‍Last modified: October 15, 2025

INTRODUCTION

SureSwift Worldwide Inc. dba MeetEdgar and our affiliates and subsidiaries ("Company", "We", and/or “Us”) respect your privacy and are committed to protecting it by complying with this Privacy Policy (the “Policy”). 

This Policy describes:

• The types of information we may collect or that app users ("you") may provide when you access, register with and/or use the desktop web application called “MeetEdgar” (offered as a web-based application) or use the application called “MeetEdgar” (offered as an iOS, Android and/or web-based application) (the "App", collectively with the App hereinafter referred to as the "Platform"); and
• Our practices for collecting, using, maintaining, protecting, and disclosing that information.

We will only use your personal information in accordance with this Policy unless otherwise required by applicable law. We take steps to ensure that the personal information that we collect about you is adequate, relevant, not excessive, and used for limited purposes. We implement regular data backup procedures and have recovery protocols in place to protect against data loss.

Under applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), other U.S. state privacy laws, and other international laws (collectively, “Privacy Laws”), "Personal Information" means information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal Information does not include business contact information, including your name, title, or business contact information.

This policy applies only to information we collect in this Platform, in email, text, and other electronic communications sent through or in connection with this Platform.

This Policy DOES NOT apply to information that:

• We collect offline or on any other Company apps or websites, including websites you may access through this Platform; 
• You provide to or is collected by any third party (see Third-Party Information Collection);
• You provide to or is collected by any third party, for purposes including but not limited to: service enhancement and improvement; personalized user experience; analytics and performance tracking; marketing and communication purposes; compliance with legal and regulatory requirements. We will only share your Personal Information with third parties when necessary and with your consent, and we require these third parties to protect the confidentiality and security of your information.

Our website and Platform, and these third parties, may have their own privacy policies, which we encourage you to read before providing information on or through them.

We will only use your Personal Information in accordance with this Policy unless otherwise required by applicable law. There are certain legal or technical limitations to your rights, including without limitation:

1. Legal Restrictions: We may be unable to provide or delete certain Personal Information when required to maintain compliance with legal obligations, such as financial record-keeping, fraud prevention, or ongoing legal proceedings.
2. Technical Limitations: Some personal data may not be fully transferable due to technical constraints or when removal would compromise the integrity of our systems or other users' privacy.
3. Third-Party Data: Information collected or processed by third-party services may have additional restrictions on access or deletion.

We process your personal data based on one or more of the following legal bases as required by the GDPR: your explicit consent, our legitimate business interests (which we have balanced against your rights and freedoms), to fulfill our contractual obligations to you, to comply with legal obligations, to protect vital interests, or to perform tasks in the public interest. If you disagree with our policies and practices, do not download, register with, or use this Platform. By downloading, registering with, or using this Platform, you indicate that you understand, accept, and consent to the practices described in this Policy. This policy may change from time to time (see Changes to Our Policy). Your continued use of this Platform after we make changes indicates that you accept and consent to those changes. Please check the Policy periodically for updates.

In the event of a data breach, we are committed to promptly notifying affected users and relevant supervisory authorities within 72 hours of becoming aware of the breach, where feasible, as required by the GDPR and other applicable privacy laws. Our data breach notification procedure includes: 

1. Identifying the nature and scope of the breach

2. Assessing potential impact on user data

3. Implementing immediate containment measures

4. Providing detailed written notification to affected users via email

5. Offering guidance on potential protective steps users can take

6. Providing contact information for further inquiries and support

We will comply with all applicable U.S. state and federal data breach notification laws, including but not limited to the requirements under the CCPA, and will take all necessary steps to protect users. In the event of a breach affecting users in other countries, we will also comply with applicable international breach notification requirements pursuant to Privacy Laws.

‍

INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We collect information about you through:

• Direct interactions with you when you provide it to us, for example, by filling in forms or corresponding with us. 
• Automated technologies or interactions, when you use the Platform, for example, usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies. We regularly implement security updates and patches to protect user data and maintain the integrity of our systems.

The types of information that we collect include:

• Personal Information that we can reasonably use to directly or indirectly identify you, such as your name, mailing address, email address, telephone number, internet protocol (IP) address, username or other similar identifier, credit card information, billing information, and any other identifier we may use to contact you. 
• We retain your Personal Information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. You can request earlier deletion of your data by contacting our Privacy Officer at: privacy@sureswiftcapital.com.

