Privacy Policy

Description of Recent Changes:

• Enhanced consistency regarding personal data collected by and through iCapture’s services.
• Clarification of data sharing with and access to iCapture’s customer data by a successor entity for purposes of continuing iCapture’s services and integrating them with the successor entity’s platform.

Last modified January 10, 2024

Summary

iCapture respects each individual’s right to personal privacy. This Privacy Policy is designed to assist you in understanding how iCapture will collect, use, and safeguard any personal information you provide. We don’t sell personal information submitted to iCapture to third parties; and we only use it as this Privacy Statement describes. If
you’re visiting us from the EU: we comply with GDPR framework. If you are a resident of California, we also comply with CCPA framework.

All personal data submitted to iCapture either directly from customers or from its customers’ users or visitors via questionnaires or other data submission tools is governed by iCapture’s following policies.

Terms and Conditions

Although iCapture owns the data storage, databases, and the iCapture website, you retain all rights to your data. We will also not utilize your data in our databases to compete with you, market to your clients, advertise to, or contact them for any other means of profit.

Security

iCapture has implemented processes intended to protect user information and maintain security of data. Each account holder is assigned a unique username and password, which is required to access their account. It is your responsibility to protect the security of this login information. We have attempted to protect iCapture’s servers by locating them in areas with security procedures, use of firewalls, and implementing other generally available security technologies. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of data, but no guarantee can be made that your information and data will be secure from intrusions and unauthorized release to 3rd parties.

Cancellation or Termination of the Account

If you choose to cancel your account and leave the iCapture service, or your account is terminated because of your breach of the Terms of Service, please be aware that iCapture may for a time retain residual information in our backup and/or archival copies of our database. We will make reasonable commercial efforts to delete your information
as soon as reasonably practical.

Application Data

As part of iCapture’s Services, we store the questionnaires, forms, and surveys you build, as well as any data that was collected from those forms. We respect the privacy of our customers, their users, and visitors, and consider all data that is collected to be private. iCapture uses the personal information collected through its services for internal
purposes - to operate and improve the services, and iCapture will not sell your personal information or that of any customers’ users or visitors to a third-party, except as disclosed in this statement.

All data collected using iCapture (via questionnaires, etc.) is transferred to the United States, unless the iCapture customer chooses to not have the data stored within the iCapture database.

Account Information

iCapture collects personal information such as names and email addresses from those who contact us via email or through the iCapture website. iCapture does not sell Account Information to third-parties, and only uses it to communicate with you about your iCapture account and features as needed. You may update your account
information at any time.

Web Server Logs

iCapture gathers certain information automatically from visitors’ web browsers that load our web pages and stores it in log files. These log files contain standard information collected by web servers, such as IP addresses, device type, browser type, internet service provider (ISP), operating system, etc. This information is only used internally
and is not sold to a 3rd party. iCapture uses this information—which does not identify individual users—to analyze trends, to administer the iCapture website, and to gather demographic information about its user base as a whole. iCapture does not link its Web Server Logs to personally identifiable information.

Data Sharing and Compliance with Law

Any information collected by iCapture may be shared with third parties when necessary to investigate, prevent, or prosecute illegal activities, suspected fraud, violations to the Terms and Conditions, or as otherwise required by law or a valid governmental request (including, but not limited to, search warrants, subpoenas, or court orders).

iCapture has been acquired and will share your information with the acquiring entity in order to facilitate the continued operation of the services in accordance with this policy and to assist with the integration of iCapture services into the acquiring entity. This privacy policy will continue in effect until such time as the acquiring entity either
changes the services or updates the privacy commitments that apply to iCapture customers’ personal data. iCapture or the acquiring entity will provide notice to you in advance of any material changes to this policy taking effect.

Cookies

A “cookie” is a small text file containing a unique identifier that our web server sends to a user’s browser, and may be stored on a user’s hard drive. Cookies are required to use iCapture Services. If you have your browser set to reject cookies, your use of the iCapture Services is likely to be interrupted. The cookies we use are not permanent.

