BLACKDOT CAPITAL, LLC and its subsidiaries and affiliates (collectively, “BLACKDOT”, “us”, “we” or “our”) created this privacy policy (“Privacy Policy”) to advise you about BLACKDOT’s information practices, such as the types of information we collect and how we may use that information, and to inform you about your privacy rights and how the law protects you. We urge you to read this Privacy Policy carefully. Please also review our Terms of Use, which govern your use of the Sites (as defined below).

This Privacy Policy is provided in a layered format so you can click through to the specific areas set out below.

Individuals in the European Union (“EU”) should be sure to read the important information provided here, in addition to the other provisions in this Privacy Policy.

I. IMPORTANT INFORMATION AND WHO WE ARE

II. THE INFORMATION WE COLLECT ABOUT YOU

III. HOW IS YOUR PERSONAL INFORMATION COLLECTED

IV. THIRD PARTY INTERACTIONS

V. THIRD PARTY ANALYTICS PROVIDERS & AD SERVERS; ONLINE TRACKING

VI. HOW WE USE YOUR PERSONAL INFORMATION

VII. DISCLOSURES OF YOUR PERSONAL INFORMATION

VIII. YOUR CHOICES

IX. DATA SECURITY

X. USERS OUTSIDE OF THE UNITED STATES AND INTERNATIONAL TRANSFERS

XI. CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS

XII. QUESTIONS

XIII. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN UNION

I. IMPORTANT INFORMATION AND WHO WE ARE

A. APPLICATION OF THIS PRIVACY POLICY

This Privacy Policy applies to blvckdot.com, blackdotcapital.com, blackdotwireless.com and all other websites, features, mobile applications, or online services that are owned or controlled by

BLACKDOT and that post a link to this Privacy Policy (collectively, the “Sites”), whether accessed via computer, mobile device, or otherwise. Note, however, this Privacy Policy does not apply to your use of unaffiliated websites that link to our Sites. Once you enter another website (whether through an advertisement, service, or content link), be aware that we are not responsible for the privacy practices of such other websites.

This Privacy Policy aims to give you information on how BLACKDOT collects and uses your Personal Information through your use of the Sites, including any information you may provide through the Sites when you sign up to receive communications, purchase a product or service, or request further services or information from us.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or using Personal Information about you so that you are fully aware of how and why we are using your information. This Privacy Policy supplements the other notices and is not intended to override them.

The Sites are not intended for children, and we do not knowingly collect information relating to children. If BLACKDOT discovers that it has inadvertently collected Personal Information from anyone younger than the age of 16, it will delete that information.

We reserve the right, at any time and without notice, to add to, change, update or modify this Privacy Policy, simply by posting such change, update, or modification on the Sites. Any such change, update or modification will be effective immediately upon posting on the Sites. However, unless you consent, BLACKDOT will not use your Personal Information in a manner materially different than what was stated in our posted Privacy Policy at the time your Personal Information was collected. Please check this Privacy Policy regularly to ensure you are aware of any changes in our practices. It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us. You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.

The Sites may include links to third-party websites, plug-ins and applications and certain content on the Sites may be hosted and served by third parties that BLACKDOT does not control. Clicking

on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave the Sites, we encourage you to read the privacy policy of every website you visit.

In addition, BLACKDOT content may be included on web pages and websites that are not associated with BLACKDOT and over which we have no control. These third parties may collect data through the use of their own cookies, web beacons or other technology, independently collect information or solicit Personal Information, and may have the ability to track your use of their websites and services. BLACKDOT is not responsible for the privacy practices or the content of any third party.

Personal Information or personal data means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (“Anonymous Data”).

We and our third-party service providers may collect, use, store and transfer different kinds of Personal Information about you that we have grouped together follows:

• Identity Information includes name, username or similar identifier, title, date of birth, and gender.

• Demographic Information includes zip code, age and/or income.

