DISTINCT Technologies, Inc. (“DISTINCT”, “we”, “our”, or “us”) understands that privacy is important to our users and our clients. This Privacy Policy describes our practices regarding the collection, use, sharing, and protection of your personal information for the website located at https://distinct.so/ (the “Website”), our platforms, products and services that we may offer to provide a live data intelligence infrastructure for our clients’ events and personalized consumer experiences, or otherwise through your interactions with us (the Website, platforms, products, services, and other interactions, collectively, the “Properties”). This Privacy Policy also tells you about the rights and choices you have with respect to your personal information, how you can assert those rights, and how you can contact us to get answers to your questions. If you have questions, comments, or concerns about this Privacy Policy or our processing of personal information, please see section Contacting Us at the bottom of this Privacy Policy.

We may provide different or additional privacy notices in connection with certain activities, programs, and offerings. Additionally, we may provide additional “just-in-time” notices or notices at collection that may supplement or clarify our privacy practices or provide you with additional choices regarding your personal information.

With respect to the personal information that our clients and their vendors collect from you and provide to us via use of the Properties (“Service Data”), where permitted by law, we process such information only as a “service provider” or “data processor” (as those terms are defined under applicable data protection laws) on behalf of our clients, who act as the “business” or “data controller” (as those terms are defined under applicable data protection laws). Our clients—namely, global consumer brands and companies who use the Properties to create digital extensions of in-person experiences (the “Content”)—are the parties that control the use of the Service Data and determine the purposes for which we process such information. From time-to-time, we may contact you about creating an account to manage your Content associated with various brands and properties; for the avoidance of doubt, any information that you provide to us in the account creation process, or once your account is registered, is not considered Service Data. While this Privacy Policy describes how we process Service Data on behalf of our clients, our clients are responsible for their own practices in collecting, using, and disclosing information they collect from you. To learn more about such clients’ use of your information and your rights that you may have over such information, please consult the privacy policy of the applicable company.

Please note that our privacy practices are subject to the applicable laws of the regions in which we operate. Accordingly, some additional region-specific terms will only apply to individuals in those locations, or as required by applicable laws.

BY USING OR ACCESSING THE PROPERTIES, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH OUR POLICIES OR PRACTICES, YOU SHOULD NOT USE OR ACCESS THE PROPERTIES OR PROVIDE US WITH ANY PERSONAL INFORMATION.

The following links will take you directly to the corresponding sections of this Privacy Policy:

• Personal Information We Collect from You
• How We Collect Your Personal Information
• How We Use Your Personal Information
• How We Disclose or Share Your Personal Information
• Links to Other Sites
• How We Protect Your Personal Information
• Data Retention
• Your Choices
• U.S. State Privacy Rights
• European Privacy Rights
• Canada Privacy Rights
• Mexico Privacy Rights
• Cross-Border Data Transfers
• Children’s Privacy
• Changes to This Policy
• Contacting Us

PERSONAL INFORMATION WE COLLECT FROM YOU

This Privacy Policy applies to the personal information that we obtain in various contexts. We use the term “personal information” – also called “personal data” or “personally identifiable information” in the laws of some jurisdictions – to refer to information that reasonably identifies, relates to, describes, or can be associated with you. Data that has been deidentified or that otherwise cannot reasonably be related back to a specific person is not considered personal information.

The following are the categories and types of personal information that we may collect from or about you, depending on how you interact with the Properties:

• Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers.
• Characteristics and demographics, such as your age and/or gender.
• Commercial information, including records products or services purchased, or other purchasing or consuming histories or tendencies.
• Facial imagery of photos you upload, which under certain laws may be considered biometric information;
• Audio/visual information, such as photos of yourself that you upload;
• Geolocation or other information that permits us to determine your location;
• Device and online identifiers and related information, including internet protocol (IP) address, mobile ad identifiers, data collected from cookies, beacons, and pixel tags, and similar unique identifiers;
• Internet or other electronic network activity information and information regarding your interaction with an internet website, application, mobile app, or advertisement; and
• Any other personal information that you voluntarily provide to us, or our clients.

We may also collect personal information that is treated as “sensitive” under certain data protection laws. Sensitive information that we collect about you includes your biometric information (e.g., facial geometry scans) for the purpose of uniquely identifying you and verifying your identity.  We do not sell, share, or use your biometric information for any other purpose. Your provision of biometric information is completely voluntary, and we only collect and process biometric information with your explicit consent. Providing biometric information is not required to use the Properties; however, if you opt not to provide your biometric information, certain features of the Properties may not be available to you.

