Privacy Notice

This Privacy Notice describes how AnySoftware, Inc. ("AnySoft," "we," "us" or "our") processes personal information that we collect through our digital or online properties or services that link to this Privacy Notice, including as applicable, our website located at www.anysoft.app, their subdomains, and any other websites that include an authorized link to this Privacy Notice ("Websites") and our social media pages or feeds of our accounts on any social media sites or platforms, such as LinkedIn, X (formerly known as Twitter), and/or any Meta Platforms ("Social Media Platforms"), as well as our marketing activities, live events, employment opportunities in the U.S., our cloud-based service through which AnySoft empowers developers to build, deploy, and manage hosted applications generated by generative artificial intelligence, large language models, and machine learning services or applications (the "AnySoft Service"), and other activities described in this Privacy Notice (collectively, the "Services").

Our Services are designed for enterprise customers and their representatives. We do not target our Services for use by individuals for their personal, family or household purposes. Accordingly, we generally treat personal information we collect as pertaining to individuals in their capacities as representatives of the relevant enterprise and not their individual capacities.

Scope of this Privacy Notice

This Privacy Notice applies to personal data that may be collected, received, and processed by us relating to:

• "Visitors" browsing or using our Websites or who interact with us through any Social Media Platforms.
• "Customers" who have entered into AnySoft's customer Terms of Service Agreement located at https://www.anysoft.app/terms, or such other terms of use, terms of service, or other agreement with AnySoft for the use of the AnySoft Service (the "Customer Agreement").
• the employees, contractors, or agents of Customer authorized to use, or otherwise accessing, the Services on behalf of the Customer ("Users").

The term "personal data" or "personal information" means any information about an individual from which that person may be identified. For example, it may include a person's name, telephone number, email address, or payment information, and in some jurisdictions, IP address. It does not include data from which the identity of an individual has been definitively removed along with any identifiers connected to such individual (also known as anonymous or anonymized data).

Important note regarding information controlled by our Customers

Our Customers control the collection, use, and processing of personal data and other information that is submitted, uploaded, and/or otherwise provided in connection with their use of the Services, which may include personal data that relates to Users.

Such personal data is collected and processed by AnySoft on behalf of the Customer pursuant to the Customer Agreement. Under relevant data protection laws, AnySoft acts as the "data processor" or "service provider" on behalf of the applicable Customer who is the "data controller" or "business".

Our Customers determine their own policies for handling personal data, and AnySoft does not control our Customers' policies or the manner in which they handle personal data. Except where there is a specific reference to a User expressly stated herein, this Privacy Notice does not apply to personal data of Users that we process on behalf of our Customers.

If you are a User, you are responsible for reviewing the policies, including any privacy policies, of the relevant Customer. If you have questions regarding how a Customer processes your personal data or if you wish to exercise a data rights request as applicable under relevant data protection law, please contact the applicable Customer. Please note that if you submit any such request to us, we will forward it to the applicable Customer.

Personal information we collect

Information you provide to us. The personal data we collect in connection with the use of the Services depends on how and why you use the Services. For example, the information that we may process about Visitors is more limited than the information we may process if you are a User. Note that you may choose not to provide personal data directly to us or to not use the Services. However, some personal data is necessary so that we can provide you with access to the Services you have requested. Failure to provide this information may prevent us from providing you with access to our Services. Personal information you may provide to us through the Services, or otherwise, includes:

• Contact data: We collect contact information, such as your first and last name, salutation, email address, professional title and company name, and phone number when you register an account for the Services or through other sign-up forms to receive marketing communications, communications regarding demos of our products and services, and/or newsletters.
• Account authentication data: When you login to your account as a registered user, we collect information such as the username and password or other login credentials that you may set to establish an online account.
• Demographic data: We may collect demographic data, such as your city, state, country of residence, postal code, and age.
• Customer Data: We collect and process on behalf of our Customers any and all content or information, including any prompt, input, query, command, or other user instruction, that is uploaded, submitted, and/or transmitted to the AnySoft Service (including any artificial intelligence, large language models, and machine learning services or applications included in or made available as part of the AnySoft Service) by Customer or Users, or otherwise provided to AnySoft by Customer or any User in connection with the use of the AnySoft Service, or other Customer materials provided by Customer or accessed by AnySoft in connection with any professional services provided under the Customer Agreement (collectively, "Customer Data").