• Contact Information includes billing address, delivery address, email address and telephone numbers.

• Financial Information includes bank account and payment card details.

• Transaction Information includes details about payments to and from you and other details of products and services you have purchased from us.

• Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology or other unique identifier (a set of numbers or characters that is assigned to your computer, mobile phone, or other device when you are on the Internet) (“Device Identifier”) for any computer, mobile phone, tablet or other device (any of which are referred to herein as a “Device”) used to access the Sites.

• Profile Information includes your username and password, purchases or orders made by you, your interests, preferences, and feedback.

• Usage Data includes information about how you use our website, products, and services, including all of the areas within our Site that you visit or use, and the time of day you visited the Site, among other information.

• Marketing and Communications Information includes your preferences in receiving marketing from us and our third parties and your communication preferences.

• Location Information includes information about your location using a variety of technologies, such as GPS, IP address, and connected or nearby Wi-Fi networks.

We also collect, use, and share Aggregated Information such as statistical or demographic information for any purpose. Aggregated Information may be derived from your Personal Information but is not considered Personal Information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature. However, if we combine or connect Aggregated Information with your Personal Information so that it can directly or indirectly identify you, we treat the combined information as Personal Information that will be used in accordance with this Privacy Policy.

We do not collect any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

We use different methods to collect information from and about you including through:

• Direct interactions. You may give us your Identity, Demographic, Contact, Financial, Profile, or Marketing and Communications Information by filling in forms or by corresponding with us by mail, phone, email, or otherwise. This includes Personal Information you provide when you:

o purchase our products or services.

o create an account on our Sites.

o subscribe to our service or publications.

o request marketing to be sent to you; or

o correspond with us or give us feedback. Automated technologies or interactions. As you interact with our Sites or applications, we may automatically collect Technical, Usage, and Location Information about your equipment, Device, browsing actions and patterns. We collect this Personal Information by using cookies, web beacons, embedded scripts and other similar technologies. We may also receive Technical Information about you if you visit other websites or applications employing our cookies. Please see the information about our use of cookies for further details. Note that our mobile applications may use similar technologies.

 o Cookies – Cookies are data files sent to and stored on the Device you use to view a website. Cookies can be used for many purposes, including to monitor use of our Sites, to customize content specific to your interests, to ensure that you do not see the same advertisement repeatedly and to store your username and password so you do not have to re-enter it each time you visit the Sites. If you choose to disable cookies on your Device, some features of the Sites or our content may not function properly.

o Web Beacons – Web Beacons are small graphic images or other web programming code (also known as “1×1 GIFs” or “clear GIFs”) that may be included on the Sites and in our e-mail messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a web page or e- mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Sites, to monitor how users navigate the Sites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.

o Embedded Scripts – Embedded scripts are programming code designed to collect information about your interactions with the Sites, such as the links you click. The code is temporarily downloaded onto your Device from our web server or a third- party service provider, is active only while you are connected to the Sites.

• Third parties or publicly available sources. We may receive Personal Information about you from various third parties. For example, if you are on another website and you opt-in to receive information from us, the other website may forward your contact and other information to us so that we may contact you as requested. If your company has provided you with access to the Site, we may receive information about you from your company. We also may supplement the information we collect with outside records from third parties in order to provide you with information, services or goods you have requested, to enhance our ability to serve you, and to tailor our content to you. We may combine the information we receive from those other sources with information we collect through the Sites. In those cases, we will apply this Privacy Policy to the combined information. Examples of third-party sources include:

o Technical Information from the following parties:

□ analytics providers.

□ advertising networks; and

□ search information.

o Contact, Financial and Transaction Information from providers of technical, payment and delivery services.

o Contact and Financial Information from companies that facilitate making reservations.

o Identity and Contact Information from publicly available sources.

