Privacy Policy

Thank you for using our products and services (“Services”). We are Impact Analytics Inc. (“Impact”) and our contact information is on our web site contact page. Give us notice to this address by any of the available channels of communication.

Impact Analytics Inc. (“Impact” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend the Company’s corporate events (“Attendees”). This Privacy Statement describes Impact’s privacy practices in relation to the use of the Company’s Web sites and the related applications and services offered by sImpact.com (the “Services”).

1. Web sites covered

This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including: https://www.Impact.com; https://app.Impact.com (collectively referred to as “Impact’s Web sites” or “the Company’s Web sites”).

Impact’s Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.

2. Information collected

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Impact requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Impact may require you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Impactmay also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information about Customers are referred to collectively as “Data About Impact Customers”, or in the case of Attendees, “Data About Impact Attendees”.

As you navigate the Company’s Web sites, Impact may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web sites (such as the Web pages viewed and the links clicked).

3. Use of information collected

The Company uses Data About Impact Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company also uses Data About Impact Attendees to plan and host corporate events, host online forums and social networks in which event attendees may participate, and to populate online profiles for Attendees on the Company’s Web sites. Additional information on the Company’s privacy practices with respect to Data About Impact Attendees may be found in additional privacy statements on the event Web sites, as the case may be. Please see here for more information on bulletin boards, blogs, or chat rooms provided by Impact in connection with its corporate events.

The Company may also use Data About Impact Customers and Data About Impact Attendees for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company, its affiliates, and its partners, such as information about promotions or events.

Impact uses credit card information solely to check the financial qualifications and collect payment from prospective Customers and Attendees.

Impact uses Web Site Navigational Information to operate and improve the Company’s Web sites. The Company may also use Web Site Navigational Information alone or in combination with Data About Impact Customers and Data About Impact Attendees to provide personalized information about the Company.

4. Web site navigational

Cookies, Web Beacons and IP Addresses

Impact uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on the Company’s Web sites and how this information may be used.

Cookies

Impact uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, Impact’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Impact, either by responding to a promotional offer, opening an account, or filling out a Web form, you remain anonymous to the Company.

Impact uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web sites, but you will not be able to successfully use the Services.

Web Beacons

Impact uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Impact may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. Impact uses Web beacons to operate and improve the Company’s Web sites and email communications.

IP Addresses

When you visit Impact’s Web sites, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Impact uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web sites.

Impact also collects IP addresses from Customers whey they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.

5. Public forums, refer a friend, and customer testimonials

Impact may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Impact is not responsible for the personal information you choose to submit in these forums.

Customers and Visitors may elect to use the Company’s referral program to inform friends about the Company’s Web sites. When using the referral program, the Company requests the friend’s name and email address. Impact will automatically send the friend a one-time email inviting him or her to visit the Company’s Web sites. Impact does not store this information.

Impact posts a list of Customers and testimonials on the Company’s Web sites that contain information such as Customer names and titles. Impact obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

6. Sharing of information collected

Service Providers

Impact may share Data About Impact Customers and Data About Impact Attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. Impactmay also share Data About Impact Customers with the Company’s service providers to ensure the quality of information provided. Unless described in this Privacy Statement, Impact does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Impact Affiliates

The Company may share Data About Impact Customers with other companies in order to work with them, including affiliates of Impact. For example, the Company may need to share Data About ImpactCustomers for customer relationship management purposes.

Business Partners

From time to time, Impact may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Impact, the Company may share Data About Impact Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Impact does not control our business partners’ use of the Data About Impact Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Impact does not share Data About Impact Attendees with business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Company event and have your attendee badge scanned by a business partner. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Company events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements.

Billing

Impact uses a third-party service provider to process credit card payments. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.

Compelled Disclosure

Impact reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

7. International transfer of information collected

To facilitate Impact’s global operations, the Company may transfer and access Data About ImpactCustomers and Data About Impact Attendees from around the world, including Canada, USA, and Europe. This Privacy Statement shall apply even if Impact transfers Data About Impact Customers or Data About Impact Attendees to other countries.

