Welcome to the SoxFocus website at http://www.soxfocus.com (referred to herein, including all content under the soxfocus.com, as the “Website”). This notice (“Privacy Policy”) is included with and supplements our Terms of Service. The SoxFocus services that may be provided to you via the Website are referred to herein and in the Terms of Service document as the “Services.” This Privacy Policy explains our online information collection and use practices, and the choices you can make about the way we use such information. It is important that you take the time to read and understand this Privacy Policy so that you can appreciate how we use your personal information. REMEMBER IF YOU USE OR ACCESS THE WEBSITE, YOU AGREE TO THIS PRIVACY POLICY. AS WE UPDATE THE WEBSITE OR EXPAND OUR SERVICES, WE MAY CHANGE THIS PRIVACY POLICY SO PLEASE REVIEW IT FROM TIME TO TIME.

This Privacy Policy is subject to the provisions of the General Data Protection Regulation ("GDPR") and other applicable privacy laws. We agree that under the GDPR, we are a data “Controller” for the purposes of our marketing website and you are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.” We will take commercially reasonable steps to maintain compliance with GDPR requirements. Your Personal Data may identify you as a person, and thus may be referred to as Personally Identifiable Information ("PII").

1. Who Collects Your Information On Our Website?

We do. Under the GDPR, we are what is known as the “Controller” of the Personal Data that you provide to us. We collect information from you on the Website, and we are responsible for protection of your information.

2. What Information Do We Control Collect?

A. Requested Information. On the Contact page of the Website, we request a name, email address and phone number so that we may provide you a quote, schedule a demonstration or register you for our Proof of Value so that you can use our Services, be added to our email list, or have your requests for information fulfilled. You may choose not to provide your PII, but then you might not be able to take advantage of some of the features of our Website and Services. We only collect basic personal data about you that does not include any special types of information (e.g., health‐related) as defined in the GDPR. The types of personal information we may collect and save include:  Contact and account registration information such as name, email address, physical address, phone number, business name, business URL, and type of industry;  Information you provide such as feedback, comments or other messages; and  Technical information collected in our logs. Such information may include standard web log entries that contain your IP address, page URL and timestamp. B. Aggregate Information. We may also collect anonymous, non‐identifying and aggregate information such as the type of browser you are using, the type of operating system you are using, and the domain name of your Internet service provider.

3. Why Is My Information Being Collected?

We need to collect your personal information so that we can respond to your requests for information or to be added to our emailing lists. We also collect aggregate information to help us better design the Website. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Website, calculate usage levels, and otherwise provide services to you.

4. How Do We Use the Information We Collect?

A. We use the personal information you provide for the purposes for which you have submitted it, including:  Responding To Your Inquiries and Fulfilling Your Requests. We may use your PII to respond to your inquiries and to fulfill your requests for information.  Communicating With You About Our Services. We may use your PII to send you information about new Services and other items that may be of interest to you.  Sending Administrative Emails. We may use your PII to send you emails to: (a) confirm your account and your other PII; (b) provide you with information regarding the Website; or (d) inform you of changes to this Privacy Policy, our Terms of Service, or our other terms, conditions, or policies. B. We may use anonymous information that we collect to improve the design and content of our Website, and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze how our site is used, as well as to offer you programs or services.

5. Do We Share Your Personal Information?

We will not share your personal information except: (a) for the purposes for which you provided it; (b) with your consent; (c) as may be required by law or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); or (d) with persons or organizations with whom we contract to carry out internal site operations or business activities. With your knowledge and consent, we may share your personal information with our business partners. We may also share aggregate information with others, including affiliated and non‐affiliated organizations.

6. How Can You Access And Control Your Information?

For instructions on how you can access your personal information that we have collected, or how to correct errors in such information, please send an e‐mail to info@2020control.com. We will also promptly stop using your information and remove it from our servers and database at any time upon your e‐mail request. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections, or removing your information.

7. How We Store and Protect Your Information

A. After receiving your personal information, we will store it on our Website servers for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission over the Internet or data storage solution can ever be completely secure. As a result, although we take industry‐standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers' systems. B. If you are visiting the Website from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our web servers and internal systems located within the USA. C. We store your personal information until you request us to remove it from our servers. We store our logs and other technical records indefinitely.

8. How Do We Use Cookies And Other Network Technologies?

A. To enhance your online experience with us, our web pages may presently or in the future use "cookies." Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your e‐mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. B. We or our service providers may also use "pixel tags," "web beacons," "clear GIFs" or similar means (collectively, "Pixel Tags") in connection with some Website pages and HTML‐formatted email messages for purposes of, among other things, compiling aggregate statistics about website usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to website visitors and may be associated with cookies on visitors’ hard drives. Pixel Tags allow us and our service providers to count users who have visited certain pages of the Website, to deliver customized services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML‐formatted email messages, Pixel Tags can inform the sender of the email whether and when the email has been opened. C. As you use the Internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data,” can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to the Website. We may use clickstream data as a form of non‐personally identifiable information to determine how much time visitors spend on each page of our Website, how visitors navigate through the Website, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our site. D. Do‐Not‐Track. At present, the Website does not specifically respond to browser do‐not‐track signals.

9. Collection of Information by Others

Our Terms of Service document identifies certain third party websites to which we may provide links, and that you may click on our Website. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.

10. Children and Young People’s Information

We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, USA Children's Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about this Website, wish to find out if your child has accessed our website, or wish to remove your child's personal information from our servers, please contact us at info@2020control.com. Our Website will not knowingly accept personal information from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided PII to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has gained access to our Website without your permission, please contact us at info@2020control.com.

11. California Privacy Rights

California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their PII to third parties. To make such a request, please contact us at info@2020control.com with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.

12. Changes to this Policy

Because our business needs may change over time, we reserve the right to modify this Privacy Policy. If at any time in the future we plan to use your PII in a way that differs from this Privacy Policy, we will revise this Privacy Policy as appropriate. In the event of a change to our Privacy Policy, we will email the updated policy to the email address that you provided to us. Your continued use of the Website following our notice of changes to this Privacy Policy means you accept such changes.

13. Our Contact Information

If you have any questions or concerns about this Privacy Policy you may e‐mail us at info@2020control.com.