Privacy Policy

EXOsecure’s Privacy Policy

1. Introduction

a. Web Site Owner. EXOsecure Inc. (“EXOsecure”) is the owner of this website (the “Website”). EXOsecure can be
contacted by e-mail at customerservice[@]EXOsecure.com. This online privacy notice discloses EXOsecure’s privacy practices for
this Website, including what type of personal identifiable information is collected, how the information is used, and
with whom the information is shared.
b. Anonymous Website Visits. In general, you can visit on the Website without disclosing OR revealing any personal
information. EXOsecure does not keep track of the domains from which people visit us, the type of computer and
web browser a visitor is using, what pages a visitor accessed, and limited information about search requests. This
information is used to solve technical problems and to calculate overall usage statistics.
c. Website Transactions. At times, EXOsecure will need personal information regarding a customer or a prospect. For
example, to process an order or provide a subscription, EXOsecure may need to know a customer’s name, mailing
address, e-mail address and credit card details. It is EXOsecure ‘s intent to inform you know before EXOsecure
collects personal information, such as a user’s name and/or address on the Internet.

2. Personal Information That May Be Collected

a. Identifying Information. In order to make a purchase or to access designated subscriber services and /or restricted
areas within the Website, EXOsecure will request a user to provide certain personal identifying information, which may
include: name, postal address, e-mail address, screen name, password, telephone number, and, if applicable, credit card
number. EXOsecure may request additional information necessary to establish and maintain a customer’s account.
b. Information from Children. EXOsecure does not collect or maintain information from users actually known to be
under the age of 13, and no part of EXOsecure’s Website is structured to attract anyone under the age of 13.
c. Consent. Unless otherwise required by law, EXOsecure will obtain your consent whenever we collect your personal
information or make changes to the information we store. In certain circumstances, your consent may be implied by
your actions. For example, by providing us personal information to sign up for our service, it is implied that we can
use such information as we outlined in this privacy policy.
The form of consent sought by EXOsecure may vary depending on the nature of the information. In determining the
appropriate form of consent, EXOsecure will take into account the sensitivity of the information and your reasonable
expectations. Implied consent will generally be appropriate where information is less sensitive.
You have the right to withhold your consent on any request to use your Personal Information. To exercise your choices, or ask
questions about your personal information, please contact: customerservice@EXOsecure.com

3. Uses Made of the Information

a. Internal Uses. Without customer’s prior consent, EXOsecure will not use your personal identifiable information for
any purpose other than that for which it is submitted. EXOsecure uses personal identifiable information to set up
customer accounts, send billing notices, assist with retrieval of lost passwords, to communicate with customers about
possible cybersecurity issues, and to send monthly emails, blog security notices, and news.
EXOsecure maintains logs and security information regarding its customers to the least extent necessary to devise best
cybersecurity practices and to notify customers of issues regarding their cybersecurity. EXOsecure typically holds this
information for 30 days for analysis and in case a customer needs assistance. EXOsecure does not share this information
with third parties, with the exception of Palo Alto Networks Threat Intelligence Cloud and WildFire. These cloud-based
threat analysis and sandbox services are the industry’s most advanced analysis and prevention engine for highly evasive
zero-day exploits and malware. EXOsecure leverages these to provide a more comprehensive security platform.
b. Marketing Uses. EXOsecure does not use customers’ personal information for marketing purposes, other than to
notify customers about new EXOsecure products, services, and offerings.
c. Stored Information Uses. EXOsecure maintains physical servers in a variety of locations, to provide better coverage
with less latency. All personal information is stored within the United States.
4. Disclosure of the Information
a. Within Corporate Organization. EXOsecure may share your personal information within the EXOsecure
corporate organization.
b. Mergers and Acquisitions. Circumstances may arise where for business reasons, EXOsecure decides to sell, buy, merge
or otherwise reorganize its businesses in the United States or some other country. Such a transaction may involve the
disclosure of personal identifying information to prospective or actual purchasers, and/or receiving such information
from sellers. In the event EXOsecure is acquired, customer information will be one of the transferred assets.
c. Agents. EXOsecure employs or engages other companies and individuals to perform business functions on behalf of
EXOsecure. These persons are provided with personal identifying information required to perform their functions, but
are prohibited by contract from using the information for other purposes. These agents include Palo Alto Networks
Threat Intelligence Cloud and WildFire, as described above, as well as third-party PCI-compliant payment processors.
d. Law Enforcement. EXOsecure may be required to comply with law enforcement, where pursuant to subpoenas, warrants
or other judicial/legal orders, EXOsecure may be required to disclose customer information to governmental authorities.

