ERICOM SOFTWARE PRIVACY NOTICE

Ericom Software Ltd. and all of its subsidiaries worldwide (“we”, “us”, “our” or “Ericom”) respect your right to privacy. Your ability to make informed choices about the use of your information is important to us. This Privacy Notice explains our policy regarding the collection, use, disclosure, and protection of information we receive when you visit our websites, message boards, chat features, and blogs (the “Sites”) and/or use our products and services (collectively, with the Sites the “Services”), as well as your ability to control certain uses of the collected information. “You” means any adult user of the Sites or Services, as well as any of Ericom’s customers (“Customer”) or end user of any customer.

Ericom Software Ltd. is the data controller in respect of the processing of Personal Information (as defined below), as well processing activities in respect of the Site, outlined in this Privacy Notice. Our registered office is Ericom Software Ltd., 12 Hartom Street, Jerusalem 9777512 Israel and our registration number is 51-189151-7. If you are an end user of any Customer, the Customer is the data controller in respect of the processing activities outlined in this Privacy Notice.

Please review this Privacy Notice carefully. When you use or access the Services or when you submit information to or through the Services, you consent to the collection and processing of your information as described in this Privacy Notice. Although you do not have to provide any of your Personal Information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods, or services you want from us.

Ericom Sites may link to third-party sites not controlled by us and that do not operate under our privacy practices. When you link to third-party sites, our privacy practices no longer apply. We encourage you to review each third-party site’s privacy policy before disclosing any personally identifiable information.

Privacy Notice Key Points

The key points listed below are presented in further detail throughout this Privacy Notice. These key points do not substitute the full Privacy Notice.

Personal Information We Collect. When you register to use the Services, we collect the information you provide to us when completing online forms. We also (automatically) collect information about your use of the Site and Services. If you contact us for questions, we will collect the information related to your inquiry. We also may obtain information about you from third party sources as permitted by applicable law, such as public databases, resellers, and channel partners, joint marketing partners, and social media platforms.

Basis for Processing Your Personal Information. Processing your Personal Information (as further described in this Privacy Notice) is necessary for the provision of the Services to you. Processing for the purposes of developing and enhancing our Services, for analytics and usage analysis, for legitimate marketing purposes (in accordance with applicable law), for fraud prevention and security, and for our recordkeeping and protection of our legal rights – are all necessary for the purposes of legitimate interests that we pursue. In addition, we may process your Personal Information for marketing purposes, subject to your consent as may be required under applicable law.

How We Use the Information We Collect. We use the information (including Personal Information) we collect mainly to administer and provide the Services, contact you with administrative information, contact you with marketing offers, and improve the Services.

Sharing the Personal Information We Collect. We may share Personal Information we collect with our service providers and subcontractors who assist us in the operation of the Services and process the information on our behalf and under our instructions, as well as with our business partners and affiliates with whom we may offer you other products and services and who may offer you products and services, based on your preferences. Personal information may also be shared with the Customer who gives you the right to use the Services.

International Transfer. We may use service providers and/or subcontractors and/or cooperate with or have Customers, business partners, and affiliates located in countries other than your own, and send them your Personal Information. We will protect your Personal Information in accordance with this Privacy Notice wherever it is processed and will take appropriate contractual or other steps to protect the relevant Personal Information in accordance with applicable laws.

Your Rights. Subject to applicable law and additional rights as set forth below, you may have a right to access, update, and/or delete your Personal Information and obtain a copy of the Personal Information we have collected about you. You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Information processed for direct marketing purposes. You also have the right to object at any time to processing your personal data for marketing purposes.

Use of Cookies and Similar Technologies. We use cookies and similar technologies to help personalize your experience on the Sites. You can adjust your settings to determine which cookies you do or do not allow. Changing your settings and/or deleting existing cookies may affect the Services.

Retention. We retain information for as long as necessary for the purposes set forth in this Privacy Notice.

Security. We implement industry standard measures aimed at reducing the risks of damage and unauthorized access or use of Personal Information, but they do not provide absolute information security.

Changes to the Privacy Notice. We may change this Privacy Notice from time and shall notify you of such changes as described below.

