Privacy Shield Statement This Privacy Shield Statement was last updated on August 30, 2021. PointHR complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. PointHR has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ Scope This EU-US Privacy Shield Statement applies to all Personal Data (defined below) that is received by PointHR in the US from the EEA. PointHR commits to comply with the Privacy Shield Principles in respect of such Personal Data. Definitions “Customer” or “Customers” means PointHR’s business customers that use the Services. “EU-US Privacy Shield Statement” means this EU-US Privacy Shield Statement. “Personal Data” means any information relating to an identified or identifiable individual, recorded in any form. “Privacy Policy” means PointHR’s web site privacy policy, available above and accessible at: http://pointhr.com/privacy and http://i9everywhere.com/privacy “Privacy Shield Principles” means the principles issued by the US Department of Commerce and contained in Annex II to the European Commission’s decision of July 12, 2016 on the adequacy of the protection provided by the EU-US Privacy Shield. “Services” means the business analytics services and related technologies for monitoring internal and external data sources, provided by PointHR in accordance with the Terms of Service accessible at https://pointhr.com/Terms “Site” means our website accessible a http://PointHR.com or http://i9everywhere.com Types of Personal Data Collected When you interact with us through our Services, we may collect Personal Data and other information from you, as further described below:

1. Personal Data That You Provide Through the Services:

We collect Personal Data from you when you voluntarily provide such information, such as when you contact us with inquiries or  register for access to the Services or use certain Services.

2. Personal Data That We Receive From Our Customers:

In addition to our own data processing involving Personal Data, PointHR may process certain Customer data at the direction of our Customers which may potentially include Personal Data. In such instances, PointHR is acting as the data processor on behalf, and pursuant to the instructions, of our Customers, who act as the data controller (an entity that determines the purposes and means for processing personal data). If you have any questions about our processing of this information, you are advised to contact the PointHR’s Customer who has directed us to process the particular information.

3. Other Information:

Non-Identifiable Data: When you interact with PointHR through the Services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. PointHR may store such information itself or such information may be included in databases owned and maintained by PointHR. Cookies: In operating the Services, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Site may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Site. In all cases in which we use cookies, we will not collect Personal Data except with your permission. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Services features. Our Use of Your Personal Data and Other Information: PointHR uses the Personal Data you provide to us in a manner that is consistent with this Privacy Policy. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. If you provide Personal Data to obtain access to the Services, we will use your Personal Data to provide you with access to such Services and to monitor your use of the Services. PointHR may also use your Personal Data and other non-personally identifiable information collected through the Services to help us improve the content and functionality of the Service, and to better understand our users. When we process Personal Data as a data processor on behalf of our Customers, we will process any Personal Data in accordance with purposes identified for such Personal Data by the applicable Customer and pursuant to the Customer’s instructions. Our Disclosure of Your Personal Data and Other Information: PointHR may disclose Personal Data to third-party service providers (such as providers of compute and storage resources) who perform certain services or provide certain solutions on our behalf and under our instructions as necessary in connection with the performance of requested services or solutions. PointHR maintains contracts with these third parties restricting their access, use and disclosure of Personal Data in compliance with the Privacy Shield Principles. PointHR may also disclose Personal Data as required or permitted by law, or when PointHR believes that disclosure is necessary to protect its rights or to comply with a judicial proceeding, a court order, a law enforcement request, or other legal process, or lawful requests by public authorities, including to meet national security or law enforcement requirements. In addition to the above, we may share Personal Data about you with others to the extent you consent to such sharing. Choice: PointHR will offer individuals the opportunity to choose (opt out) whether their Personal Data is (a) to be disclosed to third parties, except when disclosure is made to a third party that is acting as an agent to perform task(s) on our behalf and under our instructions or (b) to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by the individual. PointHR will provide individuals with clear, conspicuous and readily available mechanisms to exercise their choices should applicable circumstances arise. In order to request that PointHR not use an individual’s Personal Data, such individual should contact PointHR by email at: answers@PointHR.com. Data Integrity and Purpose Limitation: Consistent with the Privacy Shield Principles, we will limit collection of Personal Data to the information that is relevant for the purposes of processing and we will not process such Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. To the extent necessary for those purposes, we will also take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete and current. We will adhere to the Privacy Shield Principles for as long as we retain Personal Data about you. Accountability for Onward Transfer: Pursuant to the Privacy Shield Principles, PointHR remains accountable for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party agent. In particular, PointHR remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless PointHR proves that it is not responsible for the event giving rise to the damage. Security: We are committed to securing all Personal Data provided to us. We have deployed and maintain reasonable and appropriate process and technology measures to provide reasonable assurance that your Personal Data is secured against loss, misuse and unauthorized access, disclosure, alteration and destruction. Access: Upon request, PointHR will grant individuals reasonable access to Personal Data that it holds about them. In addition, PointHR will take reasonable steps to permit individuals to correct, amend, or delete information where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. PointHR will process all reasonable requests for access within a reasonable time period, but reserves the right to restrict access in cases where the legitimate rights of persons other than the individual would be violated or where the burden or cost of providing access would be disproportionate to the risks to the individual’s privacy. Recourse; Enforcement: In compliance with the Privacy Shield Principles, PointHR commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact PointHR at: answers@PointHR.com In compliance with the Privacy Shield Principles, PointHR, Inc commits to resolve complaints about our collection or use of your personal information.  EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact PointHR at: PointHR Inc, 3535 Firewheel Dr, Flower Mound, TX 75028 answers@pointhr.com PointHR has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. With respect to Personal Data received or transferred pursuant to the Privacy Shield framework, PointHR is subject to the regulatory enforcement powers of the US Federal Trade Commission. You may have the option to select binding arbitration under the Privacy Shield Panel for the resolution of your complaint under certain circumstances.  For further information, please see the Privacy Shield website. To learn more about the Privacy Shield Framework, please visit https://www.privacyshield.gov. Comments: If you have any questions, comments or concerns about our privacy practices, please contact us at PointHR, Inc., 3535 Firewheel Dr Ste B, Flower Mound TX 75028 or at answers@PointHR.com.