Providing us with your personal data is not mandatory. However, without sufficient information, we might not be able to offer some of our services. We operate as a "data controller" under the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as "GDPR") and other relevant European data protection laws. We process your personal data only if one of the following conditions is met:

• You have given consent to the processing of your personal data.
• Processing is essential for entering into or executing an agreement with you or providing products and services.
• Processing is necessary for compliance with applicable legislation.

We collect information about you when you provide it to us, use our Services, or when other sources provide it to us, as detailed below.

The information you provide to us, directly or indirectly, includes the following:

• Account and Profile Information: We collect information about you when you register for an account, modify your profile, set preferences, make purchases, or sign up for Services. For instance, when you register for the Services, you provide your contact and billing information. Your profile information, such as display name, profile photo, job title, and other details, can be added to be displayed within our Services. We monitor your preferences when you adjust settings within the Services.

• Content You Provide Through Our Websites: We collect content you submit to websites owned or operated by us, including any social media or networking sites run by us. This includes feedback, participation in interactive features, surveys, contests, promotions, sweepstakes, activities, or events.

• Information You Provide Through Our Support Channels: If you are experiencing issues with a Service and opt to submit information via our customer support, you will be required to provide contact information, a summary of the problem, and any other relevant documentation, screenshots, or information to aid in resolving the issue.

• Payment Information: We collect payment and billing details when you sign up for specific paid Services. This includes asking for a billing representative's name and contact info. You may also provide payment info like card details, which we collect through secure payment processing services.

We collect information about your interactions with our Services (browsing our websites and taking certain actions within the Services), which includes:

• Your Use of the Services: We monitor certain information about your interactions with our Services. This includes the features you use, the links you click on, the type, size, and filenames of attachments you upload, and your search terms.

• Device and Connection Information: We gather information about your devices, such as your computer, phone, or tablet, which you use to access our Services. This includes information about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. Your IP address and/or country preference help us approximate your location to offer you a better Service experience. The amount of information we collect depends on your device type and settings. Server and data center Service administrators can disable the collection of this information via the administrator settings or prevent this information from being disclosed to us by blocking transmission at the local network level.

• Cookies and Other Tracking Technologies: UDS Systems LTD and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers, and pixels) to provide functionality and to recognize you across different Services and devices.

• UDS Systems Partners: Some partners assist in marketing our Services, generating leads, and reselling. We get details from them like billing and company info, purchased Services, feedback, event attendance, and your country.

• Other Partners: We obtain data about you and your activities on our Services from third-party partners, like advertising and market research entities who share information about your interactions with our Services and online ads.

• Third-Party Providers: We may receive information about you from third-party providers of business information and publicly available sources (like social media platforms), including physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, and social media profiles, for targeted advertising of products that may interest you, delivering personalized communications, event promotion, and profiling.

How we use the information we collect depends on the Services you use, how you use them, and any preferences you have indicated. The specific purposes for using the collected information are detailed below.

We require your personal data to provide services related to facilitating operations and access to third-party services, such as Microsoft Dynamics 365, PowerApps, and Azure. The services include:

• Facilitating your registration.
• Providing you with our services.
• Updating your user profile.
• Informing you about crucial service-related information.
• Notifying you about our special offers and services.
• Offering user support.
• Processing your complaints and suggestions.
• Ensuring the lawfulness of rendered services, including Know-Your-Client, Anti-Money-Laundering checks, and international sanctions compliance.
• Improving our services, including through satisfaction questionnaires.
• Conducting statistical and marketing analyses of our services.

We ask you to provide us only with the personal data necessary to deliver the chosen service or newsletters or to respond to your request or claim. If you decide to provide us with any additional personal data, we will process them with due protection.

To Communicate with You About the Services: We use your contact information to send transactional communications via email and within the Services. These include purchase confirmations, subscription expiration reminders, customer support, technical notices, updates, security alerts, and administrative messages. We send you email notifications when you or others interact with you on the Services. Depending on your chosen contact method, we may send you SMS notifications or call you. We also provide tailored communications based on your activity and interactions with us. These communications are part of the Services, and in most cases, you cannot opt out of them. However, if an opt-out is available, you will find that option within the communication or your account settings.

To Market, Promote, and Drive Engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying UDS Systems ads on other companies' websites and applications. These communications may be informed by audits of interactions (like counting ad impressions) and are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may interest you. We also communicate with you about new Services, product offers, promotions, and contests. You can control whether you receive these communications as described below under "Opt-out of communications."

Customer Support: We use your information to resolve technical issues you encounter, respond to your requests for assistance, analyze crash information, and repair and improve the Services. Where you give us express permission, we disclose information to a third-party expert to respond to support-related requests.

For Safety and Security: We use information about you and your Service use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents, and to monitor and protect against other malicious, deceptive, fraudulent, or illegal activity, including violations of Service policies.

With Your Consent: We use information about you where you have given us consent for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services with your permission.

Legal Bases for Processing (for EEA Users): If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. It means we collect and use your information only where:

• We need it to provide you with the Services, including to operate the Services, provide customer support, personalize features, and protect the safety and security of the Services.
• It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services, and to protect our legal rights and interests.
• You give us consent to do so for a specific purpose.
• We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any process already taking place. Where we are using your information because a third party (e.g., your employer) or we have a legitimate interest in doing so, you have the right to object to that use, though, in some cases, this may mean no longer using the Services.