WHAT PERSONAL INFORMATION DO WE COLLECT AND HOW WE USE IT?

1. Information we collect from you: In this Privacy Notice, “Personal Information” is information from website users, online community participants, those making product or purchase inquiries, and others (collectively referred to as “you” or “customers” or “users”) that can be used to directly or indirectly identify you. It is our policy to collect only the minimum Personal Information required from you. If you believe we have collected excessive Personal Information about you, please contact us to raise any concerns you may have. A list of contact methods is provided at the bottom of this Privacy Notice. We will collect Personal Information when you voluntarily provide it to us. For example, we collect Personal Information when you order, register for (or to use), or request information about the Services, subscribe to marketing communications, request support, complete surveys, provide in product feedback, or sign up for an Ericom event or webinar. We may also collect Personal Information from you offline, such as when you attend one of our events, during phone calls with sales representatives, or when you contact customer support. The Personal Information we collect (and retain) may include contact information such as your name, address, telephone number, or email address. It may also include professional information, such as your job title, professional contact information, department or job role, as well as the nature of your request or communication. We also collect information you choose to provide to us when completing any ‘free text’ boxes in our forms (for example, for event sign-up, product feedback, or survey requests). When purchasing Services, we may also collect billing and transactional information. Examples of how may use your information include:
   • to communicate with you, to deliver products/services to you;
   • to respond to your requests or provide information requested by you;
   • to bill you for products/services you purchased;
   • to administer product downloads and to confirm your compliance with our licensing and other terms of use;
   • to communicate with you about our events or our partner events; and
   • to provide you with ongoing service and support, such as product updates, fixes, and product and service recommendations.

   We may also use your Personal Information to send you, or to have our business partners or marketing agencies send you, direct marketing information or contact you for marketing research and to alert you to product upgrades, special offers, updated information, and other new services from us. At a minimum, we will always give you the opportunity to “opt out” of receiving materials you choose to unsubscribe or to notify us directly by email to privacy@ericom.com of your desire to unsubscribe from our marketing activities. Where required by local law, however, Ericom Software will provide you with the opportunity to “opt in” prior to receiving direct marketing information from us.

   We may also collect Personal Information disclosed by you on our message boards, chat features, and blogs (collectively with the Ericom websites, the “Sites”) to which you are able to post information and materials. Any information that you disclose in those forums becomes public information and may, therefore, appear in public ways, such as through search engines or other publicly available platforms, and may be “crawled” or searched by third parties. It could also be read, collected or used by other users to send you unsolicited messages. Please do not post any information that you do not want to reveal to the general public. Additionally, the Services may include social media features, such as the Facebook®, LinkedIn®, and Twitter® buttons. These services allow you to authenticate your identity or provide you the option to share certain Personal Information with us such as your name, email address, persona, or handle in order to pre-populate our sign up form or interact with our Services. These features may also collect your IP (Internet Protocol) address, which page you are visiting on our site, and may set a cookie (see “Cookies and Other Data Collection Technologies” below) to enable the feature to function properly. These features may also give you the option to post information about your activities on our websites to your profile page to share with others within your network. Your interactions with these features are governed by the privacy policy of the company providing them.

   When you make any purchase through our websites, you must make that payment to us using the Authorize.net (at https://www.authorize.net/) or Braintree Payment Solutions (at https://www.braintreepayments.com) payment gateways. We do not collect any payment information from you; we merely process that data in passing it on to Braintree or Authorize.net, as applicable, for them to process the payment. All credit card information (numbers, expiration dates, CVC number) are managed by our secure payment gateway via Braintree or Authorize.net, as applicable, which works to protect the security of your credit card information by using Secure Sockets Layer (SSL) technology (the industry standard to secure online commerce transactions) to encrypt the information you input. When submitting your payment information to Braintree or Authorize.net, please note that they each have their own privacy policy (for Braintree see https://www.paypal.com/us/webapps/mpp/ua/privacy-full and for Authorize.net see http://www.authorize.net/company/privacy/) and that we do not accept any responsibility or liability for either privacy policy. Please check the applicable privacy policy before you submit any personal data to Braintree or Authorize.net.

