In accordance with our commitment to protect personal privacy, WizRocket Inc. and its U.S. operating subsidiaries (including those entities listed in Exhibit A) (collectively referred to as “CleverTap”, “we,” “us,” or “our” ) provides its customers ( “Customers” ) with the ability to analyze how their end users ( “Customer End Users” ) interact with Customer website(s) or mobile application(s) and the ability to contact Customer End Users via the CleverTap service platform (the  “CleverTap Service” ). Customers’ users of the Service and other representatives of our Customers (collectively,  “Customer Representatives” ) interact with CleverTap to establish, maintain and manage their use of the CleverTap Service. CleverTap has certified to the Department of State that it adheres to the Privacy Shield Principles (“Principles”). If there is any conflict between this Policy and the Privacy Shield Principles, then the Privacy Shield Principles shall prevail. To learn more about the Privacy Shield Program and to view our certification, please visit   https://www.privacyshield.gov/welcome .  A list of participants can be found at   https://www.privacyshield.gov/list .

This Privacy Policy (this “Policy”) describes the circumstances under which Leanplum, Inc., a New York corporation (hereinafter “Leanplum”, “we”, “us”, “our”, “ours”) collects personal information from users of our website www.leanplums.com (hereinafter “Website”) and all software and other services we provide through the Website or through third-party distributors (collectively, together with the Website, our “Services”). This Policy also describes our use and disclosure of that information. By using our Services, you consent to the collection, use, and disclosure of personal information in accordance with this Policy.

This Policy does not apply to the extent we process personal information on behalf of our Software as a Service (SaaS) business customers in our capacity as a data processor or service provider, such as information we receive and process through the Leanplum technology platform. For privacy information regarding our business customers’ use of the Leanplum platform on their mobile applications, websites, emails, texts, or other digital properties, please contact the applicable business customer directly. For Leanplum customers for whom we act as “data processors”, additional information can be found separately in our Data Processing Addendum. Personal Information

As used in this Policy, “Personal Information” means information that specifically identifies an individual end user of the Services, such as an individual’s name, address, telephone number, or email address. Personal Information also includes information about an individual’s activities, such as information about their activities on our Services, and demographic information, such as date of birth, gender, geographic region, and preferences, when such information is linked to Personal Information that identifies that individual. Personal Information does not include “aggregate” or other non-personally identifiable information. Aggregate Information is information we collect about a group or class of products, services, or users that is not personally identifiable or has had individual identities removed from it. We may use and disclose aggregate and other non-personally identifiable information for a variety of purposes.

Use of Personal Information

We use personal information to provide the services and information you request. We also use your personal information to enhance, improve, operate, analyze, and maintain our services and other systems (e.g., to troubleshoot problems); prevent fraudulent use of our services and other systems; prevent or take action against activities that violate or may violate our Terms of Service or applicable law; tailor advertising, content, and your other experiences on and in connection with the Services; keep records of our dealings with you; for other administrative purposes (e.g., to contact you with administrative information or notices); resolve disputes and enforce our agreements with you, and for any other purpose we may disclose to you at the time we request your personal information and with your consent. Disclosure of Personal Information Except as described in this policy, we will not disclose your personal information collected in the Service to any third party without your consent. Protecting Leanplum's business interests We may also disclose personal information if we believe the law requires it, or to protect our property or other legal rights (including, but not limited to, enforcing our agreements), or the rights or property of others, or to help protect the safety of our Services and other users of the Services.

Leanplum may disclose an individual’s personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Access to Personal Information

If you ask us to delete your account on any of our Services (via the user settings page, email to leanplumvip@gmail.com or otherwise), we will do so within a reasonable time, but we may need to retain some of your Personal Information to comply with our legal obligations or if we reasonably believe we have a legitimate reason to do so.

However, as a user who is a Leanplum customer, if we offer the ability to create a user account or profile on our Services, you have the right to access it by logging into your account and accessing your account settings.