8. Communications preferences

Impact offers Visitors, Customers, and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking here or by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to info@Impact.com. Customers cannot opt out of receiving transactional emails related to their account with Impact or the Services.

9. Correcting and updating your information

Customers may update or change their registration information by editing their user or organization record. To update a user profile, billing information, or to cancel your account please login to our websitewith your email and password and click “Options.” Alternatively, you can email info@Impact.com or call +1 (587) 205-9188. Requests to access, change, or delete your information will be handled within 30 days.

10. Customer data

Impact Customers may electronically submit data or information to the Services for hosting and processing purposes (“Customer Data”). Impact will not review, share, distribute, or reference any such Customer Data except as provided in the Impact Terms of Service, or as may be required by law.

In accordance with the Impact Terms of Service, Impact may access Customer Data only for the purpose of providing the Services, preventing or addressing service or technical problems, at a Customer’srequest in connection with customer support matters, or as may be required by law.

Customer Data is stored in the geography selected by the customer when they sign up for the Services. These geographies may include Canada, United States, and Europe. The default storage geography for customer data is Canada.

11. Security

Impact uses robust security measures to protect Customer Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Customer Data. When the Services are accessed using Internet Explorer version 8.0 or later, Firefox version 2.0 or later, or Safari version 3.0 or later, Secure Socket Layer (.SSL.) technology protects Customer Data using both server authentication and data encryption. These technologies help ensure that Customer Data is safe, secure, and only available to the Customer to whom the information belongs and those to whom the Customer has granted access. Impactalso implements an advanced security method based on dynamic data and encoded session identifications, and the Company hosts its Web sites in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Impact also offers enhanced security features within the Services that permit Customers to configure security settings to the level they deem necessary. Customers are responsible for maintaining the security and confidentiality of their Impact access credentials such as passwords.

Because the Company uses the Services to maintain Data About Impact Customers and Data About Impact Attendees, this information, which is stored in the Services, is secured in the same manner as described above for Customer Data.

12. Residents of the European Economic Area (“EEA”)

If you are located in the EEA, you have certain rights under European law with respect to your personal data, including the right to request access to, correct, amend, delete, port to another service provider, or object to certain uses of your personal data. If you are a client, a visitor of Impact’s websites, or a user of Impact’s support services and wish to exercise these rights, please reach out to us using the contact information below. If you are a guest user of a client who uses Impact’s platform and wish to exercise these rights, please contact the client you interacted with directly — we serve as a processor on their behalf, and can only forward your request to them to allow them to respond.

Additionally, if you are located in the EEA, we note that we are generally processing your information in order to fulfill contracts we might have with you, or otherwise to pursue our legitimate business interests listed above, unless we are required by law to obtain your consent for a particular processing operation. In particular we process your personal data to pursue the following legitimate interests, either for ourselves, our clients, our partners, or other third parties (including our client’s guest users):

• To provide clients and others with our services and applications;

• To prevent risk and fraud on our platform;

• To provide communications, marketing, and advertising;

• To provide reporting and analytics;

• To help clients integrate with third party services;

• To provide troubleshooting, support services, or to answer questions;

• To test out features or additional services; and

• To improve our services, applications, and websites.

When we process personal information to pursue these legitimate interests, we do so where we believe the nature of the processing, the information being processed, and the technical and organizational measures employed to protect that information can help mitigate the risks to the data subject.

13. Changes to this Privacy Statement

Impact reserves the right to change this Privacy Statement. Impact will provide notification of the material changes to this Privacy Statement through the Company’s Web sites at least thirty (30) business days prior to the change taking effect.

14. Contacting us

Questions regarding this Privacy Statement or the information practices of the Company’s Web sites should be directed to Impact Privacy emailing privacy officer at info@impactrisk.ai or mailing Impact at2004 Sherwood Drive, Sherwood Park, AB T8A 0Z1

‍