We provide an opportunity for any user to opt out of contact for marketing purposes on an ongoing basis by accessing our Website at https://www.meetedgar.com/, using the unsubscribe mechanism at the bottom of our emails, or emailing privacy@sureswiftcapital.com.

• Business-related information, namely information that relates to your business duties, including:
  
  • title;
  • duties;
  • business address;
  • business email address; and
  • business telephone number.
• Non-Personal Information that does not directly or indirectly reveal your identity or directly relate to an identified individual, such as demographic information, or statistical or aggregated information. We may derive non-personal statistical or aggregated data from Personal Information. For example, we may aggregate Personal Information to calculate the percentage of users accessing a specific app feature.
• Technical information, including your login information, device type, time zone setting, and usage details.
• To ensure the ongoing security and integrity of our data protection systems in accordance with GDPR Article 32, we implement appropriate technical and organizational measures, including regular security assessments, data protection impact assessments where required, and independent security audits. We maintain compliance with industry-standard security certifications and regularly review our security measures to ensure ongoing confidentiality, integrity, availability, and resilience of our processing systems.
• We implement strict controls to limit employee access to user data. Access is granted on a need-to-know basis and all access to user data is logged and regularly audited. Employees are required to undergo annual privacy and security training and are bound by confidentiality agreements.

Information You Provide to Us 

When you download, register with, or use this Platform, we may ask you to provide certain information. Some of this information is required for basic app functionality, while other information is optional. Required information includes:

• Information by filling in forms in the Platform. This includes information you provide when registering to use the Platform, subscribing to our service, and or requesting further services from Us. We may also ask you for information when you report a problem with the Platform.
• Records and copies of your correspondence, including email addresses and phone numbers, if you contact us.
• Your responses to surveys that we may ask you to complete for research or other purposes.

Automatic Information Collection and Tracking Technologies

When you download, access, and use the Platform, it may automatically collect and/or we may process the following categories of Personal Information as defined under the GDPR and other applicable privacy laws, with specific legal bases for processing: (1) Usage Data: Platform interactions, in-app purchases, and performance data (legal basis: legitimate interests); (2) Identifiers: Device ID and User ID (legal basis: legitimate interests and contract performance); (3) Diagnostics: Crash data, performance data, and diagnostic information (legal basis: legitimate interests); (4) Location: Approximate and/or precise location as detailed below (legal basis: consent); (5) Personal Information: Name, email address, and phone number if provided (legal basis: contract performance and consent); (6) User Content: Any user-generated content (legal basis: contract performance); (7) Sensitive Personal Information: We do not collect or process sensitive personal information as defined under applicable privacy laws unless explicitly required and with your specific consent. We process this information to provide and improve our services, personalize your experience, and comply with legal obligations. For international data transfers, we rely on EU-approved transfer mechanisms such as the EU-US Data Privacy Framework, binding corporate rules, or Standard Contractual Clauses. Data is protected using technical and organizational measures in accordance with GDPR requirements and other applicable privacy laws.

• Usage details. When you access and use the Platform, we may automatically collect certain details of your access to and use of the Platform, including [traffic data,] [location data,] [logs,] [and other] communication data and the resources that you access and use on or through the Platform. 
• Device information. We may collect information about your mobile device and internet connection, including the device's unique device identifier, IP address, operating system, browser type, mobile network information, and the device's telephone number.
• Stored information and files. The Platform may also access metadata and other information associated with other files stored on your device. 
• Location information. This Platform collects real-time information about the location of your device only while you are actively using the Platform. We do not collect location information in the background when you are not using the Platform.

 The technologies we use for this automatic data collection may include:

• Web beacons. Pages of the Platform may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit the Company, for example to count users who have visited those pages and for other related app statistics (for example, recording the popularity of certain app content and verifying system and server integrity). We may also use other tracking technologies such as device IDs and advertising identifiers to collect information about your use of the Platform.

We may also use these technologies to collect information about your activities over time and across third-party websites, apps or other online services (behavioral tracking). To learn more or to opt-out of tailored advertising please visit Digital Advertising Alliance (DAA) Opt-Out Tool and/or Network Advertising Initiative (NAI) Opt-Out Tool for information on how you can opt out of behavioral tracking on or through this Platform and how we respond to browser signals and other mechanisms that help users exercise their choices about behavioral tracking. We will notify users of any material changes to our tracking technologies usage through an update to this policy or other appropriate means.