   We do not intend to collect special category (also known as sensitive) Personal Information through our Services. Examples of special category information are: race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records. We ask that you do not provide us with such sensitive information when using the Services.

   We will collect and handle the data you provide to us on your application and/or CV based on the necessity to process this information in order to possibly enter into an employment contract. This information may include sensitive or special categories of personal data. Where you have provided employment references to us as part of your application, we will contact those referees and ask them to provide a reference about you. As part of this process, we will disclose your name and the fact that you have applied to work with us to your referees. We also use the information you have provided to us when applying for jobs to record who is applying for jobs with us and to make sure we are attracting a diverse range of applicants.

   You can object to our processing as explained above by contacting us at privacy@ericom.com, but if you choose to object, we will be unable to process your job application any further

2. Information we automatically collect: If you visit our Sites to browse, read, or download information, your web browser automatically sends us (and we may retain) information such as the: Internet domain through which you access the Internet (e.g., yourServiceProvider.com), the IP address of the computer you are using; type of browser software (such as Firefox, Safari, or Internet Explorer) and operating system you are using; date and time you access the Site; and the Internet address of the site from which you linked directly to our Site. In some countries, including the European Economic Area, this information may be considered Personal Information under applicable data protection laws. We will use this information as aggregate data to help us maintain the Sites, e.g., to determine the number of visitors to different sections of our Sites, to ensure the Sites are working properly, to help us make our Sites more accessible and useful, to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks, and to determine the effectiveness of marketing and promotional campaigns. We will not use this information to identify individuals, except for site security purposes.We use cookies to collect information about store your online preference. Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. To find out more about the specific cookies Ericom uses please visit: “Cookie Policy.”
3. Information from third party sources and affiliated companies: From time to time, we may obtain information about you from third party sources as permitted by applicable law, such as public databases, resellers, and channel partners, joint marketing partners, and social media platforms. Examples of the information we may receive from other sources include: account information, job role and public employment profile, service and support information, information about your product or service interests or preferences, page-view information from some business partners with which we operate co-branded services or joint offerings, and credit history information from credit bureaus. We may use the information we receive from you to better understand you and/or maintain and improve the accuracy of the records we hold about you, as well as to position, promote, or optimize our Services. We may also use this information in conjunction with your browsing habits/ preferences (as obtained from our data partners) and your contact details, professional information and Ericom transaction history (as obtained from our customer relationship management database) to deliver targeted advertising and marketing to you, where permitted by applicable law and in accordance with your advertising / marketing preferences.

HOW WE SHARE YOUR INFORMATION

Ericom takes care to allow your Personal Information to be accessed only by those who really need to in order to perform their tasks and duties and to share with third parties who have a legitimate purpose for accessing it.

We may share Personal Information about you with third parties in the following circumstances:

1. With your Consent: We may disclose your Personal Information for any purpose with your consent.
2. Ericom Affiliates: As a global company, Ericom may share your Personal Information with other Ericom offices around the world. This information may be shared and used to provide services and support, provide recommendations to optimize product and service use, to provide customers and prospective customers with information about the range of available products and services, and for the purposes otherwise described in this Privacy Notice. Please note, however, the entities concerned are also governed by this Privacy Notice.
3. Service Providers: We may share your Personal Information with third parties, such as vendors, consultants, agents, and other service providers who work on our behalf. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis and insight, and technical support and customer service. Unless expressly described in this Privacy Notice, we do not share, sell, rent, or trade any of your Personal Information with third parties for their own promotional purposes.
4. Business Partners: We may provide your Personal Information to our channel partners, such as distributors and resellers, to fulfill product and information requests, to effectively deliver unified support, and to provide customers and prospective customers with information about Ericom and its products and services. From time to time, Ericom may engage in joint sales or product promotions with selected business partners. If you purchase or specifically express interest in a jointly-offered product, promotion or service, we may share relevant Personal Information with those partners. Please be aware that Ericom does not control our business partners’ use of such information. Our partners are responsible for managing their own use of the Personal Information collected in these circumstances. We recommend you review the privacy policies of the relevant partner to find out more about their handling of your Personal Information.
5. Vital interests: We may disclose your Personal Information where we believe it necessary in order to protect the vital interests of any person.
6. Compliance with laws or any competent law enforcement body, regulatory body, government agency, court or third party: We may disclose your Personal Information where we believe disclosure is necessary or required (i) by law or regulation, in order to comply with legal process or government requests (including in response to public authorities to meet national security or law enforcement requirements); (ii) to exercise, establish or defend our legal rights and (iii) for the purpose of conducting export law compliance checks.
7. Business transfers: We may share or transfer your Personal Information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your Personal Information shall only be used in accordance with this Privacy Notice.
8. Other legitimate business purposes: We may share your Personal Information when it is necessary for other legitimate purposes such as protecting Ericom’s confidential and proprietary information or where necessary to support, respond to, and to provide our products and services to our customers.