  Customer Data is owned and controlled by our Customers, and we collect and process such information solely on behalf of the applicable Customer in accordance with the Customer Agreement entered into with such Customer.

• Payment Transaction Information: If you purchase access to the Services, we may collect certain limited payment information (for example, partial payment or credit card information, and limited transaction information like the date of purchase). AnySoft does not directly collect or store any payment information other than the limited information we receive expressly described in this Privacy Notice. Payment information (including the limited information we receive described here), is collected and processed by our third-party payment processors, currently Stripe. For more information, please see the Payment processors Section of this Privacy Notice.
• Communications data: We may collect communications data based on our exchanges with you, including when you contact us through the Services (such as when you provide feedback regarding your experience with the Services, requesting support, or other communications with us), Social Media Platforms, or otherwise.
• Job application data: If you apply for a position through our career opportunity webpage, we may collect job application data such as professional credentials and skills, educational and work history, LinkedIn profile page, personal website, authorization to work in the U.S., immigration status, criminal history, and other information that may be included on a resume or curriculum vitae as well as in a cover letter. This may also include diversity information that you voluntarily provide.
• Marketing data: We may collect marketing data such as your preferences for receiving our marketing communications and details about your engagement with them.
• Other data: We may collect other information not specifically listed here, which we will use as described in this Privacy Notice or as otherwise disclosed at the time of collection.

Please be advised that we may ask you to update your information from time to time in order to keep it accurate. Additionally, if you provide personal data to us about someone else, you must ensure that you are entitled to disclose that information to us and, without us having to take any further steps required by data protection laws, that we may collect, use and disclose such information for the purposes described in this Privacy Notice. For example, you should ensure the individual concerned is aware of the terms detailed in this Privacy Notice and that they have not objected or do not object to you sharing their information with us.

Third-party sources. We may combine personal information we receive from you with personal information falling within one of the categories identified above that we obtain from other sources, such as:

• Information from our Customers: We may receive personal data from our Customers. For example, we receive Customer Data, which may contain personal data, and we may receive other information from our Customers about their Users. We use this information to provide the Services to the Customer pursuant to the Customer Agreement.
• Service providers: We receive information from third party service providers as described in the How we share your personal information Section below, that help us in the operation, provision, administration and management of the Services, such as our cloud or hosting service providers, customer support providers, and our analytics providers.
• Public sources: We may receive personal information from public sources, such as government agencies, public records, Social Media Platforms, and other publicly available sources.
• Data providers: We may receive information from data providers, such as information services and data licensors.
• Analytics, marketing, advertising providers, and AnySoft partners: We may receive information from entities who perform targeted advertising, data analytics, marketing, and/or lead generation functions for AnySoft, such as lead generation providers, third-party data enrichment tools, and analytics vendors. We may also receive contact information from AnySoft business partners with whom we operate co-branded events, webinars, services and marketing campaigns or joint offerings.
• Business transaction partners: We may receive personal information in connection with an actual or prospective business transaction. For example, we may receive your personal information from an entity we acquire or are acquired by, a successor, or assignee or any party involved in a business transaction such as a merger, acquisition, sale of assets, or similar transaction, and/or in the context of an insolvency, bankruptcy, or receivership.
• Third Party Services: If you use any products, services, software, content, and/or features (including, without limitation, data products and services) that AnySoft has integrated with, and/or has otherwise made accessible for use through, our Services (collectively, "Third Party Services"), we may receive information about you from the providers of such Third Party Services related to your use thereof in connection with our Services.
• Social Media Platforms: If you interact with us through any Social Media Platforms, we may collect information such as your username, profile picture, and other information associated with your account on that Social Media Platform that is made available to us based on your account settings on that Social Media Platform.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer, or mobile device, and your interaction over time with the Services, our communications, and other online services (collectively, "Usage Data"). Typically, this data is transmitted and collected automatically (without action by you) using cookies and similar technologies as described in the Cookies & similar technologies; Targeted advertising Section below.