The information we collect is used for the following specific purposes: Personal Information (such as name, email, and phone number) is used for account creation, communication, and customer support. Device information and usage data are used to improve app functionality, personalize user experience, and analyze app performance. 

The information we collect is categorized into two types of tracking technologies, in accordance with the GDPR and other applicable privacy laws and regulations: 

• Essential Tracking Technologies: These are crucial for the basic functionality of our Platform, including, without limitation, tracking technologies that enable account creation of Technologies necessary for customer support and Tracking required to maintain core app performance and user authentication; and
• Non-Essential Tracking Technologies: These are used for additional purposes and can be opted out of, including Behavioral tracking across third-party websites; Advertising-related tracking; Analytics and usage pattern collection; and Personal Information (such as name, email, and phone number) used for essential functions will always be collected, while non-essential tracking can be managed through user preferences.

If you do not want Us to collect this information, do not download the Platform or delete it from your device. For more information, see: Choices About How We Use and Disclose Your Information. 

Third Party Subprocessors and Service Providers

‍We currently use the following third-party providers. Each processes Personal Information on our behalf, subject to contractual confidentiality and security obligations.

• Stripe — Purpose: billing and payment processing; Data: name, email, billing details, transaction data; Legal basis: contract performance/legal obligations; Transfer: global (incl. U.S.); Policy: https://stripe.com/privacy
• Intuit Mailchimp — Purpose: email list management and communications; Data: name, email, subscription preferences; Legal basis: consent/legitimate interests; Transfer: global (incl. U.S.); Policy: https://www.intuit.com/privacy/statement/
• Heroku (Salesforce) — Purpose: application hosting; Data: account identifiers, usage and operational logs; Legal basis: contract performance/legitimate interests; Transfer: global (incl. U.S.); Policy: https://www.heroku.com/policy/privacy and https://www.salesforce.com/company/legal/privacy/
• Cloudflare — Purpose: CDN, security (DDoS protection), SSL/TLS; Data: IP address, device/traffic metadata; Legal basis: legitimate interests; Transfer: global; Policy: https://www.cloudflare.com/privacypolicy/
• Let’s Encrypt; GlobalSign/AlphaSSL — Purpose: TLS certificates; Data: certificate/operational metadata; Legal basis: legitimate interests; Transfer: global; Policies: https://letsencrypt.org/privacy/ and https://www.globalsign.com/en/repository/GlobalSign_CP_v5.2.pdf
• Webflow — Purpose: website hosting and form submissions; Data: name, email, form content; Legal basis: consent/contract performance; Transfer: global (incl. U.S.); Policy: https://webflow.com/legal/privacy
• Disqus — Purpose: blog comments; Data: profile information and comment content provided by users; Legal basis: consent; Transfer: global; Policy: https://help.disqus.com/terms-and-policies/disqus-privacy-policy
• Intercom — Purpose: customer support and communications; Data: name, address, email, social profile name, job title; Legal basis: contract performance/legitimate interests; Transfer: global (incl. U.S.); Policy: https://www.intercom.com/legal/privacy
• Mixpanel — Purpose: product analytics; Data: name, email, IP address, usage events; Legal basis: legitimate interests/consent where required; Transfer: global (incl. U.S.); Policy: https://mixpanel.com/legal/privacy-policy/
• YouTube — Purpose: embedded video hosting; Data: device identifiers and usage as per YouTube’s policies; Legal basis: consent/legitimate interests; Transfer: global; Policy: https://policies.google.com/privacy

MeetEdgar may allow you to connect a YouTube channel to your Account, in which case we will access certain information from Google and YouTube regarding your Account. In particular, we may collect your profile image, display name, profile ID, access tokens and/or existing videos. This includes the details of your video and engagement data on YouTube (such as click rates, likes, re-shares and impressions as well as general engagement counts), to the extent permitted by applicable law. This data will only be used by MeetEdgar to provide you with the service levels you expect from our Services and will not be shared with any third parties. Please acquaint yourself with Google’s Privacy Policy, which provides more information. MeetEdgar uses YouTube API Services and by using the YouTube API integration via MeetEdgar, you agree to be bound by YouTube’s Terms of Service. You may revoke our access to your YouTube data at any time via the Google security settings for your account. 

