used and that would allow you to easily transmit the information from one entity to another. Please also note that under the CCPA your rights only apply to the Personal Data that is collected 12 months prior to your request to exercise them and you are not entitled to submit more than 2 requests in a 12 month period.

L. Amendments

Embee reserves its right to amend this Privacy Policy at any time. We will make a reasonable effort to notify you with respect to any material changes to this Privacy Policy, provided that we are required to do so under applicable law. Any changes to this Privacy Policy shall go into effect as of the date listed in the “Last Amended” heading located at the top of this Privacy Policy. We encourage you to review this Privacy Policy regularly to ensure that you are familiar with our current practices and policies.

M. Opt-out

Our Services are intended to provide you significant control over how your Personal Data may be used for marketing, research and other business purposes. If you want to temporarily opt-out of allowing the Application to collect your data, you can use the in-app toggle button to pause our collection of your Personal Data and the sharing of such Personal Data with any of our Partners. If you would like to permanently opt-out so that no more data is collected or shared, and to stop participating in the Services entirely, you may do so at any time by uninstalling the Application which will stop the collection and sharing of your Personal Data with any of our Partners.

If you have decided to stop participating in the Services and you want to opt-out of having any historical data shared with any of our Partners, you may do so by contacting Embee
at: mobsupport@embeemobile.com, and include in the subject-line of your email the words “Opt-Out”. Before you uninstall the Application, please include a screenshot of your recent Embee transaction history, so we can identify your account and flag it for removal with our Partners.

N. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us as follows:

By email at: mobsupport@embeemobile.com

EXHIBIT A

CCPA PRIVACY EXHIBIT

Introduction

This CCPA Privacy Exhibit (“Exhibit”) governs the way in which we process the data of consumers who reside in the State of California (“Consumers” as defined under the CCPA, and will be referred to herein as “you”). Any terms defined in the CCPA have the same meaning when used in this Exhibit. Furthermore, this Exhibit is an integral part of our Privacy Policy and therefore, any definitions used herein but not defined herein shall have the meaning ascribed to them in our Privacy Policy.

To learn more about your California privacy rights, please visit https://oag.ca.gov/privacy/privacy-laws.

Categories of Personal Information

When you access our Website and use our Application or Services, we collect certain information with respect to such use and access. This data may include “Personal Information” which is defined under the CCPA as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer, household or device as specified in the table below.

The following table specifies the categories of Personal Information that we may collect (or may have collected within the last 12 months):

Category	Examples of Personal Information	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	Yes
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	Yes
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	No
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	No
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	Yes
G. Geolocation data.	Physical location or movements.	Yes
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	No
I. Professional or employment-related information.	Current or past job history or performance evaluations.	Yes
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	No
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	No

Disclosure of Personal Information for a Business Purpose

In the preceding twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose (in a non-identifiable form):

Category A: Identifiers;

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e));

Category C: Protected classification characteristics under California or federal law.

Category F. Internet or other similar network activity.

Category I. Professional or employment-related information.

We disclose your Personal Information for a business purpose to the following categories of third parties: service providers (e.g., servers etc.) and Partners.

When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for its performance of the contract.

How we Collect your Personal Information

We collect the Personal Information that we listed above in the ways listed in and in accordance with our Privacy Policy. We will ask for your consent to collect Personal Information and offer you the choice to opt-out of such collection, if we are required to do so in accordance with applicable law.

Our Use of Personal Information

We may use, or disclose the Personal Information we collect for the business purposes that we included in our Privacy Policy.

We will not collect additional categories of Personal Information or use the Personal Information we collected in a way that is materially different, unrelated, or incompatible with the purposes that are listed in our Privacy Policy without providing you with prior notice of our intention to do so.

Sale of Personal Information

We have not sold Personal Information in the last twelve (12) months.

User Rights

The CCPA provides Consumers with specific rights regarding their Personal Information. Please review our Privacy Policy in order to learn more about the rights you may have under applicable law.

We provide you with the ability to exercise certain choices and controls in connection with our treatment of your Personal Information, depending on your relationship with us. You may exercise any or all of your rights in relation to your Personal Information by contacting our DPO at: DPO@Embeemobile.com or by contacting our support team at: mobsupport@embeemobile.com.

Amendments

We will update our Privacy Policy every 12 months, as required under the CCPA. The last revision date will be reflected in the “Last Amended” heading located at the top of this Privacy Policy.