• Device data: We may collect device information, such as your computer or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, and radio/network information (e.g., Wi-Fi, LTE, 3G).
• Communication interaction data: We may collect information related to your communications with us, such as your interactions with our email, text, or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.
• Approximate Location Data: We may collect your approximate location (city and state) based on your IP address.
• Usage and analytics data: We may collect usage and analytics data, such as pages or screens you viewed, how long you spent on a page or screen, your time zone, country, the dates and times of access, the website, apps, and/or ads you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, user agent and version, advertising and language preferences, access times and duration of access, and whether you have opened our emails or clicked links within them.

We also may use third party services that employ software code to record users' interactions with the Services. Session replays include users' clicks, mouse movements, scrolls, and keystrokes/key touches during those sessions. These replays help us determine token usage and diagnose usability problems and identify areas for improvement. If you are a Customer or User, we may share session replay data related to your token usage with our payment processors (identified in the Payment processors Section below) in order to process billing for your account.

Cookies & similar technologies; Targeted advertising

We or authorized third parties or agents may collect certain information by automated means using cookies and/or similar technologies such as, web beacons, embedded scripts, pixels, and browser analysis tools (collectively, "Cookies"). Cookies collect information such as Usage Data.

We may also use third party advertising partners (e.g., Google, Clay, LinkedIn, and Meta) who use targeting/advertising Cookies to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator's permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers.

For more information on our use of Cookies, please see our Cookie Policy accessible at https://www.anysoft.app/cookies.

Purposes for processing your personal information

Depending on whether you are a Visitor, Customer, or User, we may use your personal information for the following purposes or as otherwise described at the time of collection to:

Services delivery and operations.

• Host the Websites and the online aspects of the Services;
• provide the Services;
• create and manage Customer and User accounts;
• meet or fulfill the reason you provided the information to us, including to provide you with the information you request;
• process orders or other transactions and for billing purposes (which may include sharing session replay data with our payment processors to determine token usage for billing);
• enable access to Third Party Services that you use in connection with the Services;
• maintain, debug, enable, upgrade, and/or update the Services;
• personalize the Services and communications, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Services;
• enable security features of the Services;
• establish and maintain your user account on the Services;
• keep you updated about changes to policies related to the Services (including this Privacy Notice);
• send emails and other communications according to your preferences;
• communicate with you about the Services, including by sending Services-related announcements, updates, security alerts, and support and administrative messages; and
• provide support for the Services, and respond to your requests, questions and feedback.

Services improvement and analytics.

• analyze your usage of the Services, improve the Services, and improve the rest of our business;
• help us understand user activity on the Services, including which pages are most and least visited and how visitors move around the Services, as well as user interactions with our emails; and
• develop new products and services.

Marketing.

• provide customized advertisements, content, and information regarding the Services, where and as permitted under applicable law;
• notify you of third party products, services, or offers that we may think be of interest to you (however, we do not share your information with such third parties unless you tell us to); and
• send you (or our service providers may send you) direct marketing communications regarding our products and services that we may think are of interest to you, and may personalize these messages based on your needs and interests. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.

To manage our recruiting and process U.S. employment applications. We may use personal information, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics.

Compliance and protection.

We may use your personal information to:

• comply with applicable laws, regulatory obligations (for example, keeping records of our sales for tax compliance), lawful requests, and legal process, such as to respond to subpoenas, investigations or requests from government authorities;
• protect our, your or others' rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions, contacts, and/or agreements that govern the Services; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

Data sharing in the context of corporate events. We may share certain personal information in the context of actual or prospective corporate events – for more information, see How we share your personal information, below.

To create aggregated, de-identified and/or anonymized data. We may create aggregated, de-identified and/or anonymized data from your personal information (including, Usage Data) and other individuals whose personal information we collect. We make personal information into de-identified and/or anonymized data by removing information that makes the data identifiable to you. We may use this aggregated, de-identified and/or anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve the Services, conduct research, add features to our Services, and promote our business. In addition, from time to time, we may share or publish aggregated information like general user statistics with third parties. We collect this information through the Services, through Cookies, and through other means described in this Privacy Notice. We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to re-identify the information, unless required by law.

Further uses. In some cases, we may use your personal information for further uses, in which case we will ask for your consent to use your personal information for those further purposes if they are not compatible with the initial purpose for which information was collected.