• OpenAI — Purpose: AI content generation features; Data: prompts and usage data; Legal basis: consent/contract performance; Transfer: global (including the United States); Policy: https://openai.com/policies/privacy-policy

Please Note: We do not store Social Media Platform passwords. We use access tokens via official APIs to post content and provide analytics. You may revoke platform access at any time in your social account settings, which may limit functionality. We do not sell your Personal Information.‍

Third-Party Information Collection

When you use the Platform or its content, certain third parties collect information about you or your device. These third parties may include: 

• Advertisers, ad networks, and ad servers;
• Analytics companies;
• and others.

These third parties may use cookies alone or in conjunction with other tracking technologies to collect information about you when you use the Platform. The information they collect may be associated with your Personal Information, or they may collect information, including Personal Information (such as your name, email address, device identifiers, IP address, and usage data), about your online activities over time and across different websites, apps, and other online services. They may use this information to provide you with behavioral advertising or other targeted content. We require all third parties to respect your privacy choices and comply with applicable privacy laws. For users in jurisdictions with comprehensive privacy laws (such as the EU, California, Virginia, or Colorado), we ensure these third parties honor your rights regarding automated decision-making, profiling, and cross-context behavioral advertising. You have the right to opt out of the sale or sharing of your personal information for targeted advertising purposes.

You can opt out of several third-party ad servers' and networks' cookies simultaneously by using opt-out tools created by the Digital Advertising Alliance (DAA) or an opt-out tool developed by the Network Advertising Initiative. You can also access these websites to learn more about online behavioral advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

We do not control the tracking technologies used by these third parties or how they are used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For more information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.

‍

HOW WE USE YOUR INFORMATION

We process Personal Information that we collect about you or that you provide to us, based on the following legal bases under GDPR and other applicable privacy laws:

• To provide you with the Platform and its contents.
• To provide you with information, products or services that you request from us.
• To fulfill the purposes for which you provided it based on your consent, or that were described when it was collected, and only for purposes compatible with the original collection purpose as required by data protection laws.
• To provide notices about your account and subscription, including expiration and renewal notices.
• To carry out our obligations and enforce our rights in any contracts with you, including for billing and collection or to comply with legal requirements.
• To notify you when any updates to the Platform are available, and of changes to any products or services we offer or provide through it.
• To improve our Platform, products or services, or customer relationships and experiences.
• For marketing purposes.
• To measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you.
• For any other purpose with your consent.

Usage information that we collect helps us improve our Platform and to deliver a better and more personalized experience, including by enabling us:

• Estimate our audience size and usage patterns.
• Store information about your preferences, allowing us to customize our Platform according to your individual interests.
• Speed up your searches.
• Recognize you when you use the Platform.

We may also use your information to contact you about our own goods and services that may be of interest to you, as permitted by law. If you do not want us to use your information in this way, please check the relevant box located on the form on which we collect your data, adjust your user preferences in your account profile, use the unsubscribe mechanism at the bottom of our emails, and/or email our Privacy Officer at: privacy@sureswiftcapital.com. For more information, see Choices About How We Use and Disclose Your Information.

We may use the information we have collected from you to display advertisements to our advertisers' target audiences. Even though we do not disclose your Personal Information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

‍

DISCLOSURE OF YOUR INFORMATION

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Information that we collect or you provide as described in this Policy:

• To our subsidiaries and affiliates.
• According to applicable U.S. federal and state laws, including but not limited to the California Consumer Privacy Act (CCPA) where applicable, and other relevant international privacy laws, such as the GDPR, among others, to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Us about our customers and users is among the assets transferred.
• To contractors, service providers, and other third parties we use to support our business, such as analytics and search engine providers that help us optimize and improve our services. We contractually require these third parties to keep Personal Information confidential, use it only for the purposes for which we disclose it to them, and to process Personal Information following the same standards set out in this Policy.
• To fulfill the purpose for which you provide it to us.
• For any other purpose, we disclose the Personal Information when you provide it.
• With your consent.
• To comply with any court order, law, or legal process, including to respond to any government or regulatory request, according to applicable U.S. federal and state laws, and international laws where applicable. This includes compliance with lawful requests from both U.S. and foreign law enforcement agencies, regulatory authorities, and other public and government authorities.
• To enforce our rights arising from any contracts between you and us, including our Terms and Conditions which are reviewable here: https://meetedgar.com/terms-conditions, and for billing and collection.
• If we believe disclosure is necessary or appropriate to protect our rights, property and or that of our customers and others. This includes exchanging information with other companies and organizations for fraud prevention.