HOW WE COLLECT YOUR PERSONAL INFORMATION

Personal Information You Provide: We collect personal information that you provide to us directly. This may include, but is not limited to, information that you provide us on or through the Properties, and information you provide when you contact us via email or text message, or through other Internet-enabled communications.

Personal Information We Collect Automatically: When you use the Properties, we or third parties we work with may automatically collect certain information using technologies such as cookies and other tracking technologies described below.

• Cookies and Similar Technology: "Cookies" are pieces of information that may be placed on your computer by a website for the purpose of collecting data to facilitate and enhance your communication and interaction with that website. Such data may include, for example, the address of the websites you visited before and after you visited our Properties, the type of browser you are using, your Internet Protocol (IP) address, what pages in the Properties you visited and what links you clicked on, the region where your device is located, and geographic information based on your IP data. We may store some information on your device or device hard drive as a cookie or similar type of file (such as clear gifs, web beacons, tags, and similar technologies that work on mobile devices) to collect data related to usage of the Properties. We may also use cookies to customize your visit to the Properties and for other purposes to make your visit more convenient or to enable us to enhance the Properties. For more information, please see our Cookie Notice.

Personal Information We Collect From You Indirectly:

• Service Data: We receive Service Data from our clients and their vendors, which we process on behalf of our clients in accordance with our contracts with them.

• From Existing Users of the Properties: We may receive your personal information if someone you know attends one of our client’s events and provides your contact information in connection with the “Share With a Friend Feature”.

• From third party companies and our brand partners. We may receive personal information and/or anonymous data about you from companies that offer their products and/or services for use in conjunction with the Properties, or whose products and/or services may be linked from the Properties. We may add this to the data we have already collected from or about you through the Properties.

• From Other Sources: We may obtain information about you from other sources, such as data analytics providers, marketing or advertising vendors, fraud prevention vendors, vendors that provide other services on our behalf, or publicly available sources.

HOW WE USE YOUR PERSONAL INFORMATION

We collect and use personal information for the following purposes:

• With respect to Service Data, to provide DISTINCT’s services to our clients, and to enhance the Properties.
• Providing, predicting, or performing, including maintaining or servicing accounts, providing customer service, processing transactions, and verifying customer information.
• Marketing our products and services, including sending you messages about the products and services we offer.
• Communicating with you or sending you notifications by email and text message (SMS, MMS) about products, services, order status, and information tailored to your requests or inquiries.
• Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
• Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
• Debugging to identify and repair errors that impair existing intended functionality.
• Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
• Undertaking internal research for technological development and demonstration.
• Undertaking activities to verify or maintain the quality or safety of the services or devices owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the services owned, manufactured, manufactured for, or controlled by us.
• Complying with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, or for other purposes, as permitted or required by law.
• As necessary or appropriate to protect the rights, property, and safety of our users, us, and other third parties.

We will not use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you with notice and obtaining your consent.

We reserve the right to supplement your personal information with information we gather from other sources which may include online and offline sources. We may collect information that is not personal information (“non-personal information”), including anonymous or aggregate data. Because non-personal information does not personally identify you, we may collect, use, and disclose such information for any purpose permitted by law. In some instances, we may combine non-personal information with personal information. If we combine any non-personal information with personal information, the combined information will be treated by us as personal information to the extent that it is capable of personally identifying you. We reserve the right to develop and derive aggregate data (meaning information that relates to a group or category of individuals, from which individual identities have been removed) from personal information in order to enhance and maintain the Properties, and such aggregate data will be treated as non-personal information.

HOW WE DISCLOSE OR SHARE YOUR INFORMATION

In addition to using your personal information ourselves for the reasons stated above (and as otherwise mentioned in this Privacy Policy), we may disclose your personal information to other affiliates and entities in the following instances:

• Service Providers: We may share your personal information with third-party service providers who may use your information to provide us with services including, but not limited to: website hosting, data analysis, infrastructure provision, information technology services, email delivery services, auditing, and anti-fraud monitoring. These service providers may have access to personal information that is necessary to perform their functions, but they are only permitted to do so in connection with performing services for us. They are not authorized by us to use the information for their own benefit.