International Visitors

Our servers and data centers are located in the United States. If you choose to use the Service outside of the United States, please be aware that you are transferring your Personal Information outside of your region and to the United States for storage and processing. By providing us with your Personal Information through the Service, you consent to that transfer, storage, and processing in the United States.

Security

We use reasonable, industry-standard security measures designed to protect personal information from accidental loss, disclosure, misuse, and destruction. In addition, Leanplum voluntarily undergoes annual independent audits of systems and operating practices. Please be aware, however, that no data security measures can be guaranteed to be completely effective. Therefore, we cannot ensure or warrant the security of any information you provide to us. You transmit information to us at your own risk. Always choose a password that is unlikely to be obtained or discovered by others, and never disclose your password to any third party. You are responsible for all personal information you submit through your account or user profile and for all actions taken through your account and user profile. Therefore, if your password is compromised for any reason, you should change it immediately.

Updates to this Policy

We may occasionally update this Policy. When we do, we will also revise the "Last Updated" date at the beginning of this Policy. Your continued use of our Services after an update will be subject to the then-current policy. If we change this Policy in a way that significantly reduces the restrictions on our use or disclosure of your personal information, we will make reasonable efforts to notify you of the changes and obtain your consent before applying the changes to any personal information.

Information we collected from you prior to the effective date of the change. We encourage you to review this Policy periodically to understand how we collect, use and disclose personal information.

Contact Us

If you have any questions or comments about this Policy, please contact us using the contact information provided on our website: leanplumvip@gmail.com

Non-Personal Data.  “Non-Personal Data” is information that does not identify a specific person.

1. Website users
   CleverTap collects several types of information that is about you but individually does not identify you, information comprising communications with you, about your browsing sessions using the Website (Internet activity information), including, but not limited to, browsing history, search history, and information regarding a user’s interaction with the Website and/or geolocation information (based on IP address).
2. Non-Personal Data from Customer Representatives CleverTap may receive Non-Personal Data from Customer Representatives, which may include data such as the URL of the website a Customer Representative visited before participating in the CleverTap Service, the URL of the website visited after participating in the CleverTap Service, the type of browser the Customer Representative is using, or general and/or aggregated location data that does constitute Personal Data. We, and/or our authorized Third-Party Service Providers (defined below), may automatically collect this information when Customer Representatives visit or use the CleverTap Service through the use of electronic tools like Cookies and Web beacons or Pixel tags, as described below in this Privacy Policy.
   We use Non-Personal Data to provide products and/or services to Customer Representatives, enhance the operation of the CleverTap Service, troubleshoot, administer the CleverTap Service, analyze trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorized Third-Party Service Providers to measure the overall effectiveness of our products and services.
3. Non-Personal Data from Customer End Users
   CleverTap’s Customers may electronically submit Non-Personal Data from Customer End Users to the CleverTap Service. CleverTap will not review, share, distribute, or reference any such Non-Personal Data except as provided in CleverTap’s applicable agreement with Customer, or as may be required by applicable law. CleverTap uses such Non-Personal Data for the purpose of enhancing or providing the CleverTap Service.

 

DATA TRACKING

Cookies.  To facilitate and customize your experience with the CleverTap Service, we may store cookies on your computer or other similar device through which you access the CleverTap Service. A cookie is a small text file that is stored on your computer or other device for record-keeping purposes that contains information about you. We use cookies to save you time while using the CleverTap Service, remind us who you are, and track and target your interests in order to provide a customized experience. Cookies also allow us to collect Non-Personal Data from you, like which pages you visited, what links you clicked on, and how you used the CleverTap Service. Most browsers automatically accept Cookies, however, you may be able to modify your browser settings to decline cookies.

Other Tracking Devices.  When you access the CleverTap Service, or open or click an email, pixel tags and web beacons generate a Non-Personally Identifiable notice of that action. Pixel tags allow us to measure and improve our understanding of visitor traffic and behavior on the CleverTap Service, as well as give us a way to measure our promotions and performance. We may also utilize pixel tags and web beacons provided by our marketing partners for the same purposes.

