PLEASE READ THESE TERMS OF USE (the “Agreement”) CAREFULLY BEFORE USING www.assessdo.com (the “Site”). This site is fully controlled and operated by ASSESSDO LLC. By accessing and using this Site, you are hereby agreeing to be legally bound by the terms of use of Assessdo LLC. If you do not agree with all of the following terms of use, please do not use this Site. We reserve the right, at our sole discretion, to change, modify or otherwise alter these terms of use at any time. Such changes and/or modifications shall become effective immediately upon the posting thereof. Please review the terms of use periodically. Your continued use of the Site following the posting of changes and/or modifications will constitute your acceptance of the revised terms of use.

OWNERSHIP OF INTELLECTUAL PROPERTY

All site software, design, text, images, illustrations, audio clips, video clips, artwork, graphic material, or other copyrightable elements, and the selection and arrangements thereof, and trademarks, service marks and trade names (the “Material”) are the property of Assessdo LLC and/or its subsidiaries, affiliates, assigns, licensors or other respective owners and are protected, without limitation, pursuant to U.S. and foreign copyright and trademark laws. Assessdo LLC. hereby grants you a personal, non-exclusive, non-assignable and non-transferable license to use and display, for noncommercial and personal use only, one copy of any material and/or software that you may download from this Site, including, without limitation, any files, codes, audio or images incorporated in or generated by the software provided that you maintain all copyright and other notices contained in such Material. You agree not to reproduce, modify, create derivative works from, display, perform, publish, distribute, disseminate, broadcast or circulate any Material to any third party (including, without limitation, the display and distribution of the Material via a third party website) without the express prior written consent of Assessdo LLC. Use of Assessdo LLC and/or its licensors’ Material is only permitted with their express written permission. You further agree that you will not disassemble, decompile, reverse engineer or otherwise modify the Material. Any unauthorized or prohibited use may subject the offender to civil liability and criminal prosecution under applicable federal and state laws.

Assessdo System

To the extent that portions of this Site provide users an opportunity to post information, ideas and opinions (the “Postings”), please be advised that Postings do not necessarily reflect the views of Assessdo LLC.. In no event shall Assessdo LLC. assume or have any responsibility or liability for any Postings or for any claims, damages or losses resulting from their use and/or appearance on this Site. You hereby represent and warrant that you have all necessary rights in and to all Postings you provide and all information they contain and that such Postings shall not infringe any proprietary or other rights of third parties or contain any libelous, tortious, or otherwise unlawful information. You hereby authorize Assessdo LLC. to use, and authorize others to use, your Postings in whole or in part, on a royalty-free basis, throughout the universe in perpetuity in any and all media, now known or hereafter devised, alone, or together or as part of other material of any kind or nature. Without limiting the foregoing, Assessdo LLC. will have the right to use the postings in any manner that BARIN Technologies Inc. may determine. Assessdo LLC. does not allow Postings which contain:

• profanity or obscenities
• personal attacks on other individuals
• slanderous, defamatory, obscene, pornographic, threatening and harassing comments;and/or
• other information that BARIN Technologies Inc. deems in its sole discretion to be inappropriate for this Site.

The Assessdo software platform may be used for noncommercial purposes only. Users may not post any information intended to promote and/or generate revenue for any third party business activity. Assessdo LLC. periodically monitors the content posted on this Site. Assessdo LLC. will make every effort to ensure that the Assessdo software platform best serve the interests of all users and, therefore, Assessdo LLC. reserves the right to refuse to post, edit, or delete messages that violate the above-referenced rules, as well as revoke the privileges of users who do not comply with such rules.

DISCLAIMER AND LIMITATION OF LIABILITY

THIS SITE AND ALL MATERIALS CONTAINED ON IT ARE DISTRIBUTED AND TRANSMITTED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. ASSESSDO LLC. IS NOT RESPONSIBLE OR LIABLE FOR ANY INFECTIONS OR CONTAMINATION OF YOUR SYSTEM, OR DELAYS, INACCURACIES, ERRORS, OR OMISSIONS ARISING OUT OF YOUR USE OF THIS SITE OR WITH RESPECT TO THE INFORMATION AND MATERIAL CONTAINED ON THIS SITE. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, ADEQUACY, COMPLETENESS, CORRECTNESS AND VALIDITY OF ANY MATERIAL RESTS WITH YOU. TO THE FULLEST EXTENT PERMISSIBLE PURSUANT TO APPLICABLE LAW, ASSESSDO LLC.., ITS AFFILIATES, AND THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, LICENSORS, REPRESENTATIVES, AND THIRD PARTY PROVIDERS TO THE SITE WILL NOT BE LIABLE FOR DAMAGES OF ANY KIND INCLUDING, WITHOUT LIMITATION, COMPENSATORY, CONSEQUENTIAL, INCIDENTAL, INDIRECT, SPECIAL OR SIMILAR DAMAGES, THAT MAY RESULT FROM THE USE OF, OR THE INABILITY TO USE, THE MATERIALS CONTAINED ON THIS SITE WHETHER THE MATERIAL IS PROVIDED OR OTHERWISE SUPPLIED BY ASSESSDO LLC. OR ANY THIRD PARTY. Notwithstanding the foregoing, in no event shall Assessdo LLC. liability to you for any and all claims, damages, losses, and causes of action (whether in contract, tort or otherwise) exceed the amount paid by you, if any, for accessing this Site.

THIRD PARTY HYPERLINKS

The appearance of external hyperlinks and/or postcards generated by third parties does not constitute endorsement by Assessdo LLC., its subsidiaries and affiliates of the opinions or views expressed by these third-party websites and Assessdo LLC.. does not verify, endorse, or take responsibility for the accuracy, currency, completeness or quality of the content contained at these sites. Furthermore, Assessdo LLC. is not responsible for the quality or delivery of the products or services offered, accessed, obtained by or advertised at such sites. As such, neither Assessdo LLC. nor its subsidiaries and affiliates will be responsible for any errors or omissions or for the results obtained from the use of such information contained in these sites. Finally, Assessdo LLC. will under no circumstances be liable for any direct, indirect, incidental or special loss or other damage, whether arising from negligence, breach of contract, defamation, infringement of copyright or other intellectual property rights, caused by the exhibition, distribution or exploitation of any information or content contained within these third-party hyperlinked sites.

ADS AND MALWARE

We take great care and pride in creating this Site. We are always on the lookout for technical glitches that affect how the Site works. When we find them on our end, we will fix them. Unfortunately, your home computer may cause some glitches that affect how you see our Site–and that is beyond our control.

If you experience any unusual behavior, content or ads on the Site, it may be the result of Malware on your computer. Malware–short for MALicious softWARE–is a term used to broadly classify a form of software which is installed in a computer system with malicious intentions, usually without the owner’s knowledge or permission. Malware includes computer viruses, key loggers, malicious active content, rogue programs and dialers, among others. While we continuously work closely with our partners to ensure that everything on the Site is working properly, sometimes Malware programs on your personal computer may interfere with your experience on our Site and on other sites that you visit.

We suggest that you take some of the following actions which may help to clean your computer and which could prevent future installations of Malware.

• Update your computer via Windows Update (found in the Tools menu in your Internet Explorer web browser).
• Install a SpyWare Removal Tool such as Spybot Search & Destroy or AdAware to clean your computer of Malware.
• Install antivirus software, such as Norton anti-virus or McAfee Antivirus Software.
• Install Microsoft Security Essentials.

Please note that we cannot be responsible for the effects of any third-party software including Malware on your computer system. If you do discover any Malware on your system, we also suggest you speak with a qualified computer technician.

INDEMNIFICATION

You agree to indemnify, defend and hold harmless, BARIN Technologies Inc., its affiliates, and their respective officers, directors, employees, agents, licensors, representatives, and third-party providers to the Site from and against all losses, expenses, damages and costs, including reasonable attorneys’ fees, resulting from any violation of this Agreement by you. BARIN Technologies Inc. reserves the right to assume, at its sole expense, the exclusive defense and control of any matter subject to indemnification by you, in which event you will fully cooperate with BARIN Technologies Inc. in asserting any available defenses.

APPLICABLE LAW, VENUE, JURISDICTION

The Agreement and the relationship between you and BARIN Technologies Inc. shall be governed by the laws of the State of Georgia without regard to its conflict of law provisions. For any dispute arising under this Agreement, you agree to submit to the personal and exclusive jurisdiction of the federal and state courts located in the State and County of Georgia. You further agree to accept service of process by mail, and hereby waive any and all jurisdictional and venue defenses otherwise available. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to the use of the Site or the Agreement must be filed within one (1) year after such claim or cause of action arose or be forever barred.

MISCELLANEOUS

Assessdo LLC. operates and controls this Site from the United States of America. This Site is intended for residents of the United States only. No software from this Site may be downloaded, exported or re-exported in violation of any law including, without limitation, to countries that are subject to U.S. export restrictions.

COPYRIGHT POLICY

We take protection of copyrights, both our own and others, very seriously. We therefore employ multiple measures to prevent copyright infringement over this Site and to promptly end any infringement that might occur. If you believe that the Site contains elements that infringe your copyrights in your work, please contact us immediately.

WHAT INFORMATION DO WE PROCESS AND HOW WE COLLECT IT?

We collect two types of information when you are using our Software:

• The first type of information is information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”), which includes the following:
• Client’s Information: We may collect contact information (including Personal Information) from you when you register on our site, subscribe to our newsletter, register for an event, respond to a survey or fill out a form.
• Feedback: When you allow us (or our trusted third party service providers) to receive your End Users’ feedback and rating with regard to Software (“Feedback”), we may gather Personal Information which may include the following: email address of the End User, End User’s full name, End User’s IP address, and the End User’s email. In addition, we may collect Personal Information which your End User voluntarily shares with us when he/she sends us Feedback (e.g., identifying content, images, etc.).
• End Users’ Information: In order to provide our Software as a Service (“SaaS”) products, we will collect Personal Information about your End Users, including their account details, IP addresses, MAC addresses, user agent, identifiers issued by Client, path of files and file names. Under certain applicable privacy laws, some of this metadata may be considered Personal Information.
• The second type of information is  non-identifiable information pertaining to you or to your End Users, which may be made available or gathered via your use of the Software (“Non-Personal Information”). We are not aware of the identity of the user from which the Non-Personal Information was collected. Non-Personal Information which is being collected may include usernames, directory names, server names, share names, file names, configurations, logs related to Software and Client (e.g. event logs), browsing events and technical information transmitted by your device or your End Users’ devices, including certain software and hardware information (e.g., the type of browser and operating system the device uses, language preference, access time and the domain name from which you or your End Users are linked to the Software; etc.).

In addition, when you allow us (or our trusted third party service providers) to receive your End Users’ Feedback with regard to Software, we may gather Non-Personal Information which may include the following: Feedback rating, Feedback tags, Feedback text, browser type and language, operating system, viewport of the screen, page URL on which the Feedback has been given, screenshot of the screen on which Feedback was provided (with all textual strings redacted), and our clients.

We are not aware of the identity of the Client or End User from which the Non-Personal Information was collected.

Please note that when the Software is deployed by our Clients, it analyzes unstructured data that is stored on the Clients’ platforms. The Clients maintain sole ownership of this data and determine their own policies regarding the storage, access, deletion, sharing and retention of this data. This data is hosted and stored only on the Clients’ servers (not on the Company’s servers).

HOW DO WE USE THE INFORMATION WE COLLECT?

In addition to the purposes listed herein, the information we collect, which may include your Personal Information, is used for legitimate business purposes, only to the extent required or otherwise reasonably necessary for one or more of our functions or activities, and while maintaining your right to privacy. Such legitimate business purposes include:

• Setting up your account and to provide our services to you and to your End Users;

• Identifying and authenticating End Users’ access to the Software;

• Obtaining End Users’ Feedback with regard to the Software;

• Improving our Software;

• If we enter into a business transaction such as a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets;

• Supporting and troubleshooting our Software and to respond to queries; and

• For other purposes for which we obtain your consent.

In addition, we may use and/or disclose Personal Information, or any information you submitted to us, if we have a good faith belief that use and/or disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, court/tribunal order, regulation, legal process, including alternative dispute resolution process, or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) lessen or prevent harm or serious threat to the rights, property life, health or safety of us, our users, yourself or any third party; (vi) locating a person reported as missing; or (vii) for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

WHAT ARE THE CONDITIONS FOR PROCESSING OF PERSONAL INFORMATION?

We will process your Personal Information based on the following legal basses, each of which is prescribed by relevant data protection laws.

• Performance of a contract, compliance with a legal obligation: We will process your Personal Information where it is necessary for the performance of a contract (such as for our agreement) or in order for us to comply with our various legal and/or regulatory responsibilities.

• Legitimate interests: We also process your Personal Information where we deem such processing to be in our (or a third party’s) legitimate interests and provided always that such processing will not prejudice your interests, rights and freedoms. Examples of us processing in accordance with legitimate interests would include: (i) where we disclose your Personal Information to any one or more of our associate/subsidiary companies following a restructure or for internal administrative purposes; (ii) processing for the purposes of ensuring network and information security, including preventing unauthorized access to our electronic communications network; (iii) sharing personal information with our advisers and professional services providers (such as auditors).

• Consent: On certain occasions we may ask for your consent to processing Personal Information. In these instances, your Personal Information will be processed in accordance with such consent and you will be able to withdraw this consent in writing at any time. If you reside in Singapore, we will process your Personal Information only where we have your consent or “deemed consent”, unless such processing is required under applicable laws or where the legitimate interest exception applies.

WITH WHOM WE SHARE THE INFORMATION WE COLLECT; INTERNATIONAL DATA TRANSFERS

We do not disclose your Personal Information to third parties except as described in this Privacy Policy, or as permitted by applicable law

We may transfer or disclose Personal Information to our subsidiaries and other affiliated companies. In addition, Client’s and End User’s Personal Information may be disclosed to other trusted third party service providers or partners for the purpose of: (i) storing Personal Information on our behalf (e.g., cloud computing service providers); (ii) assisting us with our business operations and Software and improving it (e.g., processing and analyzing End Users’ Feedback); and (iii) performing research, technical diagnostics and analytics with regard to the Software.

Since we operate globally, it may be necessary to transfer, store and process Personal Information in other countries in which we or our affiliates, subsidiaries or service providers maintain facilities, such as the United States, Israel, United Kingdom, Australia, Singapore and the European Union (in particular, France, Germany, Ireland, Netherlands, Belgium and Luxemburg). The data protection and other laws of these countries may not be as comprehensive as those in your jurisdiction of residence. EU and UK residents, please note that we may transfer your personal information to countries outside the EEA or the UK In these instances, we will take steps, as required by applicable law, to ensure that a similar level of protection is given to Personal Information, including, when applicable, through contractual means (for example, when the GDPR or UK law applies, we will rely on the standard contractual clauses approved by the European Commission for data transfers, the UK International Data Transfer Addendum (IDTA), or transfer data only to recipients located in jurisdictions which were granted an “adequacy decision” with regard to their level of protection of personal data by the European Commission).

We may also disclose your information when we believe disclosure is required to comply with the law, enforce our policies or protect ours or others’ rights, property or safety.

You hereby consent to the transfer of your and your End Users’ Personal Information, as described in this Privacy Policy.

THIRD PARTY COLLECTION OF INFORMATION

Our policy only addresses our use and disclosure of personal information from you and from your End Users through the Software (as described under the “With whom we share the information we collect” section herein). To the extent that you or your End Users disclose your information to other parties through the Software, different rules may apply to their use or disclosure of the information disclosed to them.

HOW LONG DO WE RETAIN THE INFORMATION WE COLLECT?

Unless you instruct us otherwise for justified reasons, we retain the information we collect for as long as needed to provide our services (including marketing and communication, as described in our website and marketing privacy policy available on our website) and to comply with our legal obligations, resolve disputes and enforce our agreements (including exercising any of our rights under our agreements, such as audit and record-keeping). All other Personal Information is periodically deleted.

As for the retention of the Subscriber Data (as defined in the Subscription Service Agreement of our SaaS products) – our default retention policy is a sliding window of 180 days during the subscription term (unless a longer period was approved by Varonis, at its sole discretion). Upon the end/termination of the subscription term, Subscriber Data which was held by Varonis at such time shall be kept by Varonis for a period of 30 days after termination of the subscription.

We may rectify or remove incomplete or inaccurate information, at any time and at our own discretion.

At any time, you may request to view, change and update your Personal Information by contacting us in one of the ways described in the ‘How to contact us’ section below.

HOW DO WE SAFEGUARD YOUR INFORMATION?

We are committed to making reasonable efforts, in accordance with market best practices, to ensure the security, confidentially and integrity of the Personal Information. We take great care in implementing and maintaining the security of the Software and the Personal Information. Access to the Personal Information is based on the ‘least to know’ concept together with role-based access control systems, ensuring only authorized access to the Personal Information. We employ market best practice security measures to ensure the safety of your End Users’ Personal Information and prevent unauthorized use of any such information. Although we take steps to safeguard such information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Software, and we make no warranty, express, implied or otherwise, that we will prevent such access. If a password is used to help protect your accounts and Personal Information, it is your responsibility to keep your password confidential.

We use best efforts to ensure that your Personal Information is protected in accordance with our Privacy Policy, through contractual means (such as by using the standard contractual clauses approved by the European Commission for data transfers) or other means (such as by transferring data only to recipients located in jurisdictions which were granted an “adequacy decision” with regard to their level of protection of personal data by the European Commission). For more information see the ‘with whom we share the information we collect; International data transfers’ section above.

WHAT ARE YOUR RIGHTS?

Certain jurisdictions provide individuals with certain statutory rights to their Personal Information. To the extent these rights apply to you, you may exercise the following rights with respect to your Personal Information:

• To receive confirmation as to whether or not Personal Information concerning you is being processed, and access your stored Personal Information, together with certain supplementary information.

• To receive Personal Information you directly volunteer to us in a structured, commonly used and machine-readable format.

• To request rectification of your Personal Information that is in our control.

• To request erasure of your Personal Information.

• To object to the processing of Personal Information by us.

• To request to restrict processing of your Personal Information by us.

However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.

If you wish to exercise your data protection rights or raise a complaint on how we have handled your Personal Information, you can contact us as set forth below. In addition, you have the right to lodge a complaint with the supervisory authority, as detailed below.

MINORS

The Software is not designated to End Users under the age of majority (as determined under the applicable laws where the individual resides; “Age of Majority”). In the event that we become aware that End Users under the Age of Majority have shared any information, we will discard such information. If you have any reason to believe that a minor has shared any information with us, please contact us as set forth below.

UPDATES OR AMENDMENTS TO THE PRIVACY POLICY

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on the website. We encourage you to review this Privacy Policy regularly for any changes. In the event of material changes, we will notify you through our Software or by email.

Your continued use of the Software, following the notification of such amendments, constitutes your acknowledgement and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

Our Sites do not knowingly collect any information that would be subject to the Children’s Online Privacy Protection Rule (“COPPA”), the Family Educational Rights and Privacy Act (“FERPA”), and the Health Insurance Portability and Accountability Act (“HIPAA”).

The Family Educational Rights and Privacy Acts (FERPA) and Student Information

The Family Educational Rights and Privacy Act (FERPA) is a federal law enacted by The U.S. Department of Education. This law helps safeguard student education records’ privacy. It does this by setting rules for who can access this information.

The school district, school officials, and other educational agencies must get parental consent. They must get consent before sharing a student’s personally identifiable information (PII). But an exception exists for what’s termed “directory information.” This information can be shared without consent unless parents opt out. An example of this type of information is the student’s name.

School officials can also access student data. They can do so if they have a legitimate educational interest in accessing this data. This means the information is needed to perform tasks. These tasks might be a part of their job or the school’s education program. Additionally, state law can affect how FERPA is used in each school district.

The Children’s Online Privacy Protection Act (COPPA)

The Children’s Online Privacy Protection Act (COPPA) is a crucial federal law. This law focuses on protecting the privacy of children under the age of 13. COPPA places stringent rules on operators of websites, online services, and mobile applications. These websites and applications must be either directed at children under 13 or knowingly collect personal information from minors under 13.

According to COPPA, these operators must clearly disclose their data collection practices. They should get verifiable parental consent. They should do this before collecting, using, or disclosing personal information from children. They must also allow parents to review their child’s personal information. Parents can refuse further use or collection of that information.

This law safeguards young students’ data privacy in the era of online learning. It ensures that their personal information is protected. But students can still enjoy the benefits of educational technologies.