• Clients and Customers: When our clients engage with DISTINCT for us to provide services, we share Service Data with that specific client based on their instructions. Depending on the nature of the client’s choices or instructions, this may result in the access, use, modification, or deletion of Service Data, or under such circumstances, the transfer of Service Data to other third parties as described in this Privacy Policy. Clients and their affiliates determine their own policies for the sharing and disclosure of Service Data.

• Affiliates: We may share personal information with our affiliated entities, who process personal information on our behalf, where necessary to provide a product or service that you or our clients have requested, or in other circumstances with your consent or as permitted or required by law.

• Legal Compliance and to Defend Our Rights: We may disclose personal information and other information as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our Terms of Service; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

• Business Transfers: We may share your personal information and other information with third parties in connection with a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the assets of the Company, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which the assets transferred may include information about the users of our Properties.

• Non-Personal Information: We may share non-personal information with unaffiliated third parties, such as our clients and business partners, to improve and enhance your experience using the Properties, and for our own market research activities. We publicly commit to maintain and use the information in de-identified or aggregate form, and not to attempt to re-identify the information.  

Please note that if you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.

LINKS TO OTHER SITES

As a convenience, we may reference or provide links to third-party websites and services, including those of unaffiliated third parties, our affiliates, service providers, and third parties with which we do business. When you access these third-party services, you leave the Properties, and we are not responsible for, and do not control, the content, security, or privacy practices employed by any third-party websites and services. You access these third-party services at your own risk. This Privacy Policy does not apply to any third-party services; please refer to the privacy notices or policies for such third-party services for information about how they collect, use, and process personal information.

HOW WE PROTECT YOUR PERSONAL INFORMATION

Personal information is maintained on our servers or those of our vendors, and is accessible by authorized employees, independent contractors, representatives, and agents as necessary for the purposes described in this privacy policy. We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of personal information. Those safeguards include: (i) the pseudonymization and encryption of personal data where we deem appropriate; (ii) taking steps to ensure personal data is backed up and remains available in the event of a security incident; and (iii) periodic testing, assessment, and evaluation of the effectiveness of our safeguards.

However, no method of safeguarding information is completely secure. While we use measures designed to protect personal data, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Properties is or will be secure.

DATA RETENTION

We retain personal information to the extent we deem necessary to carry out the processing activities described above, including but not limited to compliance with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, and to the extent we reasonably deem necessary to protect our and our partners’ rights, property, or safety, and the rights, property, and safety of our users and other third parties. We may continue to retain your personal data even after you deactivate your account and/or cease to use the Properties if such retention is reasonably necessary to comply with our legal obligations, to resolve disputes, prevent fraud and abuse, enforce our Terms of Service or other agreements, and/or protect our legitimate interests. Where your personal data is no longer required for these purposes, we will delete it.

YOUR CHOICES

Consistent with applicable law, you may exercise the choices described in this section regarding your personal information and communications from us. You may also have certain additional rights available depending on laws in your state or country of residence, as described further below in the Privacy Policy.

• Opting Out of Messages: We may send you marketing messages via email. If you receive a marketing message from us, you may unsubscribe from future messages in accordance with our standard unsubscribe process (such as by using the unsubscribe link included in an email), or by sending an unsubscribe request to us at [email protected]. We will process your request within a reasonable time after receipt. Please note that if you opt out in this manner, certain aspects of our services may no longer be available to you.

• Cookies and Tracking Technologies: If you would like to stop or restrict the placement of cookies or flush any cookies that may already be on your computer or device, please refer to and adjust your web browser preferences. Further information on cookies is available at www.allaboutcookies.org. By deleting our cookies or disabling future cookies, you may not be able to access certain areas or features of our Properties or some of its functionality may be affected. Note that cookie-based opt-outs must be performed on each device and browser that you wish to have opted out. For example, if you have opted out on your device browser, that opt-out will not be effective on your mobile device. Be advised that cookie-based opt-outs are not effective on some mobile services.

Some browsers have a Do Not Track (“DNT”) feature that lets users signal to websites that they do not want to have their online activities tracked. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

U.S. STATE PRIVACY RIGHTS

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, Maryland or another U.S. state that has similar comprehensive privacy legislation (collectively, “Covered States”), you may have specific rights regarding your personal information under: the California Consumer Privacy Act (“CCPA”), Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, Texas Data Privacy and Security Act, Oregon Consumer Privacy Act, Montana Consumer Data Privacy Act, Iowa Consumer Data Protection Act, Delaware Personal Data Privacy Act, Nebraska Data Privacy Act, New Hampshire Data Privacy Act, New Jersey Data Privacy Act, the Tennessee Information Protection Act, the Minnesota Consumer Data Privacy Act, the Maryland Online Data Privacy Act, and similar laws in other U.S. states (collectively, "State Privacy Laws"). This section describes the rights that consumers of Covered States have and explains how to exercise those rights. To be clear, these rights are granted only to the extent that you are considered a consumer of Covered State and we are acting as a “controller” or “business” (as applicable) under State Privacy Laws with respect to your personal information.