INTERNATIONAL TRANSFERS OF INFORMATION

Personal Information, including Personal Information collected from individuals residing in the European Economic Area (“EEA”) or Switzerland, may be transferred, stored and processed by us and our services providers, partners, and affiliates in the United States and potentially other countries whose data protection laws may be different to the laws of your country, for example to Israel, which has been deemed to provide adequate protection for Personal Information by the European Commission. We will protect your Personal Information in accordance with this Privacy Notice wherever it is processed and will take appropriate contractual or other steps to protect the relevant Personal Information in accordance with applicable laws. These steps include implementing the European Commission’s Standard Contractual Clauses for transfers of Personal Information from our group companies in the EEA to our other group companies. Our Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our service providers, partners, and affiliates.

Ericom complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Ericom has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, Ericom commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Ericom at: privacy@ericom.com

Ericom has further committed to refer unresolved Privacy Shield complaints to Verasafe, an alternative dispute resolution provider located in the [United States]. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit VeraSafe Privacy Shield Dispute Resolution Procedure for more information or to file a complaint. To file a complaint with VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://verasafe.com/public-resources/dispute-resolution/submit-dispute/. The services are provided at no cost to you.

Inform individuals about (see Privacy Policy FAQs):

• Ericom does not provide your information to any 3rd parties without prior written consent
• You have the right to access any of your personal data
• Ericom is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC)
• You have the ability, under certain conditions, to invoke binding arbitration
• Ericom may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
• Ericom may be found liable in cases of onward transfers to third parties

Please note that in certain circumstances, Ericom Software Inc. will be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

SECURITY AND CONFIDENTIALITY

Ericom maintains (and requires its service providers to maintain) appropriate organizational and technical measures designed to protect the security and confidentiality of any Personal Information we process. For example, Ericom employs physical access controls, encryption, Internet firewalls, intrusion detection, and network monitoring depending on the nature of the information and the scope of processing. Ericom staff who may have access to Personal Information are required to keep that information confidential. While we strive to protect your Personal Information, we also need your cooperation. No security procedures or protocols are ever guaranteed to be 100% secure, and so we encourage you to take care when disclosing Personal Information online and to use readily available tools, such as Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

ACCESS, CORRECTION, AND REMOVAL TO YOUR PERSONAL INFORMATION

We respect your right to access, correct, request deletion or request restriction of our usage of your Personal Information as required by applicable law. We also take steps to ensure that the Personal Information we collect is accurate and up to date. We will honor any statutory right you might have to access, modify or erase your Personal Information. To request access and to find out whether any fees may apply, if permitted by applicable national laws, please contact us at privacy@ericom.com. Where you have a statutory right to request access or request the modification or erasure of your Personal Information, we can still withhold that access or decline to modify or erase your Personal Information in some cases in accordance with applicable national laws. If you request that we stop processing some or all of your Personal Information or you withdraw (where applicable) your consent for our use or disclosure of your Personal Information for purposes set out in this Privacy Notice, we might not be able to provide you all of the Services. Please note that to ensure that we do not collect any further Personal Information, you should also clear our cookies from any device where you have used our Services. We may retain certain Personal Information (including following your request to delete) for audit and record-keeping purposes, as well as other purposes, all as permissible and/or required under applicable law. We may also retain your information in an anonymized form. Subject to the limitations in applicable law, you may request that we suspend the use of Personal Information the accuracy of which you may contest, while we verify the status of that Personal Information. Subject to applicable law, you may have the right to object to processing of your Personal Information for certain purposes.

You have a right to know what Personal Information we collect about you and, in some cases, to have the information communicated to you. Subject to the limitations in applicable law, you may be entitled to obtain from us a copy of the Personal Information you provided to us (excluding information that we obtained from other sources) in a structured, commonly-used, and machine-readable format, and you may have the right to (request that we) transmit such Personal Information to another party. If you wish to exercise this right please contact us letting us know what information in particular you would like to receive and/or transmit. Subject to applicable law, we may charge you with a fee. Please note that we may not be able to provide you with all the information you request, for instance, if the information includes Personal Information about another person. Where we are not able to provide you with information that you have asked for, we will endeavor to explain to you why. We will try to respond to any request for a right of access as soon as possible.

You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Information processed for direct marketing purposes. If you do, please notify us by contacting us as detailed in this Privacy Notice. We will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.

If you are a registered user or have been named as a “Contact” for a company, you may send a request to review and update your Personal Information at any time by contacting Ericom at privacy@ericom.com and request to see the Personal Information details Ericom has collected. While you are named as the “Contact” for a particular company, Ericom will direct to you most of the correspondences for such company. If you do not wish to receive further correspondence for and on behalf of your company, you may change the “Contact” to another individual after consultation with your company.

In the alternative, if you do not wish to receive further direct marketing materials, you may “unsubscribe” the relevant marketing materials. If you are no longer the “Contact” for a particular company, we will retain in our files some of your Personal Information to prevent fraud, resolve disputes, troubleshoot problems, enforce our Legal Notice and Terms of Use, respect your opt-out preferences, and comply with legal requirements as permitted by law.

PERSONAL INFORMATION RETENTION

We retain your Personal Information for as long as necessary to provide the Services you have requested or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies. How long we retain Personal Information can vary significantly based on context of the Services we provide and on our legal obligations. After it is no longer necessary for us to retain your Personal Information, we will dispose of it in a secure manner according to our data retention and deletion policies. The following factors typically influence retention periods:

1. How long is the Personal Information needed to provide our Services? This includes such things as maintaining and improving the performance of our Services, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most of our data retention periods.
2. Have you provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
3. Are we subject to a legal, contractual, or similar obligation to retain your Personal Information? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or Personal Information retained for the purposes of litigation.

CHILDREN AND PRIVACY

Protecting the privacy of young children is especially important. The Services are not intended to be used by minors, and we do not knowingly collect Personal Information from children under the age of 18 without obtaining parental consent. If you are under 18 years of age, then please do not use or access the Services at any time or in any manner. If we learn that Personal Information has been collected on the Services from persons under 18 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. To the extent that a minor has posted such information on the Service, the minor (and the minor’s parent/guardian) has the right to have this content deleted by contacting us at privacy@ericom.com.

DO NOT TRACK

Do Not Track (“DNT”) is a privacy preference that you can set in some web browsers. This feature can send a signal to websites you visit indicating you do not want to be tracked. While there is no accepted standard on how to respond to web browsers DNT signals, our website may not recognize or take action in response to DNT signals from web browsers.

CHANGES TO THIS STATEMENT

We reserve the right to change the provisions of this Privacy Notice from time to time by posting the new text on its Sites. We will alert you that changes have been made by indicating on the Privacy Notice the date it was last updated. We encourage you to review this Privacy Notice from time to time to make sure that you understand how any Personal Information you provide will be used. Unless otherwise provided, the revised terms will take effect when they are posted. Once any changes that we make to this Privacy Notice become effective, your continued use of the Services after such time will signify your acceptance of the new terms.

QUESTIONS/COMMENTS

If you have concerns or comments about Ericom’s Privacy Notice and related practice, or you would like Ericom not to provide your Personal Information to carefully selected companies or you would like to stop receiving information from Ericom or its partners, or you want to correct or update your Personal Information: Contact Ericom by emailing us at privacy@ericom.com or you can reach the Global Privacy Office in writing at: Ericom Software Ltd., Attn: Privacy: 12 Hartom Street, Jerusalem 9777512 Israel.