Welcome to the web site (the “Site”) of Polygraf Inc. (“Polygraf”, “we”, “us” and/or “our”). This Site is operated by Polygraf and has been created to provide information about our company and our content tagging and/or labelling services, artificial intelligence (AI)-based classification services, mobile applications and other related services (together with the Site, the “Services”) to our Service users (“you”, “your”). This Privacy Policy sets forth Polygraf’s policy with respect to information including personally identifiable data (“Personal Data”) and other information that is collected from users of the Site and Services.

When you interact with us through the Services, we may collect Personal Data and other information from you, as further described below:

Information you give us

We collect Personal Data from you when you voluntarily provide such information or in response to when we ask for certain information, such as when you contact us with inquiries, respond to one of our surveys, register for access to the Services or use certain Services. You may not be able to use certain features if you choose not to submit information that is requested. This Personal Data may include information such as:

1. Contact information (e.g., name, mailing address, email address or phone number).
2. Demographic, interests and household information (e.g., age, gender or education).
3. Payment information for subscriptions or purchases made through the Services (e.g., payment card number, expiration date and billing information).
4. Comments, photos, videos and other content or information you choose to publish on the Services or otherwise share with us.
5. Information you provide when you choose to participate in demos, surveys, polls, quizzes, competitions, or promotions.
6. Location information, which may include precise location information when you permit the Services to access device location. To prevent the collection of precise location information, please refer to instructions provided by your mobile service provider or device manufacturer.
7. Other information you may allow us to access through your device’s permissions settings, such as your contacts or address book.
8. Transactional and activity information (e.g., requests, searches or orders).
9. Information that you provide us as inputs or prompts that include, but are not limited to text, audio, visual or video content or files, related directly to the use of the Services.

Information automatically collected

The Services automatically log certain information about use or visits to the Services, such as the number and frequency of visitors, technical information about browsers and devices used to access the Services, and information about crashes or other technical issues. In addition, we and third parties may automatically collect certain information through automated means about your activities over time across the Services. The tools that collect this information vary depending on the Services and include technologies such as cookies, web beacons, tags, scripts, pixels, local shared objects (including HTML5 cookies) and software development kits (“SDKs”). These technologies may be included in our web pages, mobile apps, emails, and other digital content. The tools may assign or collect unique cookie IDs or other identifiers associated with your browser or device. The tools may collect information while you are using our Services or while they are running in the background of your device.

The information automatically collected may include:

1. Information about your computer, device, browser and operating system (e.g., type, model, or version).
2. Internet protocol (IP) address, which may be used to derive your general geographic area (e.g., city and country).
3. Device identifiers (e.g., mobile advertising IDs).
4. Information about your interactions with the Services, including browsing activities and clickstream data that reflect the content you have accessed, clicked on, or viewed.
5. Information about how you accessed the Services.
6. Information about your interactions with email messages and other communications, such as whether you opened or forwarded the email or clicked on links contained in the email.

We use Google Analytics and Mixpanel, which are web analytics services. They use cookies to help us analyze how users use the Services and enhance your experience when you use the Services. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser at https://tools.google.com/dlpage/gaoptout or obtain more information on how to opt out at https://policies.google.com/technologies/ads. You may also use Mixpanel’s opt out at https://allaboutdnt.com/#adjust-settings.

In addition, we use Google AdWords Remarketing to advertise across the internet. AdWords remarketing will display relevant ads tailored to you based on what parts of the Services you have viewed by placing a cookie on your machine. Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you. For more information on how Google uses this data, go to https://google.com/policies/privacy/partners/. Users can obtain more information on how to opt-out by using Google’s Ads Settings at https://policies.google.com/technologies/ads.

Wherever Polygraf collects Personal Data we make an effort to provide a link to this Privacy Policy. By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Services, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Polygraf and the authorized third parties referred to herein located in the United States.

Information we obtain from other sources

We receive information about you from other sources and it may be combined with other information about you. For example, we may obtain data from:

1. Social Media Platforms and similar services (“Social Media Platforms”). When you engage with our content or ads on Social Media Platforms, or interact with features on the Services that contain content or features provided by Social Media Platforms (e.g., login or sign in features or tools that allow you to share our content with others on Social Media Platforms), we may obtain information from Social Media Platforms, including your username, user ID, demographic information and other information, subject to the settings and privacy practices of the relevant Social Media Platform. We may obtain this information directly from the Social Media Platform or through plug-ins, integrations or applications. Please keep in mind that the operators of the Social Media Platforms may also gather information about your use of the Digital Services and their features and tools.

Third Party Tracking; Do Not Track Signals

We may (and we may allow third parties to) use cookies or other technologies to collect information about your browsing activities over time and across different websites following your use of the Services. Our Service currently does not respond to “Do Not Track” (DNT) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do so in the future, we will describe how we do so in this Privacy Policy. However, you may elect not to accept cookies by changing the designated settings on your web browser. Please note that some features of our Site may not function without essential cookies.

Non-Identifiable Data

When you interact with Polygraf through the Services, we receive and store certain personally non- identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. Polygraf may store such information itself or such information may be included in databases owned and maintained by Polygraf affiliates, agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors' Internet service providers. It is important to note that no Personal Data is available or used in this process.

If you make a purchase through or in connection with a Service, we use your payment card information (e.g., your card number and expiration date) for limited purposes such as to process your transaction (including recurring payments, if applicable), to provide you with the requested products or services and for the purposes described under the section “To protect our rights or the rights of others” below.

With respect to information other than your payment card information, we use that information:

To provide you with the Services. This includes:

1. Processing your requests regarding the Services and our subscriptions, products or services, or your participation in a survey, promotion, event or similar initiative.
2. Providing customer assistance or technical support.
3. Customizing content, providing recommendations and enhancing the quality and your overall experience with the Services, including by retaining your user preferences or presenting content in the most effective manner for the browser or device you use to access the Services.
4. Maintaining, operating, improving and developing the Services and related content, products or services, including developing new products and features based on users’ interactions with the Services and automatically updating the Services on your devices.
5. Learning about users of the Services and analyzing how you and others interact with and respond to the Services, including by measuring and optimizing usage, reliability and performance, conducting market research, analyzing trends, and supporting our operations (e.g., for accounting, auditing, financial, legal or other purposes).

To communicate with you. This includes:

1. Sending you informational messages about the Services (e.g., to confirm your activity or notify you of changes to a Service).
2. Delivering marketing or promotional communications.
3. Responding to your questions or addressing your requests.
4. Communicating with you about surveys, promotions or events.

For advertising and marketing purposes. This includes:

1. Developing, managing and conducting advertising and marketing campaigns, promotions and offers, including about our products and services and other initiatives.
2. Analyzing and measuring the performance, effectiveness and reach of our advertising and marketing efforts.

To protect our rights or the rights of others. This includes:

1. Detecting, preventing and responding to fraud or potentially illegal activities, misuse of the Services, intellectual property infringement or other violations of law, this Privacy Policy, our Terms of Use or other Polygraf policies and agreements.
2. Performing audits, assessments and testing or troubleshooting activities.
3. Backing up our systems (including for disaster recovery purposes) and enhancing the overall security of the Services.
4. Complying with and enforcing applicable industry and legal requirements (including legal process such as court orders, warrants or subpoenas) and fulfilling contractual obligations.

In an ongoing effort to better understand and serve the users of the Services, Polygraf often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Polygraf may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Polygraf may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, to other third parties for other lawful purposes, or to the public for general advertising purposes.

To the extent the Services include the use of Google APIs, use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

Polygraf is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

1. Affiliates and Subsidiaries. We work closely with our affiliates and subsidiaries with whom we share your information as necessary or appropriate to operate the Services.
2. Service Providers. In connection with the operation and provision of the Services, we engage various third parties to provide services or handle transactions on our behalf, such as payment card processing, email distribution, list processing, postal mailing, cloud computing, analytics, digital content performance measurement, promotions or events. These service providers use the information we provide to them as necessary or appropriate for the performance of their services.
3. Advertisers, Advertising- and Marketing-Related Service Providers and Partners. We may provide your information to advertisers, advertising agencies, ad networks, ad exchanges, marketing businesses, technology vendors and other entities that create, deliver and assess advertising or marketing campaigns, including interest-based ads. We may allow third-party ad servers or ad networks to serve advertisements on the Services. These third-party ad servers or ad networks use technology to send, directly to your browser or mobile device, the ads and ad links that appear on the Services, and will automatically receive your IP address when they do so. They may also use other technologies (such as cookies, JavaScript, device identifiers, location data, and clear gifs, see above) to compile information about your browser's or device's visits and usage patterns on the Services, and to measure the effectiveness of their ads and to personalize the advertising content. We do not sell, rent, or share the information we collect directly from you or about you from third parties with these third-party ad servers or ad networks for such parties’ own marketing purposes. Please note that an advertiser may ask us to show an ad to a certain audience of users (e.g., based on demographics or other interests). In that situation, we determine the target audience and serve the advertising to that audience and only provides anonymous aggregated data to the advertiser. If you respond to such an ad, the advertiser or ad server may conclude that you fit the description of the audience they are trying to reach. This Privacy Policy does not apply to, and we cannot control the activities of, third- party advertisers. Please consult the respective privacy policies of such advertisers or contact such advertisers for more information.
4. Maintaining, operating, improving and developing the Services and related content, products or services, including developing new products and features based on users’ interactions with the Services and automatically updating the Services on your devices.
5. Social Media Platforms. If you interact with social media widgets, share content using social media share buttons, or access features of the Services that contain content or features provided by Social Media Platforms, the relevant Social Media Platforms may collect information. We encourage you to review the privacy policies of the Social Media Platforms that you engage with as we are not responsible for their privacy practices.
6. Business Partners. We may provide your information to business partners including, without limitation, joint marketing partners and sponsors, for various purposes. For example, we may partner with a third party to offer products or services on a co-branded, co-sponsored or cross- promotional basis that involves the sharing of information. These initiatives may be offered on the Services or on other media.
7. Other Parties When Required by Law or As Necessary to Protect Our Rights. We may share your information as we believe is necessary or appropriate to protect, enforce, or defend our legal rights, the privacy or safety of our employees, users of the Services or other individuals and entities, or to comply with or enforce applicable industry standards, law or legal process, including responding to court orders, warrants, subpoenas and other requests from public and government authorities.
8. Corporate Transactions. We reserve the right to transfer any of the information we have about you to proceed with the consideration, negotiation, or completion of a sale or transfer of all or a portion of our business or assets to a third party, such as in the event of a merger, acquisition or other disposition, or in connection with a bankruptcy reorganization, dissolution, or liquidation.

With Your Consent or Otherwise at Your Direction. In addition, we may share your information with third parties when you consent to or request such sharing.

Direct Marketing Opt-Outs

1. Email marketing. You may opt out of receiving marketing or promotional emails from us by clicking on the “unsubscribe” link contained in such emails. Depending on the Service you use, you also may be able to opt out of marketing or promotional emails by logging into your account and managing your email preferences. Please keep in mind that if you opt out of receiving marketing or promotional emails, we may still send you transactional emails or other communications relating to your use of the Services (e.g., to confirm your activity, to inform you of changes to a Service or in response to your password recovery request).
2. Text message marketing. If you choose to participate in a text message marketing campaign or promotion offered in connection with a Service, you may opt out of receiving marketing texts from us by following the instructions contained in those messages (e.g., texting the word STOP) or provided to you when you elected to receive text message marketing.
3. Co-Branded, Co-Sponsored or Cross-Promotional Offerings. If you choose to participate in a co- branded, co-sponsored or cross-promotional offering, the brand, sponsor or other third party involved in that offering may use your information for its own purposes, including advertising and marketing purposes. You must contact the relevant third party directly to exercise your opt out choices with respect to such party’s use of your information.

Website (Browser) Opt-Out

1. Disabling Cookies. Most browsers accept cookies by default. You may be able to change the settings to have your browser refuse certain cookies or notify you before accepting cookies. If you choose to disable the use of cookies in your web browser, some features of the Services may become difficult to use or unavailable.
2. Opt-out Cookies. You can follow the instructions provided by the Digital Advertising Alliance (“DAA”) here and/or the Network Advertising Initiative (“NAI”) here to place an opt-out cookie on your browser. These opt-out cookies enable you to block participating companies from installing future cookies on your computer or browser.
3. If you place opt-out cookies but subsequently clear or delete cookies on your computer or device browser, your opt-out cookies may be deleted and you may have to renew your opt- out choices for that specific browser.
4. The opt-out mechanisms offered by the DAA and NAI are provided by third parties. Polygraf does not control or operate these mechanisms or the choices provided through these mechanisms.