‍

TRANSFERRING YOUR PERSONAL INFORMATION

We may transfer Personal Information that we collect or that you provide to our contractors, service providers, and other third parties we use to support the Platform (such as analytics providers that assist us with improvement and optimization of the Platform) who are contractually obligated to keep Personal Information confidential. These transfers may involve sending data across international borders. For users in the European Union, United Kingdom, or other regions with data protection laws, please note that your information may be transferred to and processed in the United States and other countries that may not provide the same level of data protection as your home country. We ensure appropriate safeguards are in place through standard contractual clauses (SCCs) and other legal mechanisms to protect your data in compliance with applicable laws, including but not limited to GDPR, CCPA/CPRA, VCDPA, CPA, CTDPA, and other state privacy laws. For transfers from the EU/EEA, we rely on EU Commission-approved SCCs and supplementary measures as required by the Schrems II decision. We are committed to notifying you of any material changes in our third-party sharing practices through updates to this Policy or direct communication.

We may process, store, and transfer your Personal Information in and to other countries, including but not limited to the European Union member states, Asian countries, and other jurisdictions, United States which may have different privacy laws that may or may not be as comprehensive as such law. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your Personal Information. Whenever we engage a service provider, we require that its privacy and security standards comply with this policy, applicable U.S. federal and state privacy laws, and other relevant regulations such as the GDPR where applicable.

You are welcome to contact us to obtain further information about the Company policies regarding service providers outside of the United States. See Contact Information and Questions About Our Policy.

For international transfers of your Personal Information, we implement appropriate safeguards including Standard Contractual Clauses approved by the European Commission, and we only transfer your data to countries that provide an adequate level of protection as determined by applicable data protection authorities or where we have put in place appropriate safeguards to ensure the protection of your personal data.

‍

CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION

Under the GDPR and other applicable privacy laws, you have certain rights regarding your Personal Information. These include: the right to access, correct, delete, restrict processing of your data, data portability, and the right to object to processing. We have created mechanisms to help you exercise these rights and provide you with the following control over your information: 

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. You can choose whether to allow the Platform to collect information through other tracking technologies by configuring your settings through our on-screen cookie banner, or by clicking “Cookies” in the footer navigation on MeetEdgar.com. If you disable or refuse cookies or block the use of other tracking technologies some parts of this Platform may not be accessible or may not function properly. For more information about tracking technologies, see Automatic Information Collection and Tracking Technologies. 
• Promotional Offers from the Company. If you have opted in to receive certain emails from us but no longer wish for us to use your email address and other contact information to promote our own or third parties' products or services, you can opt out by emailing our Privacy Officer at privacy@sureswiftcapital.com. If we have sent you a promotional email, you may unsubscribe by clicking the unsubscribe link we have included in the email. 
• Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target audience preferences, you can opt out by emailing our Privacy Officer at privacy@sureswiftcapital.com.  

We do not control third parties' collection or use of your information to serve behavioral advertising. These third parties may provide you with additional choices about how they use your information or ways to choose not to have your information collected or used in this way. You can opt out of several third party ad servers' and networks' cookies simultaneously by using an opt-out tool created by the Digital Advertising Alliance (DAA), Network Advertising Initiative (NAI), or other industry-standard opt-out tools. You can also access these websites to learn more about online behavioral advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

‍

DATA SECURITY

The security of your Personal Information is very important to us. We implement and maintain reasonable security measures appropriate to the nature of the personal information we process, including physical, technical, and organizational measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include encryption at rest and in transit, access controls, network security monitoring, and regular security assessments. We store all information you provide to us behind firewalls on our secure servers in accordance with industry standards, applicable U.S. data security laws, and the EU General Data Protection Regulation (GDPR). Any payment transactions and sensitive Personal Information will be encrypted using current industry-standard encryption protocols and will be processed in compliance with the Payment Card Industry Data Security Standard (PCI DSS).

The safety and security of your information also depends on you. Where we have given you (or you have chosen) a password for access to certain parts of our Platform, you are responsible for keeping it confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Platform like message boards, which any Website visitor can view.

Unfortunately, the transmission of information via the Internet and mobile platforms is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted through the Platform. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of anyPlatform privacy settings or security measures. 

‍

DATA RETENTION

We will only retain your Personal Information for as long as necessary to fulfill the purposes we collected it for, as required by applicable law or regulation including GDPR. We maintain a detailed data retention schedule that aligns with these requirements and your rights as a data subject. For EU residents, you have the right to request information about our retention periods for specific data categories. Under some circumstances we may anonymize or aggregate your Personal Information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent. 