The categories of personal information we process, our purposes for processing your personal information, the categories of personal information that we share with third parties, and the categories of third parties with whom we share it are set forth in the terms of the Privacy Policy above.

In order to provide our services to our clients, we may process Service Data that we receive from or on behalf of our clients. If you are the resident of a Covered State, you may have certain rights pertaining to such information. Under the State Privacy Laws, when we act as a “processor” or “service provider” over such information, we only process your information through our Services as necessary to provide our services to our clients, at our clients’ direction. If you wish to exercise any of your rights under State Privacy Laws in regards to such information, please contact the relevant business that collected the information from you, who controls and determines how your information is processed.

Information We Collect; How We Collect It; How We Use It: General information regarding our collection, use, and disclosure of personal information is set forth in the Privacy Policy above.

In the past 12 months, we have collected categories of personal information described in the section of the Privacy Policy above titled Personal Information We Collect From You, and we have collected this information from the sources described in the section titled How We Collect Your Personal Information. Depending on your level of interaction with us, we may not have collected your personal information from all of the categories listed in the Privacy Policy above. We collect and use your personal information for the business or commercial purposes described in the section titled How We Use Your Personal Information, and retain it pursuant to the section titled Data Retention.

We share the categories of personal information described in the section of the Privacy Policy above titled Personal Information We Collect From You, some of which may consist of Service Data, with the following categories of third parties for our business purposes: Service providers who perform business services for us; our clients and customers; or our affiliated entities.

Rights to Your Information: In addition to the rights set forth in our Privacy Policy, State Privacy Laws may, depending on your state of residence, provide you with the following rights:

• Right to Know. You may have the right to know whether we process your personal information and to access such personal information. You may also have the right to request that we disclose certain information to you about our collection, use, or disclosure of your personal information. Delaware residents have the right to obtain a list of the of categories of third parties to which we have disclosed personal information, and Oregon residents may obtain a list of the specific third parties to which we have disclosed personal information.

• Right to Data Portability. You may have the right to obtain a copy of your personal information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business without hindrance, where the processing is carried out by automated means.

• Right to Delete. You may have the right to delete personal information that you have provided by or that we have obtained about you. Please note that we may deny such request if the requested deletion falls under an exception as set forth in the State Privacy Laws.

• Right to Correct. You may have the right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes for which we process it.

• Right to Opt-Out. You have the right to opt out of the processing of your personal information for purposes of: (i) targeted advertising; (ii) the sale of personal information; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. As of the latest date of this Privacy Policy, we do NOT process personal data or share it with third parties for the purposes of targeted advertising, sell your personal data in exchange for monetary or other valuable consideration, or engage in profiling decision based on your personal data that produce legal or similarly significant effects concerning you. [D+G10] 

• Right to limit the use of your sensitive personal information. If you are a California resident, you may have the right to limit the use or disclosure of your SPI if we are using it beyond what is reasonable and proportionate to provide the requested goods or services. You can make a request for us to limit the use or disclosure of your SPI by visiting the Your Privacy Choices [D+G11] web page. We will also treat opt-out preference signals as valid “Limit the Use” requests.

• Right to Nondiscrimination. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. Unless permitted by the State Privacy Laws, we will not: Deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of goods or services; or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

How to Exercise Your Rights; Verifying Your Identity: To exercise any of your privacy rights, or if you have any questions about your privacy rights, you may contact us by emailing us at [email protected] or visiting the Your Privacy Choices web page.

After submitting a request, we will take steps to verify your identity in order for us to properly respond and confirm that it is not a fraudulent request. In order to verify your identity, we will ask, at a minimum, that you provide your name and email address, so that we can seek to match this information with the information existing in our systems. When providing us this information, you represent and affirm that all information provided is true and accurate. If we are unable to verify that the consumer submitting the request is the same individual about whom we have collected personal information, we may contact you for more information, or we may not be able to meet your request.