How we share your personal information

Aside from disclosing your information to those of our employees, contractors, and agents who are authorized to process the information in order to provide the Services and who are committed to confidentiality, we may share your personal information with the following parties (or as otherwise described in this Privacy Notice, in other applicable notices, or at the time of collection).

• Affiliates. Our corporate parent, subsidiaries, and affiliates.
• Service providers. Third parties that provide services on our behalf or help us operate the Services or our business. Depending on how you use the Services, the following categories of third parties collect or receive personal data on our behalf as our Service Providers:
  • Hosting providers;
  • Internet Service providers;
  • Analytics providers;
  • Marketing agencies that assist with our direct email and advertising;
  • Payment processing providers;
  • Providers of business operations and communication tools;
  • Other third-party service providers that help us provide features and functions for the Services (e.g., customer support providers); and
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers.

  For a list of all service providers we use, please contact us via email at the email address provided in the How to contact us Section below. We require all service providers to respect the security of your personal data and to treat it in accordance with the law.

• Disclosures directed by our Customers. We will share and disclose personal data of Users with the relevant Customer and otherwise in accordance with the Customer's instructions, including any applicable terms in the Customer Agreement. If you are an authorized User of a Customer, please contact the relevant Customer to learn more about how your information may be used, shared, and/or disclosed by us on their behalf.
• Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so.
• Third Party Services. When you interact with and/or use Third Party Services (including any Social Media Platforms), certain information may be exchanged between AnySoft and the provider of the applicable Third Party Services. Note that the Third Party Services you choose to interact with and/or use, and their providers, are not our service providers. The applicable providers of Third Party Services may use personal information differently than we do and we do not control their use of your information. Please review the privacy notices for the Third Party Services that you use in connection with the Services.
• Partners. Third parties with whom we partner, with whom we jointly offer products or services, or whose products or services may be of interest to you.
• Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
• Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the Compliance and protection purposes described above. If we are required to disclose personal data by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your personal data has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual. If you are an authorized User of a Customer, please consult with the relevant Customer to learn more about how they respond to requests for information pursuant to legal orders.
• Business transferees/Corporate events. We may disclose personal information in the context of actual or prospective business transactions (e.g., investments in AnySoft, financing of AnySoft, public stock offerings, or the sale, transfer or merger of all or part of our business, assets or shares). For example, we may need to share certain personal information with prospective counterparties and their advisers. We may also disclose your personal information to an acquirer, successor, or assignee of AnySoft as part of any merger, acquisition, sale of assets, or similar transaction, and/or in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets.
• Exigent circumstances & enforcement/protection of our rights. Your information, including the contents of all of your online communications in the Services and between you and AnySoft may be accessed and monitored as needed to provide our Services and may be disclosed to law enforcement, regulatory agencies, official government bodies, and other third parties, as we, in our sole discretion, believe necessary or appropriate:
  • To enforce our rights under our Website Terms of Service, Customer Agreement, IP and Usage Policy, and any other terms of use, terms of service, customer agreements and/or any other terms and conditions applicable to the use of the Services;
  • In connection with an investigation of fraud, intellectual property infringement, piracy or other unlawful activity or activity that may expose us or our affiliates, partners and/or agents to legal liability; and/or
  • If we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person.
• With Your Consent. There may be situations where you are asked to consent to share personal data with third parties for additional reasons not included in this Privacy Notice. In such event, we will only share such personal data if we have received your prior consent and only for the purposes as listed in the request to share such information.

Except where otherwise required by applicable law, your consent for the use and/or disclosure of your personal data in specific situations will continue in full force and effect until you revoke that consent, which you may do by contacting us at the email address provided in the How to contact us Section below. For the avoidance of doubt, the revocation of consent shall only apply to the use the information after our receipt and processing of such request (which we shall process promptly and in accordance with applicable law), and not to any use or disclosure prior to such revocation in compliance with your consent.

Marketing communications

If you have not otherwise opted out (or with your consent where required by applicable law), or if you have opted in to receive direct marketing communications from us, we may use your personal data to send you marketing information about the AnySoft business, the Services, new product releases, new feature releases of the Services, and/or other products and services, that we think may interest you. We carry out direct marketing by email.