Certain functionality on the Sites may permit interactions that you initiate between the Sites and a third-party website or service (“Third Party Interactions”). Examples of Third-Party Interactions may include technology that enables you to “like” or “share” content from the Sites on or to other websites or services; to transmit content to the Sites from your account on a third party website or service; and to otherwise connect the Sites to a third party website or service, such as through an application programming interface (API) made available by BLACKDOT or a third party.

If you choose to use Third Party Interactions, information you post or provide access to may be publicly displayed on the Sites or by the provider of the feature that you use. Similarly, if you post information on a third-party platform that references the Sites (e.g., by mentioning one of the Sites or using a hashtag associated with one of the Sites in a tweet or status update), your post may be published on our Sites in accordance with the terms of the third party website or service. In addition, both BLACKDOT and the third party may have access to certain information about you and your use of the Sites and the third-party website or service. In addition, we may receive information about you in connection with other users’ use of Third-Party Interactions (e.g., we may learn that you are a “friend” or “connection” of the third party or receive other information about you that the other user enables us to receive).

The information we collect in connection with Third Party Interactions is subject to this Privacy Policy. The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, and your choices with regard to what is visible to others on that third party website or service.

BLACKDOT works with certain third parties (including network advertisers, ad agencies, and analytics companies) to provide us with information regarding traffic on the Sites, to serve advertisements, including our advertisements elsewhere online, and to provide us with information regarding the use of the Sites and the effectiveness of our advertisements. For example, if you clicked on one of our advertisements that led you to one of the Sites, our service provider(s) may be able to tell us which advertisement you clicked on and where you were viewing the advertisement. These third parties may set and access their own tracking technologies (including cookies, embedded scripts, and web beacons) and may otherwise collect or have access to your Device Identifier, Usage Data, and related information about you. Cookies and web beacons, including those set by third party network advertisers, may be used to, among other things, target advertisements, prevent you from seeing the same advertisements too many times, conduct research regarding the usefulness of certain advertisements to you, and assist in providing analytics. We may share Device Identifier and Usage Data about visitors with third party advertising companies, analytics providers, and other vendors for similar purposes. While we may use a variety of service providers to perform advertising and analytics services, some of these companies may be members of the Network Advertising Initiative (“NAI”) or the Digital Advertising Alliance (“DAA“) Self-Regulatory Program for Online Behavioral Advertising.

These third parties may also transfer Device Identifier and Usage Data to other third parties where required to do so by law, or where such third parties process analytics information on their behalf. Each of these third party’s ability to use and share Device Identifier and Usage Data is restricted by their respective Terms of Use and Privacy Policy. By using our websites, you consent to the processing of data about you by these third parties in the manner and for the purposes set out above. For a full list of third-party analytics services, please contact us at support@BLACKDOT.com.

For additional information regarding targeted advertising and the “opt-out” procedures of NAI members and DAA Self-Regulatory Program participating companies, you may visit:

• NAI Opt-Out Tool (for website users): http://www.networkadvertising.org/managing/opt_out.asp

• DAA Consumer Choice (for website users): http://www.aboutads.info/choices/

• DAA AppChoices (for mobile app users): http://youradchoices.com/appchoices

Please note that opting out through these mechanisms does not opt you out of being served advertising. You may continue to receive generic ads while visiting the Site and elsewhere online. Some third parties may collect Personal Information about your online activities over time and across different websites.

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. However, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the Sites currently do not alter their practices when they receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit http://www.allaboutdnt.com.

We may use the information we collect about you, including Personal Information and Usage Data:

• to provide you with our products and services and related customer service.

• to send you information about BLACKDOT or our products or services, or promotional material from some of our advertisers or third-party business partners.

• to process a transaction you initiate, process payments and provide accurate billing and shipping.

• to provide you with information, products, or services that you have requested or agreed to receive.

• to process your registration with the Sites, including verifying your Contact Information is active and valid.

• to identify you as a user in our system.

• to present our Sites and its contents in a suitable and effective manner for you and for your device.

