The founding mission of SELF ID, Inc. (“SELF”, “we” or “us”) it to safeguard your privacy by giving you meaningful control and ownership over your personal data. That commitment is reflected in our own information processing practices. This website privacy policy (“Website Privacy Policy” or “Policy”) explains who we are, how we collect, use and disclose (or otherwise process) your personal information, and how you can exercise your privacy rights. The terms “personal information” and “personal data” may each be used interchangeably in this Policy.

This Policy applies exclusively to your interaction with the SELF website available at www.selfid.com (“Website”). For the avoidance of doubt, this Policy does not apply to your use of or access to any products or services made available by SELF from time-to-time at our sole discretion (“SELF Products”), nor does it apply to any potential or established employer-employee relationship between SELF and you.

We recommend that you read this Policy in full as it contains descriptions as to our personal information processing practices and explanations of your legal rights. To make this policy easier for you to review, we have divided the document into the following sections:

1. Who we are
2. What personal information we collect
3. How we use your personal information
4. Your rights under data protection laws
5. Additional State-Specific Privacy Disclosures
6. Cookies and other online tracking technologies
7. General information

SELF is a technology company headquartered in the United States that is building a unique platform for natural persons to control the disclosure of their personal information to third parties. As a fully remote company, we have employees distributed across the United States, including in Mexico and Canada.

For residents of the European Economic Area or other jurisdictions with laws applicable to the processing of your personal information, please be aware that your personal data will be transferred to and processed in the United States, where our servers and service providers are principally located. By providing us your personal data, you consent to the transfer and processing in accordance with this Policy.

Our Website offers various ways in which you may engage with us in order to receive information about us, our company, SELF Products, or industry news generally. Specifically, you can provide your email address to us to receive a newsletter about SELF or SELF Products, released at regular intervals. Further, you may choose to apply to be a Beta Tester, as that term is defined in the SELF ID Waitlist Terms and Conditions (“Waitlist”). The personal information we collect from you is broadly categorized as identifiers, and consists of the following personal data elements:

• Name;
• Email address;
• Phone number (which is optional).

SELF does not use conventional tracking technologies that you may frequently encounter, examples of which are cookies or beacons. Accordingly, when visiting or interacting with our Website, certain information is automatically collected by most browsers or through your device, but this information is generic in nature and cannot be used to identify you. However, in order to provide you with a full understanding of our information processing practices, the information described in this paragraph can be broadly characterized as session information, and consists of the following:

• Session information (the amount of time you spend on the Website);
• Website navigation information (which pages you visit and links you click); and
• The country in which your browser is located.

We use Google Analytics to collect the above information. Please see section 6 of this Policy (Cookies and other online tracking technologies) for more information.

Apart from what is disclosed in section 2.2 (Information we collect automatically) and section 6 (Cookies and other internet tracking technology), as of the Effective Date of this Policy, SELF does not collect your personal information from any third parties.

We process your personal information for the following purposes:

• To provide, operate and maintain the Website;
• To respond to your inquiries and fulfill your requests, such as to send you requested materials and newsletters and to communicate with you regarding your presence on the Waitlist;
• To conduct our own marketing activities; and
• To send administrative information to you which includes, for example, information regarding our Website and changes to our terms.

As set forth immediately above in section 3.1, SELF processes your personal data for very specific reasons and in response to your engagement with us. Accordingly, in most cases, our processing of your personal information will be based upon our legitimate interests. In certain circumstances, our processing of your personal data may be based upon your consent to do so.

SELF discloses your personal information to third parties for business purposes only. All recipients only receive personal information from SELF that is required for the performance of certain services carried out by our service providers. Accordingly, your personal information will only be transferred to:

• Affiliates of SELF, to the extent that the transfer is necessary to process your communication and inquiries that you have requested through the Website or other means of communication (for example, social media platforms);
• Service providers in countries where SELF operates, to the extent the transfer is necessary to provide IT, system administration and hosting, analytics, marketing and other business operations in accordance with those set forth in section 3.1 of this Policy;
• In cases where SELF is legally obliged to do so or where there is a legally binding judgment, as well as in cases where SELF enforces rights or defends itself against claims.

All SELF service providers are contractually obligated to process personal information only on SELF’s instructions. The service providers do not use personal data for their own purposes.

We retain personal information we collect from you where we have an ongoing legitimate business need to do so. When we no longer have a legitimate business need to process your personal information, we will either delete or anonymize such data.

If you elect to receive notifications about SELF Products from us, or subscribe to our newsletter, SELF will store the relevant information until you unsubscribe.

If you apply to be a Beta User, as that term is defined in the Waitlist, your data will be stored until it is no longer required for such purpose or until you request SELF delete it, or until you revoke your consent.

A different personal data retention period may apply in connection with legal claims that could be made against SELF. In such circumstances, the personal data will be deleted after the relevant periods have expired or the relevant process has been completed.

Where we are acting as a controller under the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and depending on your location and subject to applicable law, you may contact us at privacy@selfid.com to exercise the following rights:

• To request information about personal data processed by SELF;
• To request rectification of inaccurate or incomplete personal data held by SELF;
• To request the erasure of your personal data stores by SELF, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims;
• To request the restriction of the processing of your personal data if you contest the accuracy of the data;
• To obtain your personal data provided to SELF in a structured, common and machine-readable format or transferring it to another responsible party;
• To revoke your consent to SELF at any time, this means that SELF may no longer process your personal data where the legal basis for such processing is your consent;
• To not be subject to automated decision making; and
• To lodge a complaint with a supervisory authority. Contact details for data protection authorities in the European Economic Area (EEA) are available here.

Please review our Additional State-Specific Privacy Disclosures for additional information on our information practices under applicable U.S. state data privacy laws.

Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. SELF does not deploy this type of technology on its Website. However, SELF does have a limited deployment of Google Analytics to see how visitors use our Website and how it can be improved. To the extent we use Google Analytics to collect information personal to you, it is to record the country of your internet browser.

Further information on how Google collects and uses this data can be found at https://www.google.com/policies/privacy/partners/. You can opt-out of all Google supported analytics by visiting https://tools.google.com/dlpage/gaoptout/.

Pursuant to California law, SELF does not have actual knowledge that it sells or shares the personal information of consumers under 16 years of age.

If you are under 13 years of age (or 16 in certain EEA jurisdiction) and any processing by SELF of your personal information is based upon consent, consent must be given or authorized by your parent or legal guardian. SELF does not knowingly process the information of natural persons below the aforementioned ages, nor does SELF direct its Website or any potential SELF Products to children.

If we are to discover that we are processing information of children below the aforementioned ages without appropriate consent, we will purge said information from our systems.

We, and our service providers, use commercially reasonable practices to safeguard and secure your personal information.

This Policy only applies to our Website. From time-to-time, our Website may include links to, for example, news stories or other service providers, which will be subject to their own privacy policies and personal information processing practices. We are not responsible for the information practices of such third parties and encourage you to review those subject policies prior to sharing your personal information.

SELF will review and update this Policy periodically and will note the date of its most recent version above. If we make material changes to this Policy, we will notify you either by prominently posting a notice of such changes prior to implementing or directly sending you a notification.

Up until the Effective Date of this Policy, SELF has not received any requests from government agencies, including but not limited to the United States Federal Bureau of Investigation (FBI), in the form of a National Security Letter or an order under the Foreign Intelligence Surveillance Act (FISA).

If you have questions or suggestions regarding this Policy, please contact us at privacy@selfid.com.