If you no longer wish to receive marketing communications, you have the right at any time to opt out as further explained in Your choices.

Your choices

• Accessing, Updating and Correcting Personal Data. If you would like to access, update, or correct personal data, please contact us at the email address provided in the How to contact us Section below, and we will use reasonable efforts to correct and/or update such information. You may also update and correct certain personal data (e.g., contact information) from your account settings. Please note that if you are an authorized User, any request to correct, access, update or delete your personal data will need to be directed to the applicable Customer.
• Opt-out of communications. You may opt-out of marketing-related and non-transactional emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. We will use commercially reasonable efforts to process such requests in a timely manner. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails (e.g., responses to requests for support).
• Blocking images/clear gifs. Most browsers and devices allow you to configure your device to prevent images from loading. To do this, follow the instructions in your particular browser or device settings.
• Linked third-party platforms. If you choose to connect to the Services through your Social Media Platform account or other third-party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.
• Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
• Cookies, analytics, and targeted advertising. You can manage your cookie and tracking preferences as described in our Cookie Policy located at https://www.anysoft.app/cookies.
• Additional data subject rights. If you are visiting from the EEA, Switzerland or UK, or from another territory outside the U.S., you may have additional rights you can exercise as described in the Notice to European and non-U.S. residents Section.

In addition, if you are an authorized User of a Customer that is a "controller" or "business" under relevant data protection laws of the United States, you may have additional data subject rights depending on the location of the Customer or where you reside. These rights may include the right to:

• Access your personal data and information relating to how it is processed.
• Delete your personal data.
• Rectify or update your personal data.
• Transfer your personal data to a third party (right to data portability).
• Restrict how your personal data is processed.
• Withdraw your consent—where consent is relied on as the legal basis for processing at any time.
• Object to how your personal data is processed.
• To be informed of any automated decision-making and profiling based on your personal data.
• Lodge a complaint with your local data protection authority.

If you have inquiries about your applicable data subject rights, please contact the relevant Customer. As the "processor" or "service provider" of our Customers under relevant data protection laws, we will comply with their instructions and applicable law in responding to data subject requests pursuant to the applicable Customer Agreement. Please note that if you submit a data subject request to us, we will forward it to the relevant Customer.

Payment processors

AnySoft does not directly collect or store your payment information other than the limited information we receive described herein. We use third-party, PCI-compliant payment processors to collect and process payments on our behalf, currently Stripe. Our payment processors may provide us with limited information to confirm the transaction. Information collected by these third-party payment processors is governed by the applicable third-party payment processor's privacy policy. You should review the applicable privacy policy (currently located at https://stripe.com/privacy) prior to submitting any information to the applicable third-party payment processors.

Sensitive data

AnySoft does not require you to provide, and if you are a User, you are prohibited under the Customer Agreement from providing, any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to AnySoft as part of using the Services.

External websites

The Services may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us ("External Websites"). These links and integrations are not an endorsement of, or representation that we are affiliated with, such External Websites or any third party, and are provided to you only as a convenience. We do not control any External Websites, and we are not responsible for their actions. By clicking on links to External Websites, the operators of the External Websites may collect your personal data. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies. We encourage you to read the privacy policies of the other External Websites you use.

Data retention

Personal data is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations, and for the duration of any period necessary to establish, exercise, or defend any legal rights.

Typically, we retain personal data about you for as long as you have an account with us or as otherwise necessary to provide you with the Services. In some cases, we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes, or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation.

In order to determine the most appropriate retention periods for your personal data, we consider the amount, nature, and sensitivity of your information, the reasons for which we collect and process your personal data, and applicable legal requirements.

In some instances, we may choose to anonymize personal data instead of deleting it. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to any specific individual.

If you are an authorized User of a Customer, contact the relevant Customer regarding the Customer's data retention policies.

Security

We employ reasonable and appropriate technical, organizational and physical safeguards designed to prevent the personal information we collect from being accidentally lost, altered, disclosed, used, or accessed in an unauthorized way.

However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Services is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Services. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Services will not be viewed by unauthorized persons.

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

We rely on legally-provided mechanisms to transfer personal information across borders where and as required under applicable law.