Third-Party Service Integration

Our Service allows you to integrate with various online Third-Party Services (“Third- Party Services”). In order to take advantage of this feature, you may need to authenticate, register for, or log into Third-Party Services through the Service or on the websites of their respective providers. When you enable integration between or log in to
Third-Party Services through the Service, we will collect relevant information necessary to enable the Service to access that Third-Party Service (“Login Credentials”). We store your Login Credentials long enough to enable integration to the Third-Party Service.

Please remember that the manner in which Third-Party Services use, store, and disclose your information is governed by the policies of such Third-Party Services, and iCapture shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Services that may be enabled within the Service.

We may retain certain personally non-identifiable information related to integration between Third-Party Services (for example: date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services.

Online Advertising

iCapture advertises its services online and through remarketing. Third party vendors, including Google, show iCapture ads on other sites on the internet. These ad vendors use cookies to serve iCapture ads based on a user’s prior visits to the iCapture website. Users may opt out of a third party vendor’s use of cookies by visiting the Network Advertising Initiative opt out page: https://optout.networkadvertising.org/?c=1.

Third-party Websites

iCapture is not responsible for the practices employed by websites linked to or from the iCapture website, nor the information or content contained therein. When you use a link from the iCapture website to another website, our Privacy Policy is no longer in effect. Browsing and interaction on any other website, including websites which have a link to the iCapture website, is subject to that website’s own rules and policies.

Changes

iCapture reserves the right to modify this Privacy Policy at any time, so please review it frequently. If material changes are made to this policy, we will notify you here, by email, or by means of a prominent notice on the iCapture website home page.

Compliance with Children’s Online Privacy Protection Act

As a business service, iCapture does not target its offering toward and does not knowingly collect any personal information from users under thirteen (13) years of age.

iCapture’s Global Privacy

Information that we collect will be stored and processed in the United States in accordance with this Privacy Statement. However, we understand that we have users from different countries and regions with different privacy expectations, and we try to meet those needs.

We provide the same standard of privacy protection to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. Additionally, we require that if our vendors or affiliates have access to User Personal Information, they must comply with our Privacy Policies and Terms of Use.

We collect only the minimum amount of personal data necessary, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing. We offer you simple methods of accessing, correcting, or deleting the data we have collected.

iCapture’s GDPR Compliance

We’re committed to helping iCapture customers and users understand, and where applicable, comply with the General Data Protection Regulation (GDPR). The GDPR is the most comprehensive EU data privacy law in decades, and went into effect on May 25, 2018.

The GDPR’s updated requirements are significant and our team has adapted iCapture’s product offerings, operations and contractual commitments to help customers comply with the regulation. Measures we have implemented include:

Investments in our security infrastructure and certifications. Updates to relevant contractual terms

Support for international data transfers by maintaining our SOC2 certifications, and by executing Standard Contractual Clauses through our updated Data Processing Addendum

We also monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and update our product features and contractual commitments accordingly. We’ll provide you with regular updates so that you’re always current.

iCapture’s California Consumer Protection

If you are a resident of California, in addition to the rights set forth above, you have the right to request information from us regarding the manner in which we share certain categories of personal information with third parties for their direct marketing purposes.

Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be
discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CCPA by contacting us at help@icapture.com. We will verify your request using the information associated with your account, including email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.

Resolving Complaints

If you have concerns about the way iCapture is handling your User Personal Information, please let us know immediately. We want to help. You may also email us directly at security@icapture.com with the subject line “Privacy Concerns.” We will respond within 45 days at the latest.

In the unlikely event that a dispute arises between you and iCapture regarding our handling of your User Personal Information, we will do our best to resolve it. If we cannot, we offer an independent dispute resolution provider at no cost to you.

We are subject to the jurisdiction of the Federal Trade Commission.