5. Use of Computer Tracking Technologies

a. No Tracking of Personal Information. The Website is not set up to track, collect or distribute personal information
not entered by visitors. Through website access logs, EXOsecure collects non-identifying site usage data, such as
the number of hits and visits to our sites. This information is used for internal purposes by technical support staff
for research and development, user analysis and business decision making, all of which provides better services
to the public. The statistics garnered, which contain no personal information and cannot be used to gather such
information, may also be provided to third parties.
b. Use of Cookies. EXOsecure and its third-party payment processor collect non-identifiable and personal information
through the use of cookies, an alphanumeric identifier that a website can transfer to customer’s hard drive through a
customer’s browser. The cookie is then stored on the customer’s computer as an anonymous tag that identifies the
customer’s computer, but not the customer. A customer can set its browser to notify the customer before a cookie
is received, giving an opportunity to decide whether to accept the cookie. The customer may also set its browser to
turn off cookies; however, some Website functions may not then work properly. Our third party payment processor,
Stripe, maintains its policy on use of cookies at https://stripe.com/cookies-policy/legal
c. Online Tracking. Online tracking technology enables website operators to collect personal information about
consumers as they move across websites and other online services. Most browsers incorporate “do not track” (DNT)
features in their privacy settings. When enabled, a DNT signal or request informs a website operator that the visitor
does not wish to be tracked online. The Website is currently designed only for tracking movement within the
Website. EXOsecure does not honor DNT requests and does not treat visitors who make DNT requests differently
from visitors who do not make DNT requests. EXOsecure also does not differentiate between visitors who make
DNT requests and visitors who do not make such requests, when it comes to the collection or usage of personal
information. There are no third parties that conduct online tracking on the Website.

6. Information Security

a. Commitment to Online Security. EXOsecure employs physical, electronic and managerial procedures to safeguard
the security and integrity of personal information. Billing and payment data is encrypted whenever transmitted or
received online. Personal information is accessible only by staff designated to handle online requests or complaints.
b. No Liability for Acts of Third Parties. EXOsecure will exercise all reasonable efforts to safeguard the confidentiality
of customer personal information. However, transmissions protected by industry standard security technology and
implemented by human beings cannot be made absolutely secure. Consequently, EXOsecure will not be liable for
unauthorized disclosure of personal information due to no fault of EXOsecure including, but not limited to, errors in
transmission and unauthorized acts of EXOsecure staff and/or third parties.

7. Privacy Policy Changes and Opt-Out Rights

a. Changes to Privacy Policy. This privacy notice was last updated on August 25, 2021. EXOsecure reserves the right to
update its privacy policy statement at any time. A notice of such change will be posted on the EXOsecure Website for
30 days prior to the implementation of such change.

8. Access Rights to Data

a. Information Maintained by EXOsecure. Upon a customer’s request, EXOsecure will provide a reasonable description
of customer’s personally identifiable information that EXOsecure maintains in its database. EXOsecure can be
contacted by e-mail at customerservice[@]EXOsecure.com.
b. Corrections and Changes to Personal Information. If your personal information changes, or if you note an
error upon review of your customer information that EXOsecure has on file, please promptly e-mail EXOsecure at
customerservice[@]EXOsecure.com and provide the new or correct information.

9. Special Provisions for European Union Residents

The provisions in this section apply to users who are individuals residing in a European Union country (“EU Residents”).
The General Data Protection Regulation, or GDPR, is a European Union regulation that governs the relationship between
EXOsecure and EU Residents. Under the GDPR, EXOsecure is considered to be a “data controller.” This means that EXOsecure
determines how and why personal data is processed.
In the course of providing the Service, EXOsecure may collect certain identifying personal data about EU Residents, including
name, identification number, location data, online identifier, photographs, videos, etc. Any such personal data that can be
used to identify a specific person will be called “Personal Data.” As an EU Resident, you have the following rights, which we
call Data Access Rights:

• You have the right to obtain confirmation from EXOsecure as to whether we are processing Personal Data concerning you.
• You have the right to information about the processing of your Personal Data, such as the purposes, the categories of
• Personal Data, recipients, etc.
• You have the right to obtain a copy, in electronic format, of any Personal Data concerning you that we hold.
• You have the right to be forgotten. This means that you have to right to have EXOsecure erase your Personal Data. You also have the right to have EXOsecure stop any further dissemination of your Personal Data. If Personal Data was collected when you were a minor, we are obligated to delete it upon your request. However, EXOsecure has the right to maintain your Personal Data in the following cases:

1. If the Personal Data, we hold is needed to exercise the right of freedom of expression;
2. If we have a legal obligation to keep your Personal Data;
3. If we need to maintain your Personal Data for reasons of public interest, such as public health, scientific, statistical, or
4. Historical research purposes; or
5. If your Personal Data has undergone an appropriate process of anonymization.

• You have the right to object to the processing of your Personal Data for specific reasons. In such a case, EXOsecure will stop processing your Personal Data unless we need to process the Personal Data for reasons that override your rights
• and freedoms, or if we need the data for the establishment, exercise, or defense of legal claims.
• You have the right to object at any time to the processing of your Personal Data for direct marketing purposes.

To exercise any of your Data Access Rights, please contact EXOsecure at customerservice[@]EXOsecure.com. Please note that
there is no charge for exercising any of your Data Rights. However, if we determine that requests are unfounded or excessive,
in particular because of their repetitive nature, we have the right to charge a reasonable fee or refuse to act.
In addition to your Data Access Rights, the GDPR also grants you a Data Portability Right. This is the right to have us transmit
your Personal Data to another organization in a structured, machine-readable format. You may exercise your Data Portability
Right only where we collected your Personal Data in the context of a contract or on the basis of consent, and such data is
processed by automated means. To exercise your Data Portability Right, please contact EXOsecure at customerservice[@]
EXOsecure.com.