Children

The Services are not intended for use by anyone under 18 years of age. If you are a parent or guardian of a child from whom you believe we have collected personal information in a manner prohibited by law, please contact us. If we learn that we have collected personal information through the Services from a child without the consent of the child's parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.

Notice to California residents - Shine The Light Disclosure

California residents who have provided us with personal data have the right (under California Civil Code § 1798.83) to request and obtain from us, once each year, the details of any personal data we shared with a third party for that third party's direct marketing purposes during the prior calendar year. The details would include the categories of personal data and the names and addresses of the third party with which it was shared.

AnySoft does not currently share personal data of California residents with any third party for that third party's direct marketing purposes.

To request information about this sharing, you may submit a request to the email address provided in the How to contact us Section below, with "Your California Privacy Rights" in the subject line, along with your first and last name, account email address and/or login ID (if applicable), and complete mailing address (including street address, city, state, and zip code).

Notice to Nevada residents

Under Nevada law, Nevada "consumers" (individuals who are seeking or acquiring goods/services for personal, family, or household purposes) may opt out of the sale of covered personal information.

AnySoft does not currently sell covered information of Nevada consumers as defined under applicable Nevada law.

You may submit an opt-out request by sending your request to the email address provided in the How to contact us Section below, along with your full name, complete mailing address (including street address, city, state, and zip code), email address (so that we can contact you, if needed, in connection with the request) and confirmation that you are a Nevada resident.

Notice to European and non-U.S. Residents

This notice supplements the information provided in this Privacy Notice to address certain disclosures under the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other similar comprehensive data protection law and applies only to individuals who are within the scope of this Privacy Notice and located in the EEA, UK, Switzerland, or another country with a similar comprehensive data protection law.

For the purposes of the GDPR and relevant local data protection laws, AnySoft is the data controller of personal information about its Visitors and certain account related data of Customers, and (b) the data processor of all other personal information processed on behalf of Customers, including, Customer Data. Personal data as used in this Notice to European Residents means "personal data," as defined in Article 4(1) of the GDPR or the relevant section of the local data protection laws. If you have any questions about how we process your personal data, or to exercise your data protection rights please contact us using the methods provided in the How to contact us Section of this Privacy Notice below.

Our Legal Basis for Processing

Generally, we process your personal data for one or more of the following legal bases:

• Performance of a Contract: In order to perform the Services and fulfill our obligations under the contract we are about to enter into or have entered into with you. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your use of the Services, such as hosting providers, and payment processors.
• Legitimate Interests: When it is reasonably necessary to achieve our legitimate business interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.
• Legal Obligations: Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.
• Vital Interests: Where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
• Consent: Where you have given us specific consent to use your personal data in a specific purpose. Please note that for this specific legal basis, you have the right to withdraw your consent at any time.

Data Subject Rights

Depending on your country of residence, your rights may include:

• The right to be informed – that's an obligation on us to inform you how we use your personal data (and that's what we're doing in this Privacy Notice);
• The right of access – that's a right to make what's known as a 'data subject access request' for a copy of the personal data we hold about you;
• The right to rectification – that's a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your account if you have one);
• The right to erasure (also known as the 'right to be forgotten') – that's where in certain circumstances you can ask us to delete the personal data we have about you (unless there's an overriding legal reason we need to keep it);
• The right to restrict processing – that's a right for you, in certain circumstances, to ask us to suspend processing personal data;
• The right to data portability – that's a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
• The right to object – that's a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
• Rights in relation to automated decision-making and profiling – that's a right you have for us to be transparent about any profiling we do, or any automated decision-making.
• Withdraw Consent – that's the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal data with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
• File a complaint – that's the right to file a complaint with a supervisory authority about our collection and processing of your personal data.

Exercising Your Rights

These rights are subject to certain rules around when you can exercise them. If you wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

If you no longer wish to receive our marketing/promotional information, you may opt out as described in the Your choices section above.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on the Services or other appropriate means. Any modifications to this Privacy Notice will be effective upon our posting the modified version (or as otherwise indicated at the time of posting).

In all cases, continued use of the Services by you, or if you are a Customer, any of your Users, after the effective date of any modified Privacy Notice indicates your acknowledging that the modified Privacy Notice applies to your interactions with the Services and our business.