Only you or an agent legally authorized to act on your behalf may make a verifiable request related to your personal information. If you are making a request as the authorized agent, we will ask you also submit reliable proof that you have been authorized in writing by the consumer to act on such consumer’s behalf.

Response Time; Your Right to Appeal: We will make every effort to respond to your request within 45 days from when you contacted us. If you have a complex request, State Privacy Laws allow us up to 90 days to respond. We will contact you within 45 days from when you contacted us to inform you of the need for additional time and the reason for such extension. We may charge you a reasonable fee to cover administrative costs if your requests are manifestly unfounded, excessive, or repetitive.

If we decline to take action on a request that you have submitted, we will inform you of our reasons for doing so, and provide instructions for how to appeal the decision. Depending on your state of residence you may have the right to appeal within a reasonable period of time after you have received our decision. If you have this appeal right, within 60 days (45 days for residents of Colorado) of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, we will provide you with a method for contacting your state attorney general’s office to submit a complaint.

California “Shine the Light”: In addition to the above rights, under California Civil Code Section 1798.83 (“Shine the Light”), California residents may have the right to request in writing from businesses with whom they have an established business relationship: (a) a list of the categories of personal information, as defined under Shine the Light, such as name, email address, and mailing address, and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes; and (b) the names and addresses of all such third parties. To request the above information, please contact us by email at [email protected]. If you do not want your personal information shared with any third party who may use such information for direct marketing purposes, then you may opt out of such disclosures by sending an email to us at [email protected].

Nevada Privacy Rights: If you are a resident of Nevada, you have the right to opt out of the sale of certain personal information that we have collected (or may collect) from you to third parties. You can exercise this right by emailing us at [email protected]with the subject line “Nevada Do Not Sell Request.”

EUROPEAN PRIVACY RIGHTS

IF YOU ARE SITUATED IN THE EUROPEAN ECONOMIC AREA, SWITZERLAND, OR THE UNITED KINGDOM, THIS SECTION APPLIES TO OUR COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL DATA AND ADDITIONAL RIGHTS YOU HAVE UNDER APPLICABLE LAW.

Legal Basis: We will only use your personal data, as that term is defined under the General Data Protection Regulation (“GDPR”), when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where you have consented to a certain use of your personal data.
• Where we need to comply with a legal or regulatory obligation.

To the extent permitted under applicable laws, we will also process, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary.

Data Controller: DISTINCT is the data controller of all personal data collected through our Properties, with the exception of Service Data, for which DISTINCT acts as a data processor on behalf of its clients. To contact us, please see the section below titled Contacting Us.

With regard to Service Data, you may consult the privacy policy and contact information of the applicable client that acts as the data controller of your Service Data for additional information about their data processing practices.

If you are situated in the EEA, Switzerland, or the UK and have any complaints regarding our privacy practices, you have the right to make a complaint at any time to your local supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority, so please contact us in the first instance. If you have a complaint, please contact our privacy manager here: [email protected]

Provision of personal data and failure to provide personal data: Where we need to collect personal data by law or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this case, we may not be able to provide certain services to you.

Collection of personal data from third-party sources: We may obtain personal data and other information about you public sources and through our third-party partners who help us provide our products and services to you.

Withdrawing your consent: If we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time by contacting us at [email protected].

Data Transfer: We may transfer personal data from the EEA, Switzerland, and the UK to the USA and other countries, some of which have not been determined by the European Commission or the UK Secretary of State to have an adequate level of data protection. Where we use certain vendors, we may use specific contracts approved by the European Commission or the UK Secretary of State which give personal data the same protection it has in Europe. For more information about how we transfer your data, please contact us at [email protected].

Use of your personal data for marketing purposes: We may use your personal data for marketing purposes, including to form a view on what we think may be of interest to you, and to decide which products, services, and offers may be relevant for you. You will receive marketing communications from us if you have requested information from us or used our services and, in each case, if you have consented to our use of your personal data for marketing purposes.

Data Subject Rights: If you are situated in the European Union, Switzerland, or the UK, under the GDPR, as a data subject, you have the right to:

• Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

To exercise your rights under the GDPR, please contact us at [email protected]. Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.