We offer collaborative tools and strive to optimize their performance for you. This process involves sharing certain information through our Services and selecting third parties. We disclose the information we collect about you in the ways detailed below, including in connection with potential business transfers. Please note that information about you, your devices, and your behavior collected through third-party cookies, pixels, tags, or other tracking technologies for cross-context behavioral advertising may be considered a "sale" or "share" under certain US state laws. However, UDS Systems is not a data broker; we do not sell personal information for monetary consideration.

• Service Providers: We collaborate with third-party service providers to offer website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, marketing, and other services for us, which may necessitate them accessing or using information about you. If a service provider requires access to information about you to perform services on our behalf, they do so under our close instruction, including policies and procedures designed to safeguard your information.

• Links to Third-Party Sites: Our Services may include links that redirect you to other websites or services with different privacy practices. If you submit information to those third-party sites, your information is governed by their privacy policies, not ours. We urge you to read those privacy policies thoroughly.

• Third-Party Services: We may offer you the ability to interact with or disclose information to third parties through the Services. For example, we may allow users to log in to the Services via a third-party service like Google, access embedded maps through Google Maps, or interact with social media networks via links on the Services. When you intentionally interact with these third parties, we may disclose certain information to those third parties or receive information from those third parties consistent with your privacy settings on the third-party service. Such information may include contact information, identification, demographic information, device information, and identifiers. You should always check the privacy settings and notices in these third-party services to understand how those third parties may use your data.

• Third-Party Widgets: Some of our services contain widgets and social media features, such as the Twitter "tweet" button or Facebook "like" button. These widgets and features collect your IP address and the page you are visiting on our Services and may set a cookie to ensure their proper function. Widgets and social media features are hosted by a third party or directly on our Services. You should always review the privacy settings and notices of these third-party services to understand how they may use your information.

• With Your Consent: We disclose information about you to third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your permission, we may post your name alongside the testimonial.

For the purposes of security, we may request you to present your ID document to verify your identity and authority to manage your personal data.

We share the information we collect with affiliated companies and, in some cases, prospective affiliates. Affiliated companies are companies owned or operated by us. The protections offered by this privacy policy apply to the information we disclose in these circumstances.

Your personal data is securely stored on Azure Active Directory B2C. Portions of your data may also be stored at our location indicated in this Privacy Policy.

We will only retain your data as long as it is necessary to fulfill the purpose for which it was collected or to comply with statutory requirements.

Over time, we may minimize your personal data or pseudonymize or anonymize them. If we anonymize the data, we may use the resultant information for statistical or other purposes without further notice, as such information is no longer personal.

While we implement safeguards designed to protect your information, no security system is impenetrable, and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is safe from intrusion by others. If you use our server or data center Services, responsibility for securing storage and access to the information you put into the Services rests with you, not UDS Systems. We strongly recommend that server or data center users configure SSL to prevent interception of information transmitted over networks and to restrict access to the databases and other storage points used.

• The Right to Be Informed: You have the right to obtain confirmation from us that your data is being processed.

• The Right to Access: If you want to know which personal data we process, you can request this information anytime. You can find the list of information we have to provide you in Articles 13, 14, and 15 of the GDPR. Therefore, when applying, you must specify your requirements, so we can lawfully consider your request and provide a response. We will process your request as promptly as possible, but bear in mind that providing a comprehensive and lawful answer regarding your personal data is a complex process that can take up to a month. If your request is deemed excessive, we reserve the right to require compensation for facilitating your excessive request.

• The Rights to Rectification and Erasure: If you find that some personal data we process about you need to be corrected or updated, please ask us to update it.

• The Right to Object: You can withdraw your consent to further processing your personal data anytime. All you need to do is ask us to withdraw your consent to such processing. You may also exercise your right to be forgotten. In cases stipulated in Article 17 of GDPR, we will delete the personal data that we process, except for those personal data we are obliged to store in accordance with the requirements set forth by the applicable legislation.

• The Right to Data Portability: You have the right to obtain and reuse your personal data across different services. You can move, copy, or transfer personal data from one IT environment to another in a secure manner without affecting its usability. If such movement is excessive or requires substantial resources, we reserve the right to require compensation for facilitating your excessive request.

• Rights in Relation to Automated Decision Making and Profiling: We tend to avoid automated decision-making. Please contact us if you feel you have been affected by some of our automated decisions.

To ensure security, we may ask you to provide an ID document to verify your identity and authorization to oversee your personal information.

In order to enable you to use our services, we must transfer your personal data to third parties. Many of these third parties are abroad. Therefore, disclosure to parties abroad is deemed international data transfer. The third-party processors of personal data are as follows:

We use "Cookies" and similar technologies to enhance and personalize your online experience, display personalized content, appropriate advertising, and store your preferences on your computer. A cookie is a string of information that a Website stores on a visitor's computer and that the visitor's browser provides to the Website each time the visitor returns. We use cookies to help us identify and track visitors, their usage of our Website, and their Website access preferences. If you do not wish to have cookies placed on your computers, you should set your browsers to refuse cookies before using our Website, with the caveat that certain features of the Website may not function properly without the aid of cookies. By continuing to navigate our Website without changing your cookie settings, you hereby acknowledge and agree to our use of cookies.