• to customize and tailor your experience on the Sites, for example, by displaying content that we think you might be interested in.

• to bill you for BLACKDOT products and services.

• to provide improved administration of our Sites and services.

• to send you administrative e-mail notifications, such as order confirmations, order status updates, security, or support and maintenance advisories.

• to market our products or services, including recommending products or services that might be of interest to you.

• for compliance fraud prevention and safety, including enforcing our terms of service and this Privacy Policy, protecting our rights privacy, safety, or property and/or that of you or others, and protecting against, investigating, or deterring fraudulent, harmful, unauthorized, unethical or illegal activity.

• to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

• to contact you with regard to your use of the Sites and, in our discretion, changes to the Site policies or functionality; and

• for purposes as disclosed at the time you provide your information, with your consent, or as further described in this Privacy Policy.

In addition to the above, we may use Anonymous Data to analyze request and usage patterns so that we may enhance the content of our services and improve navigation on the Websites. We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion.

We may use your Identity, Contact, Technical, Usage and Profile Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You will receive marketing communications from us if you have requested information from, purchased goods or services from us, or if you provided us with your details when you registered out our Sites and, in each case, you have opted to receive that marketing.

We do not share your Personal Information with unaffiliated third parties for those unaffiliated third parties’ marketing purposes unless you consent to such sharing.

A cookie is a data file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiration date, unless deleted by the user before the expiration date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Personal Information that we store about you may be linked to the information stored in and obtained from cookies. Based on what function cookies have and the purpose for which cookies are used, there are four categories of cookies: strictly necessary cookies, performance cookies, functional cookies, and marketing cookies.

Strictly necessary cookies

These cookies are essential in order to enable you to move around the Sites and use their features. Without these cookies, some services cannot be provided – for example, remembering previous actions when navigating back to a page in the same session.

Strictly necessary cookies enable features without which you would not be able to use the Sites as intended. These cookies are used exclusively by BLACKDOT. They are only saved on your computer while you are actually browsing the Sites.

Another example of what these cookies do is facilitate a switch from http to https when you change pages, so that the security of data transmitted is maintained. Furthermore, a cookie of this kind is used to store your decision about the use of cookies on our Sites. Your consent is not required for the use of strictly necessary cookies, and they cannot be disabled using the features of the Sites.

Performance cookies

These cookies gather information about how a website is used – for example, which pages a visitor opens most often, and whether the user receives error messages from some pages. These cookies do not save information that would allow the user to be identified. The collected information is aggregated, and therefore anonymous. These cookies are used exclusively to improve the performance of the Sites and user experience.

Functional cookies

These cookies enable a website to save information which has already been entered (such as username and location), so that it can offer you improved and more personalized functions. Functional cookies are also used to enable features you request such as playing videos. These cookies collect anonymous information and cannot track your movements on other websites.

Marketing cookies

These cookies are used to deliver advertisements and other communications more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns. They remember whether you have visited a website or not, and this information can be shared with other organizations such as advertisers (this includes advertising technologies on websites such as LinkedIn and Twitter). Cookies for improving group targeting and advertising will often be linked to site functionality provided by other organizations.

Most browsers allow you to refuse all or some browser cookies, or to alert you when websites set or access cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain information about blocking and deleting cookies for some commonly used browsers via the links below:

• Chrome: https://support.google.com/chrome/answer/95647?hl=en;

• Edge: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy;

• Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website- preferences;

• Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet- explorer-delete-manage-cookies;

• Opera: http://www.opera.com/help/tutorials/security/cookies/; and

• Safari: https://support.apple.com/kb/PH21411

Please note that blocking all cookies will have a negative impact upon the usability of many websites and if you choose to block cookies, you may not be able to use all the features on our Sites.

We may share non-personally identifiable information, such as aggregated user statistics, in our discretion and without restriction.