CANADA PRIVACY RIGHTS

Residents of Canada are permitted to request and obtain from us information respecting the existence, use, and disclosure of their Personal Information as well as access to that information (subject to certain exceptions pursuant to applicable laws). Without limiting the above, residents of Canada will, upon request:

• Be informed of whether we hold personal data about you;
• Be provided with an account of third parties to which we have disclosed your personal data;
• Be able to challenge the accuracy and completeness of your personal data and have it amended as appropriate; and
• Be provided with information about our policies and practices with respect to the management of personal data, including: the name or title, and address, of the person who is accountable for our privacy policies and practices; the means of gaining access to personal data; a description of the type of personal data held by us, including a general account of its use; a copy of any brochures or other information that explain our policies, standards, or codes; and what personal data is made available to related organizations.  
•  

We may use service providers that are located outside of Canada. As a result, personal data under our custody or control may be accessible to regulatory authorities, courts, and law enforcement outside of Canada in accordance with the laws of these jurisdictions. Subject to these laws, DISTINCT will use reasonable measures to maintain protections of your personal data that are equivalent to those that apply in Canada.

MEXICO PRIVACY RIGHTS

In compliance with the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP of 2025), its regulations and applicable guidelines, we inform you of the following: DISTINCT Technologies, Inc. will be responsible for collecting your personal data.

Residents of Mexico have the right to access your personal data that we hold and the details of how it is processed, as well as to rectify it if it is inaccurate or incomplete; to delete it if you consider it is no longer required for any of the purposes stated in this Privacy Notice or is being used for purposes you did not consent to; and to object to the processing of your personal data for specific purposes or to limit its use or disclosure. To exercise these rights, please contact us at [email protected], and include the following information in your request:

• Your name, address, or other means of communication for DISTINCT to respond to your request. If you do not provide an address for receiving the response, the request will be deemed not submitted.
• Proof of your identity in order for us to properly respond and confirm that it is not a fraudulent request.[D+G14] 
• A clear and precise description of the personal data in respect of which you wish to exercise any of the rights.
• Any other element or document that facilitates the location of personal data.

The response to your request will be provided by email. DISTINCT will have a period of twenty (20) business days, counted from the date your request was received or from the date you have resolved the information request, to inform you whether the request is appropriate. If the request is appropriate, it will be effective within fifteen (15) days following the date the response is communicated. The aforementioned deadlines may be extended once for an equal period in DISTINCT’s discretion.

At any time, you have the right to revoke your consent for the processing of your personal data so that we can stop using it. To do so, you must submit your request in accordance with the procedure and requirements outlined in the preceding paragraph.

The agency responsible for ensuring compliance with the protection of your personal data is the Secretariat of Anti-Corruption and Good Governance.

CROSS-BORDER DATA TRANSFERS

If you submit personal information to us, that information may be processed in a jurisdiction where privacy laws may be less stringent than those in your country of residence. By submitting your personal information to us, you agree to the transfer, storage, and processing of such information in foreign jurisdictions including, but not limited to, the United States. Be advised that we may be required to disclose your personal information in response to lawful requests by public authorities in the United States, including to meet national security or law enforcement requirements. Where applicable, we may use model clauses approved by the laws of your jurisdiction (such as Standard Contractual Clauses approved by the European Commission) for cross-border data transfers. 

CHILDREN'S PRIVACY

The Properties are intended for users ages 18 and over, and we do not knowingly collect personal information from children under the age of 18. When we become aware that personal information (or other information that is protected under applicable law) from a child under 18 has been collected, we will use all reasonable efforts to delete such information from our databases. If you believe we might have any personal information from or about a child under 18, please contact us by using the information the section below titled Contacting Us.

APPLICABILITY OF THIS PRIVACY POLICY

This Privacy Policy is subject to the Terms of Service that govern your use of the Properties. This Privacy Policy applies regardless of the means used to access or provide information through the Properties. This Privacy Policy does not apply to information from or about you collected by any third-party services, applications, or advertisements associated with, or websites linked from, the Properties. The collection or receipt of your information by such third parties is subject to their own privacy policies, statements, and practices, and under no circumstances are we responsible or liable for any third party’s compliance therewith.

CHANGES TO THIS POLICY

We reserve the right, at our discretion, to change, modify, add, or remove portions from this Privacy Policy at any time, provided that any such modifications will only be applied prospectively. We encourage you to periodically review the Website for the latest information on our privacy practices. Your continued use of the Properties following the posting of any changes to this Privacy Policy means you accept such changes.

CONTACTING US

If you have any questions about our privacy or security practices, please contact us at [email protected].

For more information about how users with disabilities can access this Privacy Policy in an alternative format, please call (908) 892-3143.