Mobile App Opt-Out

1. Device Settings. To limit interest-based advertising on your mobile device, you can review and adjust the settings provided by your device manufacturer, such as “ Limit Ad Tracking ” for iOS or “ Opt-out of interest-based ads ” for Android
2. AppChoices Application. You can download the “AppChoices” application provided by the DAA from your app store. AppChoices offers a mechanism to limit the collection of app data used for interest-based ads by participating companies. See here for more.

Please keep in mind that as the mobile environment continues to evolve, additional opt-out mechanisms or privacy settings may become available to you. We encourage you to review the information on opt- outs and settings that device manufacturers, technology companies and industry associations make available to you.

Do Not Track

Polygraf does not currently take steps to respond to browsers’ “Do Not Track” signals as no uniform standard to respond to such signals has been developed at this time.

Additional Choices

1. User account and information. If you have created an account on a Service, you may be able to review some of your information for that account by logging in and updating your information or user preferences. You may also submit a request to delete your account and certain Personal Data we have collected about you in connection therewith by sending your request to policy@polygraf.ai or the physical address provided in the Contact Us section of this policy. Notwithstanding the foregoing, Polygraf reserves the right to retain certain information to comply with applicable law or regulation, prevent fraud, resolve disputes, enforce any agreement with you and take any other actions permitted by law.
2. Device Settings. For relevant Services, you may be able to review and adjust your preferences by updating the settings on your device (e.g., permitting us to collect precise location information).
3. Push Notifications. If a Service enables push notifications on your device, you may review and update your push notification preferences by adjusting the settings on your device. For example, you can select the relevant app from “Notifications” (for iOS devices) or “App notifications” (for Android devices) and turn off alerts accordingly.

Polygraf takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. We cannot guarantee its absolute security. Please keep this in mind when disclosing any Personal Data to Polygraf via the Internet.

We operate the Services from the United States. Any information we obtain about you in connection with your use of the Services may be processed and stored in the United States or other countries.

Polygraf does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Polygraf through the Services, please contact us a policy@polygraf.ai , and we will endeavor to delete that information from our databases.

This Privacy Policy applies only to the Services. The Services may contain links to other web sites or properties not operated or controlled by Polygraf (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that Polygraf endorses or has reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.

This Privacy Policy does not apply to web pages hosting our careers or job opportunities. Any information obtained through such pages is governed by the privacy notices published thereon.

The Services and our business may change from time to time. As a result, at times it may be necessary for Polygraf to make changes to this Privacy Policy. Polygraf reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy will be governed by the terms of such revised Privacy Policy.

This Privacy Policy does not apply to any Personal Data collected by Polygraf other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to Polygraf through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Polygraf shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

Your access to and use of a Service is subject to, as applicable, the Terms of Use at https://polygraf.ai/terms-of-use and/or any other agreement governing such Service

If you have any questions about this Privacy Policy, please contact us by email at policy@polygraf.ai . For questions related to your CCPA rights, please contact us by email at policy@polygraf.ai .

You may also contact us via mail at Polygraf, Inc.,

Polygraf Inc.

305 E Huntland Dr,

Suite 400F, Austin, TX 78752

USA

Attn: Policy

This section applies only to residents of the State of California.

Categories of Personal Information We Collect

The California Consumer Privacy Act of 2018, as amended from time to time (“CCPA”) requires specific disclosures for each category of personal information that we collect. The table below summarizes our general data handling practices which are more fully described in this Privacy Policy.

Your CCPA Rights

Residents of California may have the following rights:

Right to know and access your personal information. Under CCPA, you have the right to:

1. Know the categories of personal information we collect and the categories of sources from which we got the information;
2. Know the business or commercial purposes for which we collect and share personal information;
3. Know the categories of third parties and other entities with whom we share personal information; and
4. Access the specific pieces of personal information we have collected about you.
5. Right to deletion. In some circumstances, you may ask us to delete your personal information.
6. Right to opt out of sales. We do not currently share your personal information with third parties in ways that may constitute a “sale” under CCPA. In the event that we do so in the future, we will update this Privacy Policy and you may then request that we not “sell” your personal information on a going forward basis. If you reengage with us after opting out of the “sale” of your personal information, such as by purchasing or subscribing to a product or service or signing up for communications your personal information will be collected and used in accordance with this Privacy Policy

To exercise any of the above, please submit your request to policy@polygraf.ai and include your name, email address, phone number, and California postal address.

Right to be free from discrimination. You may exercise any of the above rights without fear of being discriminated against. We are permitted to provide a different price or rate to you if the difference is directly related to the value provided to you by your data.

For any of the above-mentioned rights, you may designate an authorized agent to make a request on your behalf. In the request, you or your authorized agent must provide including information sufficient for us to confirm the identity of an authorized agent. We are required to verify that your agent has been properly authorized to request information on your behalf and this may take additional time to fulfill your request.

We will use the information you provide to make your CCPA rights requests to verify your identity, identify the personal information we may hold about you and act upon your request. We strongly recommend that you submit the email and postal address that you used when you created accounts, subscriptions or signed up for communications. After you submit a CCPA rights requests, you may be required to verify access to the email address you submitted in order for us to proceed with your CCPA rights requests. Please check your spam or junk folder in case you can't see the verification email in your inbox. If you are a California resident and have any questions regarding your CCPA rights under this Privacy Policy, please contact us at policy@polygraf.ai .

Minors

We do not knowingly collect or disclose personal information of minors under the age of 16, without affirmative authorization.

The following section applies only to individuals in the European Economic Area (“EEA”).

Legal bases for using your information

We process personal information for different purposes (as described in the “How We Use Information We Obtain” section, above) on the following legal bases:

1. To perform our contractual obligations to you. We and our service providers process your information to perform our contractual obligations to you when we use your information to provide you with the Services and related content, products or services and to communicate with you. For example, when you purchase a product, service or subscription from us, we process your payment and contact information as necessary to confirm the purchase and we process your contact information and other details to provide you with support services you request. We also send you informational communications on this basis, including to confirm activity or to notify you of a change to a Service. Failure to provide requested information could prevent or delay the fulfilment of our contractual obligations.
2. To pursue our legitimate interests. We process your information to meet our legitimate interests when we use your information to provide you with the Services and related content, products or services, to communicate with you and for our advertising and marketing purposes. For example, our legitimate interests include making improvements to, customizing and understanding how you interact with the Services and related content, products or services, and sending you communications about products and services we think may be of interest to you. To accomplish our legitimate interests, we may share your information with our affiliates and subsidiaries, service providers and business partners (including for our advertising and marketing purposes) and in the context of a corporate transaction. We maintain safeguards to protect the information we process to pursue our legitimate interests.
3. To comply with our legal obligations. We process and share your information as necessary to comply with our legal obligations when we use your information to protect our rights or the rights of others and when we share your information with other parties where required by law or as necessary to protect our rights. For example, we may be required to collect certain information from you when processing your purchase payments for tax or financial reporting reasons.
4. With your consent. We obtain your consent to process your information when we are required to do so by law. If consent is the legal basis on which we process your personal information, you can withdraw your consent at any time by contacting us using the information provided in the “Contact Us” section above.

Additional rights

In addition to other rights you may have under this Privacy Policy, as an individual located in the EEA you have the right to:

1. request copies of your Personal Data (we may charge you a small fee for this service);
2. where Personal Data is inaccurate or incomplete, ask for Personal Data to be rectified or completed;
3. request the transfer of your Personal Data to another party;
4. ask that Personal Data be erased;
5. make a complaint to a European data protection authority about the manner in which we process your Personal Data; and
6. object to us processing your Personal Data by asking for the processing of that Personal Data to be restricted or stopped, under certain conditions.

If you would like to discuss or exercise such rights, please contact us at data - policy@polygraf.ai . We will contact you if we need additional information from you in order to honor your requests.

Storing your information

We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:

1. Maintain business records for analysis, understanding market trends and/or audit purposes and to improve the Services.
2. Comply with record retention requirements under applicable laws or other relevant legal or regulatory requirements.
3. Defend, establish, exercise or bring any existing or potential legal claims.
4. Carry out fraud detection and prevention.
5. Deal with any complaints regarding the Services

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

Information collected through the Services will be processed in and subject to the laws of the United States, which may not provide the same level of protection for your personal information as your home country. If we transfer personal data from the EEA and Switzerland we put in place safeguards. In particular, such safeguards include European Commission- approved standard contractual clauses. For more information on these safeguards, please contact us at the details provided in the “Contact Us” section above.

Where changes to this Privacy Policy have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you advanced notice so that you have the opportunity to exercise your rights (e.g., to object to the processing).

We are committed to working with you to obtain a fair resolution in the event you have a complaint or concern about privacy. We can be contacted at policy@polygraf.ai . If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to a data protection authority.