We may disclose the information we have collected about you, including Personal Information, as disclosed at the time you provide your information, with your consent, as described in this Privacy Policy, or in the following circumstances:

BLACKDOT may disclose information including Personal Information with its parent, subsidiaries, and affiliates for a variety of purposes, including for business, operational, and marketing purposes. BLACKDOT may, and reserves the right to, share your information with any other company that is not presently, but becomes, a BLACKDOT parent, subsidiary, or affiliate.

B. EXTERNAL THIRD PARTIES Third Party Service Providers

We may share Personal Information with third party service providers in connection with the service providers’ performance of services to, or on behalf of, the Sites, including conducting quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide other services to BLACKDOT. These service providers may store or use your information outside of the EU or United States.

Third Party Payment Processing

For online payments we use the payment services of Stripe (HTTPS://WWW.STRIPE.COM/) and PayPal (HTTP://WWW.PAYPAL.COM). We do not process, record or maintain your credit card or bank account information and we will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. For more information on how payments are handled, or to understand the data security and privacy afforded such information, please refer to HTTPS://WWWS.STRIPE/PRIVACY and HTTPS://WWW.PAYPAL.COM/US/WEBAPPS/MPP/UA/PRIVACY-FULL.

Administrative & Legal Reasons

We may transfer and disclose information, including Personal Information, to third parties:

• to comply with a valid legal inquiry or process such as a search warrant, subpoena, statute or court order, or if in our opinion such disclosure is required by law.

• to obtain or maintain insurance coverage, manage risks, obtain professional advice, or establish, exercise, or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

• to protect the safety, interests, rights, property, or security of BLACKDOT, you, or any third party.

• to respond to a breach or attempted breach of the security of our Sites.

• to defend or assert our legal rights pursuant to any of the Sites’ Terms of Use, any policies applicable to the Sites, or any other agreement you may have with BLACKDOT; or

• at the request of governmental authorities conducting an investigation.

We may also use Technical Information to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers, or law enforcement agencies in our discretion.

BLACKDOT may also disclose and transfer your Personal Information: (i) to a subsequent owner, co-owner or operator of the Sites or applicable database, or of our products or services; (ii) if BLACKDOT(or any of its affiliated, parent, or subsidiary companies) assigns its rights regarding any of your information to a third party; or (iii) in connection with a corporate merger, consolidation, restructuring, the sale of certain of BLACKDOT’s ownership interests, assets, or both, or other company change, including, without limitation, during the course of any due diligence process. These transfers and disclosures may be carried out without notice to you.

A. ACCESSING, UPDATING, CORRECTING OR DELETING INFORMATION

You can review, request access to, update, correct or delete your Personal Information by contacting us at legal-compliance@BLACKDOT.com.

You may request deletion of your Personal information by contacting us and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain information for fraud prevention or similar purposes. Also, note that we may need to delete your user account in order to delete your Personal Information.

You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us.

Where you opt out of receiving these marketing messages, this will not apply to Personal Information provided to us as a result of the purchase of a product or service or other transactions and we may send you service-related communications, including notices of any updates to our Terms of Use or Privacy Policy.

You may choose not to provide us with any Personal Information. In such an event, you may still be able to access and use some of the Sites; however, you may not be able to access and use those portions of the Sites that require your Personal Information. You may opt out of receiving marketing e-mails by following the opt-out instructions provided to you in those e-mails. Please note that we reserve the right to send you certain communications relating to your account or use of any of the Sites (for example, administrative and service announcements, shipping notices, and order or reservation confirmations) and these transactional account messages may be unaffected if you opt-out from marketing communications.

Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

We strive to provide you with choices regarding certain Personal Information uses, particularly around marketing and advertising. You can opt-out of such communications as outlined in Section B, above

Please note that you may continue to receive service-related and other non-marketing communications.

BLACKDOT takes commercially reasonable security measures to help protect your Personal Information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to know. However, please note that transmission over the Internet or wireless networks cannot be guaranteed to be completely secure; and therefore, we cannot ensure or warrant the security of any information we collect. You use our Sites and provide us with your information at your own risk.