How to Opt-Out of Third-Party Tracking Technologies.  The use of tracking technologies by third parties is subject to their own privacy policies, not this Privacy Policy, and we have no responsibility or liability in connection therewith. If you do not want the services that tracking technologies provide, you may be able to opt out by visiting  http://www.aboutads.info/choices .

For sensitive information (e.g., that specifying medical/health conditions, racial/ethnic origin, political or religious beliefs, or sex life of the individual), organizations must obtain affirmative, express consent (opt-in) from individuals if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice.

DISCLOSURES AND ONWARD TRANSFERS OF PERSONAL DATA

In order to operate our websites and provide services, we may provide personal, aggregate and other associated data to third parties including our services providers and vendors that provide or perform services for us, including services such as payment processing, database management, and professional services. CleverTap discloses Personal Data only to third parties who reasonably need to know such data for the scope of the initial transaction and not for other purposes.

Such third parties must agree to use the personal data only for the purpose for which they have been engaged by CleverTap and confirm that their privacy practices are consistent with this Policy.

On occasion, we may also share Personal Data concerning a visitor with our affiliates (such as a subsidiary or affiliate of our company) and Clients in furtherance of our operations and as needed to implement visitor request.

We remain responsible for the Personal Data that we share with third parties for processing on our behalf, and we remain liable under the Principles if such third parties process such Personal Data in a manner inconsistent with the principles and we are responsible for the event giving rise to the damage.

Please be aware that CleverTap may be required to disclose Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

European Union (EU) or the United Kingdom (UK) residents

The EU and UK’s General Data Protection Regulation (GDPR) specifies that EU and UK residents have the following rights regarding the collection, storage, and processing of their personal information:

• Be informed
• Access
• Rectification
• Erasure
• Restrict processing
• Data portability
• To object
• To not be subject to a decision based solely on automated processing, including profiling
• To lodge a data protection complaint with your local supervisory authority

In compliance with both the EU and UK’s GDPR, CleverTap commits to resolving applicable inquiries and requests related to these rights. Residents of the EU and UK can send us an email to privacy@clevertap.com .

EU-U.S. Privacy Shield Framework Compliance

CleverTap is certified by the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce, and in compliance with the U.S. Federal Trade Commission regulations, regarding the collection, use, and retention of personal information from the European Union and Switzerland to the United States. CleverTap has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit  www.privacyshield.gov/ .

In compliance with the EU-U.S. Privacy Shield Principles, CleverTap commits to resolving complaints about your privacy and our collection or use of your personal information. Residents of the EU and Switzerland with inquiries or complaints can send us an email at  privacy@clevertap.com .

CleverTap has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit  https://bbbprograms.org/programs/all-programs/bbb-eu-privacy-shield-consumers/ProcessForConsumers  for more information or to file a complaint. The services of BBB EU Privacy Shield are provided at no cost to you.

As a last resort, for complaints left unresolved by all other available mechanisms, EU residents may invoke binding arbitration before the Privacy Shield Panel. The Privacy Shield Panel is an “arbitration mechanism” made up of three neutral arbitrators, meaning that it settles disputes without going to court. Its decisions, however, are binding and enforceable in U.S. courts. EU individuals can invoke arbitration through the Privacy Shield Panel, under limited conditions (in particular, the prior exhaustion of certain other redress possibilities).

CHANGES TO THIS POLICY

This Policy may be amended from time to time, consistent with the Principles and applicable data protection and privacy laws. If we make any material changes we will notify visitors by means of a notice on our website prior to the change becoming effective. We encourage visitors to periodically review this page for the latest information on our privacy practices.

DEFINED TERMS

For the purposes of this Policy, the following terms have the following meaning;

Personal Data  as defined under the European Union Regulation 2016/679 (the GDPR) means any information relating to an identified or identifiable natural person (‘data subject’)

Data Subject  means an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

Sensitive Data  (or special categories of personal data) means specifically personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, concerning health, genetic and biometric data, sex life, or sexual orientation. The same extra safeguards under the GDPR will apply to criminal convictions and offences data.

 

Exhibit A

Leanplum Inc.