‍

CHILDREN UNDER THE AGE OF 16

Given the nature of our Platform and its transactional functions, it is not intended for children under 16 years of age. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect Personal Information from children under 13 in the US, or under 16 in the EU/EEA and certain US states like California. If we learn we have collected or received personal information from a child without parental consent, we will delete that information and take reasonable measures to verify the individual's age. 

‍

ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes. Under GDPR, CCPA/CPRA, and other applicable privacy laws, you have various rights regarding your Personal Information, including the rights to: access your data; correct inaccurate data; delete your data (including the "right to be forgotten"); restrict or object to processing; port your data; opt-out of the sale or sharing of personal information; and limit the use of sensitive personal information. These rights may vary depending on your location and the applicable law. EU residents also have the right to object to processing and to withdraw consent at any time. These rights, which we respect and work to adhere to in all applicable jurisdictions, typically include the following: 

• Access: Request confirmation of whether we process your Personal Information and access to that Personal Information; 
• Correction: Request correction of inaccurate Personal Information; 
• Deletion: Request deletion of your Personal Information;
• Data Portability: Request a copy of your Personal Information in a portable format; 
• Opt-Out: Opt out of the processing of your Personal Information for targeted advertising, sale of Personal Information, or profiling; 
• Third-Party List: Request a list of specific third parties to whom we have disclosed your Personal Information. 

You can review and change your Personal Information by logging into the Platform and visiting your account profile page.

To exercise any of these rights, email our Privacy Officer at privacy@sureswiftcapital.com with "OCPA Rights Request" in the subject line. Include your name, email address associated with your account, and the specific right(s) you wish to exercise. We will respond within 45 days of receiving your 

To request a list of the specific third parties to whom we have disclosed your Personal Information in the preceding 12 months, email our Privacy Officer at privacy@sureswiftcapital.com with "Third-Party List Request" in the subject line. Include your name and email address associated with your account. We will provide this list within 45 days of your request.

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the Personal Information that we hold about you or make your requested changes. For EU residents, we will respond to your request within one month of receiving all necessary information, as required by GDPR. This period may be extended by two further months where necessary, taking into account the complexity and number of requests, but we will inform you of any such extension within the first month. Applicable law may allow or require us to refuse to provide you with access to some or all of the Personal Information that we hold about you, or we may have destroyed, erased, or made your Personal Information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your Personal Information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

We will provide access to your Personal Information, subject to exceptions set out in applicable Privacy Laws, including without limitation: 

• Information protected by solicitor-client privilege.
• Information that is part of a formal dispute resolution process.
• Information that is about another individual that would reveal their Personal Information or confidential commercial information.
• Information that is prohibitively expensive to provide.

If you are concerned about our response or would like to correct the Personal Information provided, you may contact our Privacy Officer at privacy@sureswiftcapital.com.

‍

WITHDRAWING YOUR CONSENT

Where you have provided your consent to the collection, use, and transfer of your Personal Information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact our Privacy Officer at privacy@sureswiftcapital.com. Please note that if you withdraw your consent, we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you make your decision. 

‍

CHANGES TO OUR POLICY

We may update our Policy from time to time. It is our policy to post any changes we make to our Policy on this page with a notice that we have updated the Policy. If we make material changes to how we treat our users' Personal Information, including using collected data for new purposes or sharing it with new categories of third parties, we will post the amended Policy on this page with a notice that the Policy has been updated, notify you by email to the primary email address specified in your account and/or an in-App alert, and obtain your explicit consent where required by applicable law before implementing such changes the first time you use the Platform after we make the change. We will obtain your consent before using your Personal Information for any new purpose not covered by this Policy.

We include the date the Policy was last revised at the top of the page. You are responsible for ensuring we have an up-to-date, active, and deliverable email address for you, and for periodically visiting this Policy to check for any changes.

‍

CONTACT INFORMATION AND QUESTIONS ABOUT OUR PRIVACY PRACTICES

We welcome your questions, comments, and requests regarding this Policy and our privacy practices. Please contact our Privacy Officer at privacy@sureswiftcapital.com. We have procedures in place to receive and respond to complaints or inquiries about our handling of Personal Information and our compliance with this Policy, applicable U.S. federal and state privacy laws, GDPR and other applicable international privacy regulations. To discuss our compliance with this Policy, please contact our Privacy Officer using the contact information listed above.

‍