We have put in place procedures to respond to any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

The Sites are operated in the United States, and BLACKDOT and third-party service providers and partners operate in the United States and other jurisdictions. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to and processed in the United States and other countries. By using the Site, or providing us with any information, you consent to this transfer, processing, and storage of your information in countries where the privacy laws may not be as comprehensive as those in the country where you reside or are a citizen.

XI. CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS Please see BLACKDOT, LLC’s California Resident Privacy Policy.

If you have any questions or concerns regarding this Privacy Policy or our practices, please feel free to contact us via email at legal-compliance@BLACKDOT.com. We can also be contacted by mail at:

23456 Madero Suite 210

Mission Viejo, CA 92691

Attn: General Counsel

A. PERSONAL INFORMATION

References to “Personal Information” in this Privacy Policy are equivalent to “Personal Data” governed by European data protection legislation.

We will only use your Personal Data when the law allows us to do so. Most commonly, we will use your Personal Information in the following circumstances:

• Where we need to perform obligations relating to a contract to which you are a party or to take steps at your request before entering into such a contract.

• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include those related to conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

• Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your Personal Information other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the contact information provided above.

We have set out below, in a table format, a description of the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground, we are relying on to process your Personal Data where more than one ground has been set out in the table below.

Purpose/Activity

Type of Information

Lawful basis for processing including basis of legitimate interest

To register you as a new customer or user

(a) Identity

(b) Contact

(c) Profile

Performance   of a contract with you and/or taking  steps, at your request, to enter such a contract

To process   and deliver products and services including:

(a) Deliver requested goods and services

(b) Manage payments, fees and charges

(c) Collect and recover money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction

(e) Marketing and Communications

(a) Performance of a contract with   you and/or taking steps, at your   request, to enter such a   contract(b) Necessary for our legitimate   interests (to recover debts due to   us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or Privacy Policy

(b) Asking you for feedback

(a)   Identity

(b) Contact

(c) Profile

(d)   Marketing and Communications

(a)   Performance of a contract with you and/or   taking steps, at your request, to enter   such a contract

(b) Necessary to comply   with a legal obligation

(c) Necessary  for our legitimate interests (to keep   our records updated and to study how customers use our products/services)

To administer and protect our business and the Sites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact

(c) Technical 

(d) Usage

(e) Location

(a)   Necessary for our legitimate interests (for   running our business, provision of administration   and IT services, network security,   to prevent fraud and in the context   of a business reorganization or group   restructuring exercise) 

(b) Necessary  to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness  of the advertising we serve to you

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing  and Communications

(f) Technical

(g) Location

Necessary for our legitimate   interests (to study how customers  use our products/services, to   develop them, to grow our business   and to inform our marketing strategy)

To use data   analytics to improve our website,   products/services, marketing,   customer relationships and experiences

(a) Technical

(b) Usage

Necessary for our legitimate   interests (to define types of   customers for our products and   services, to keep our website updated and   relevant, to develop our business and to inform our marketing strategy)

To make   suggestions and recommendations to   you about goods or services that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

Necessary  for our legitimate interests (to develop  our products/services and grow our business)

This Privacy Policy is issued on behalf of BLACKDOT, LLC and its subsidiaries and affiliates so when we mention “BLACKDOT”, “we”, “us” or “our” in this Privacy Policy, we are referring to the relevant company responsible for processing your data.

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out below.

We will only retain your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, you can ask us to delete your data: see the Request Erasure subsection below for further information.

In some circumstances we may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Under certain circumstances, EU Residents may have rights under data protection laws in relation to your Personal Data as outlined below:

• Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

• Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

• Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request.

• Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it affects your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms.

• Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

• Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

• Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the rights set out above, please contact us at legal- compliance@BLACKDOT.com.

No Fee Usually Required

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights)