Privacy Policy

POLICY AMENDMENTS:

We reserve the right to amend this Policy from time to time. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. Subject to applicable law, any amendments to the Policy will become effective immediately, unless we notify you otherwise. If we materially change the way in which we process your previously collected Personal Data, we will provide you with prior notice, or where legally required, request your consent prior to implementing such changes. We strongly encourage you to review this Policy periodically to ensure that you understand our most updated privacy practices.

CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:

Liquidity Capital M.C. Ltd. is the Data Controller (as such term is defined under the GDPR or equivalent privacy legislation) of your Personal Data collected from you as a user of our services.

You may contact us as follows:

By email: privacy@liquidity.inc.
By Mail: 154 Derech Menachem Begin, Tel Aviv, Israel.

Representative for data subjects in the EU and UK Contact Information:

Contact details of our Data Protection Representatives (“DPR”) for relevant data subjects:

EU Data Protection Representative

Prighter Group, at: https://prighter.com/q/13356608436.

UK Data Protection Representative

Liquidity Capital UK Limited, which you may contact at: privacy@liquidity.inc.

DATA SETS WE COLLECT AND FOR WHAT PURPOSE:

Below you can find information regarding the purposes for which we process your personal data as well as our lawful basis for processing, the definition of “personal” and “non-personal” data, and how it is technically processed.

Non-Personal Data

Non-Personal Data means data that does not identify an individual and cannot reasonably be used to identify an individual, including aggregated or irreversibly anonymized data. Non-Personal Data may include, for example: Aggregated usage statistics (e.g., number of users accessing certain features, average session duration, feature adoption rates), provided that such data does not enable identification of any individual; Technical and device-related information (e.g., device type, operating system, browser type, general system configurations), where such data is not linked to an identifiable individual; De-identified or anonymized analytics data (e.g., traffic patterns, performance metrics, latency and system logs), processed in a manner that prevents re-identification; High-level geographic or demographic insights (e.g., country-level usage distribution), where no individual can be identified; Aggregated business or performance data derived from user activity (e.g., trends, benchmarks, or statistical models), provided such data does not relate to an identifiable person.

Where we process Personal Data to create anonymized or aggregated datasets, we will implement measures designed to prevent re-identification. To the extent such data does not constitute Personal Data under applicable law, we may use it for legitimate business purposes, subject to applicable law.

Personal Data

We may also collect from you, directly or indirectly, during your access or interaction with the services, individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual (“Personal Data”). The types of Personal Data that we collect as well as the purpose for processing and the lawfulness are specified in the table below.

For the avoidance of doubt, certain categories of data may be subject to specific regulatory regimes and therefore fall outside the scope of certain privacy laws (for example, under applicable U.S. privacy laws, de-identified or aggregated information, or information regulated by sector-specific legislation such as HIPAA, FCRA, GLBA, COPPA, FERPA or similar laws). Such information will be treated in accordance with applicable law.

The table below details the processing of Personal Data, the purpose, lawful basis, and processing operations:

DATA SET	PURPOSE AND OPERATIONS	LAWFUL BASIS PER GDPR
Contact and Support Information: If you voluntarily contact us in order to receive our support, you may be required to provide us with certain Personal Data such as your name, email address, and any additional information you decide to share with us.	We will use this data to respond to your inquiry. The correspondence with you may be processed and stored by us to improve our internal operations, as well as in the event we reasonably determine it is needed for future assistance or to handle any dispute you might have with us. We may retain and manage such information using external services and platforms such as CRM systems.	We process such Contact Information subject to our legitimate interest. If you are a customer of our services approaching us with respect to your usage of the services, the data will be processed per the contract between us.
Investor Account Basic Information: Any user of the services provided within the investor portal must have an account. The information provided during the registration process may include your name, email, username and password, as well as information related to the entity on whose behalf you register (i.e., company name, your position, etc.). In addition, we will process email addresses of additional users, where provided by you, for example, by using the “invite a friend” feature, adding authorized users, etc. If you choose to register using a third-party service (such as Google or Facebook), we will collect the Personal Data made available to us by such third party, for example your full name and email address, subject to such third party’s privacy policy.	We will process this information to verify your identity and grant you access to our services. As part of that we may use your email or phone number as part of a Multi-Factor Authentication process. We may also use this information in order to provide you with account management, to provide the services as well as to send you needed information related to provide you with our services and which related to our business engagement (e.g., send you a welcome message, notify you regarding any updates to our services, etc.) and additional occasional communications and updates related to the services. Such messages may be delivered to you through email or SMS in accordance with applicable law. Further, we may send you promotional and marketing emails, to the extent we are allowed to do so under applicable law (“Direct Marketing” as detailed hereunder). We may also process your account information by using “cookies”.	Our lawful basis for processing such data, analyzing it, and granting you access to the requested service is the contract between us. We may further analyze and process your login data for security purposes, upon our legitimate interests. In some cases, and where required under applicable law, using your data for promotional purposes will be subject to your consent. In such instances, you may always withdraw your consent at any time by contacting us or unsubscribe from any marketing list through the designated feature included in such message.
Due Diligence and Compliance Information As part of due diligence and compliance processes, users of the investor portal may share Personal Data related to the assessed entity’s shareholders, directors, officers, clients, employees, contractors, agents, suppliers or other stakeholders. This may include names, contact details, address, title, position, date of birth, governmental identification number, ownership and interests in the assessed entity or related entities, nationality, country of residence, tax residency, source of funds, employment-related information (e.g., salary and options), bank account details, supporting documents (e.g., ID and passports), and publicly available information used for validation and qualification purposes.	We collect, store and use this information for due diligence, validation, qualification, KYC, CFT and AML compliance checks, assessing eligibility, financial status and credit rating (of you, or your related company), and complying with applicable legal or regulatory obligations. We may share this information with third party processors, such as banks and other third parties that assist us in onboarding investors and their documents.	We process such financial information subject to your consent and performance of our contract. Sometimes, certain Personal Data is processed under our legal obligations, such as AML/KYC obligations.
Investments and Portal Use Data As part of your use of the investor portal and any investment or transaction process, we may collect and process Personal Data relating to users, investing entities, investment targets, or related individuals. This may include information related to investors’ or investment targets’ shareholders, directors, officers, clients, employees, agents, suppliers or other stakeholders, such as name, address, email, phone number, title, position, date of birth, governmental identification number, declarations, and records of actions taken through the investor portal.	We collect, store and use this information to manage and facilitate use of the investor portal, administer investment and transaction-related processes including assessing your or your company financials and credit risk, document instructions, confirmations and consents, communicate with users, maintain records, support internal operations, and comply with applicable legal, regulatory and contractual obligations.	Our lawful basis for processing such data, analyzing it, and granting you access to the requested service is the contract between us.
Online Identifiers and Advertising and Targeting data When you interact with the website and services, we may collect online identifiers such as your Internet Protocol address (IP), Cookie-ID, etc., and other information that relates to your activity through the website, such as pages viewed, click stream data, login time and date stamp, etc. This data might be collected directly by us or through our use of third parties' cookies and advertisement platforms. Similarly, we may collect Ad calls, which are codes shared with advertisers, include zip code, advertiser ID, the webpage that you came from, the IP address, and approximate location which assists the advertiser to determine which ads to place. The ad-call will also include your preference regarding interest-based advertising as further explained herein. Please see more in the Cookies section below.	Collection of device identifiers is needed for the following purposes: (i) Internal statistics and analysis, for which device identifiers might be combined with usage data, for example, to analyze how many visitors have accessed certain content and from which country (where the country is extracted from the IP address) in order to enhance and improve our website and its content. (ii) Marketing and advertising purposes. Our partners will process this data to manage and deliver advertisements and content more effectively and personally, including contextual, behavioral, and interests-based advertising based on your activity, preferences or other data available to us or to our business partners and advertisers, including for re-targeting purposes.	Our lawful basis for processing this data for technical and security purposes is based upon our legitimate interest. If we process your Personal Data for analytics and advertising purposes and to the extent required under applicable laws (e.g., if we use third party cookies), we will obtain your consent for such processing. In any such case, you may withdraw consent or change your preferences at any time by using the cookie settings tool available on our website.
Direct Marketing: As a user, we will send you materials and marketing content, including events invitations, through the email information you provided during your registration.	We will use this information to keep you updated with offers and content such as updates, new capabilities and features, and to send supporting documentation.	We process such data subject to our legitimate interest. You can opt-out at any time through the "unsubscribe" link within the email or by contacting us directly. However certain operational content will still be sent.
Recruitment Data: in the event you wish to apply for a job, you may voluntarily provide us with your CV through our means of communications. For more information, please review our Candidates Privacy Notice.	We will use the CV and information you provide to process your job application for recruitment purposes and check your suitability.	We will process basic recruitment data subject to our legitimate interests to consider your application and respond. If we move forward with you in the recruitment process, or where you have initiated the recruitment application, at an advanced stage of the negotiations we will process your data as part of our contractual relationship with you. If we choose to retain your data for any other future positions that may apply to you, we will ask for your explicit consent to the extent required by applicable law.

Please note that the actual processing operation for each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in the Data Transfer Section below, is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the services and to enforce the Terms, as well as to protect the security or integrity of our databases, services, and the website, and to take precautions against legal liability. Such processing is based on our legitimate interests.

HOW WE COLLECT YOUR INFORMATION:

Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows:

Automatically – we may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically, or automatically through the use of our services.

Provided by you or about you voluntarily – we will collect information if and when you choose to provide us with the information, when you register to the investor portal, provide us with any KYC information, etc.

Provided from third parties – where permitted under applicable law and provided with your consent for cookie usage, we may enrich the Personal Data collected about you with data provided by third parties. In addition, for investment onboarding and due diligence, we may collect relevant verification information from third-party KYC/AML agencies, compliance, credit, sanctions-screening, fraud-prevention, and credit-reference sources.

COOKIES

When you access or use our services, we may use “cookies” or similar tracking technologies, which store certain information on your device (i.e., locally stored). The use of cookies is standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are used by us for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes, analytic purposes and advertising. You can find more information about our use of cookies here: www.allaboutcookies.org.

There are several types of cookies, including without limitation:

Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling visitor movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate visitors, prevent fraudulent use, and protect visitor data from unauthorized parties). This category of cookies either cannot be disabled, or if disabled, certain features of the website may not work.

Analytic, Measurement & Performance Cookies. These cookies are used to collect information about how visitors use our website, in order to improve our website, content, and the way we offer them, as well as assess the performance of the content and marketing campaigns. These cookies enable us, for example, to assess the number of visitors who have viewed a certain page as well as their country of origin. It enables our website to remember information that changes the way it behaves or looks, such as your preferred language.

Preference, Targeting & Advertising Cookies. These cookies are used to advertise across the internet and to display relevant ads tailored to visitors based on the parts of the website they have visited (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage).

You may find more information about the cookies we use as well as opt-out from cookies or change your preferences at any time by using the cookies setting tool available on the footer of our website.

Where we use third-party advertising cookies, such third-party may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of our advertising campaign you interacted with. These third parties collect and use this information under their own privacy policies, and we are not responsible for their privacy practices.

Although we do not sell your Personal Information for profit, we do engage in targeted advertising on the website, this type of advertising activity may be considered a “sale” of Personal Data under certain US Privacy Laws and may also be referred to as “targeted advertising”. Please note that even if you opt-out you may still see personalized ads based on information other companies and ad networks have collected about you, if you have not opted out of sharing with them.

For IBA opt out options on desktop and mobile websites, please visit:

Digital Advertising Alliance (US) https://www.aboutads.info/choices/

Digital Advertising Alliance (Canada) https://youradchoices.ca/en/tools

Digital Advertising Alliance (EU) https://www.youronlinechoices.com/

Network Advertising Initiative https://optout.networkadvertising.org/?c=1

In accordance with applicable law, we will honor browser-based opt-out signals, such as the Global Privacy Control (GPC) and Universal Opt-Out Mechanisms (UOOM), by automatically disabling non-essential cookies when such signals are detected.

DATA SHARING:

We share your data with third parties, including our partners or service providers that help us operate and make the most of the website. You can find here information about the categories of such third-party recipients.

Categories of Recipients	Additional Information
Our Affiliated Companies	We may share Personal Data with our affiliated companies and subsidiaries in order to provide joint services, for example, marketing, improving our services, etc. Further, we may share such data with our affiliates as part of our legal obligations, such as AML and KYC processes.
Our Service Providers	We share your Personal Data with our trusted service providers and business partners that perform business operations for us on our behalf (as data processors) and pursuant to our instructions. This includes the following categories of service providers: AML and KYC advisors, who help us to meet our regulatory requirements. Banks and other related vendors, who help us in facilitating the lending transactions. Advertising and marketing service providers, who help us with advertising measurements, email marketing, etc.; Data storage providers, with whom we entrust the hosting and storage of our data; Consent Manager (CMP), an external service that provides us with the ability to allow website visitors to control and manage their cookies preferences and consent; General IT and SaaS providers – providing us with IT systems for the management of our daily conduct; Data analytics and data management providers, who help us improve, personalize and enhance our operation. Data security partners, who help us detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches and ensure compliance with legal obligations.
Legal and Law Enforcement	We may disclose certain Personal Data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other visitor to legal liability, and solely to the extent necessary to comply with such purpose.
Corporate Transactions	In the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation, or asset sale) we will share the Personal Data we store with our acquiring company. In any such case, we will oblige the acquiring company to assume the rights and obligations as described in our Privacy Policy.

When we share information with service providers, we ensure they only have access to such information that is strictly necessary for us to operate the services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (however, such service providers may use certain data for their own benefit subject to separate terms agreed upon with you or per your consent, as well as in the case of using merely Non-Personal Data).

DATA RETENTION:

In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you express your preference to opt-out, where applicable.

The circumstances in which we will retain your Personal Data include: (i) where we are required to do so in accordance with legal requirements, or (ii) for us to have an accurate record of your interaction with us in the event of any inquiries or contact requests, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obliged to retain your data for a particular period, and we may delete it for any reason and at any time, without providing you with prior notice of our intention to do so.

SECURITY MEASURES:

We take great care in implementing physical, technical, and administrative security measures for the website and services, that we believe comply with applicable regulation and industry standards to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed, or accidentally lost.

If you feel that your privacy was not dealt with properly or was dealt with in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data, please contact us at our email.

INTERNATIONAL DATA TRANSFER:

Due to our global business operation, we may store or process your Personal Data in several territories, including, for example in Israel, the UK, EU, US or in other countries (whether directly or indirectly through the use of our vendors). Thus, your Personal Data may be transferred to and processed in countries other than the country from which you accessed our website or otherwise the country of your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer in accordance with applicable law.

Further, when Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection) it shall be transferred under the provisions of the standard contractual clauses approved by the European Union. If you would like to understand more about these arrangements and your rights in connection therewith, please contact us at our email.

In addition, some of the third parties used for cookies management on our website may store and process data globally, including in the US (e.g., Google Analytics servers). When granting consent for such cookies, you hereby acknowledge and approve such cross-border transfer, in accordance with such third party’s privacy practices.

YOUR RIGHTS

Data protection and privacy laws may grant you certain rights with regards to your Personal Data, all according to your jurisdiction. The rights may include one or all of the following: (i) request to amend your Personal Data we store; (ii) review and access your Personal Data that we hold; (iii) request to delete your Personal Data that we hold (as long as we do not have a legitimate reason for retaining the data); (iv) restrict or object to the process of your Personal Data; (v) exercise your right of data portability (vi) contact to a supervisory authority in your jurisdiction and file a complaint; and (vii) withdraw your consent (to the extent applicable). We will not discriminate against you for exercising any of your privacy rights.

To exercise your rights set out above, you may fill out the Data Subject Request Form (“DSR”) available here and send it to our email at: privacy@liquidity.inc. You may also complete the DSR form if you do not want us to share your Personal Data with unaffiliated or non-agent third parties for promotional purposes.

We do not control third parties' method of collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website at https://optout.networkadvertising.org/?c=1.

When you contact us and request to exercise your rights regarding your Personal Data, we will require certain information from you in order to verify your identity and locate your data and that the process of locating and deleting the data may take reasonable time and effort, as required or permitted under applicable law. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

In certain circumstances, and subject to applicable U.S. Privacy Laws, you may permit an authorized agent to submit requests on your behalf. For more information, please refer to our DSR form.

You have the right to lodge a complaint with the EU Member State supervisory authority if you are not satisfied with the way in which we handled the complaint.

Specific U.S. Jurisdictional Privacy Rights

Residents of the following states may have the privacy rights set out above: Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

California residents should read and follow our CCPA Notice referenced above.

Nevada provides its residents with a limited right to opt-out of certain Personal Data sales. Residents who wish to exercise this sale opt-out right may do so as provided for in this Section.

You should check the laws of your state of residence to determine whether these rights apply to you. The exact scope of these rights may vary by state. Data privacy laws are constantly evolving, and the list of states herewith data privacy laws may not be all-inclusive.

Responding to US Data Rights Requests:

For U.S. residents exercising data privacy rights, we endeavor to confirm receipt of all requests within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact us as provided above to ensure we have received your request.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt, or as otherwise required by U.S. Privacy Laws. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

The information in our response will cover the 12-month period preceding our receipt of your request. If we cannot comply with your request or any portion of your request, our response will explain the reasons we cannot comply with.

If you have an account with us, we may deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or your authority to make the request and confirm that the Personal Information relates to you.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. You do not need to create an account with us to exercise your privacy rights.

Appeals:

If we decline to take action on your request, we will inform you within 45 days (Colorado residents) or 60 days (all other U.S. jurisdictions) of receipt. Our response will include a justification for the decision and an explanation about your right to lodge an appeal. If you wish to do so, please send your appeal request with a summary of the request and decision you want to appeal to: privacy@liquidity.inc.

If you are not happy with our response, depending on your jurisdiction, you may have the right to lodge a complaint against us with the relevant State’s Attorney General. If you do not have your Attorney General’s contact information, please contact us at privacy@liquidity.inc, and we will endeavor to provide the relevant information to you.

‍THIRD PARTY WEBSITES:

Our Privacy Policy only addresses the use and disclosure of Personal Data we collect from you. To the extent that you disclose your Personal Data to other parties via the website (e.g., by clicking on a link to any other website or location), different rules may apply to their use or disclosure of the Personal Data you disclose to them, and this Privacy Policy does not apply to any such third-party products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.

ELIGIBILITY AND CHILDREN PRIVACY:

Our services are not directed nor intended for use by children, and we do not knowingly process, sell or share children’s information. We will discard any information that we receive from a user who is considered a "child" immediately upon our discovery that such a user shared information with us. Please contact us at: privacy@liquidity.inc, if you have reason to believe that a child has shared any information with us.

Liquidity Capital M.C. Ltd. together with its subsidiaries and affiliated companies ("Company", "we", "us" or "our") respects your privacy and recognizes that your privacy is important.

This privacy policy ("Privacy Policy") explains the Company's practices regarding the collection, processing, usage and transfer of Personal Data, that are applicable towards any visitor of our website ("Visitor"), as well as upon registration, access and use of our Platform (as defined under our Terms & Conditions) by any third party engaged with us for such purpose and any individual on its behalf ("Platform Users") as well as collection of certain data from our investors and their affiliated entities and individuals (“Investors”). Visitors, Platform Users and Investors will be further referred to as "you" or "user".

This Privacy Policy also provides the required information regarding your rights related to your Personal Data processed by us, under applicable privacy and data protection legislation and including under the EU and the UK General Data Protection Regulation (collectively "GDPR") and various US states, as further detailed below.

You are not required by law to provide us with any Personal Data, however, please note, that some of our Services (as defined under our Terms & Conditions) require the processing of certain Personal Data and without such data we may not be able to provide you with all or part of the Services.

Additional Notice to California Residents: In the event you are a California resident – please review our CCPA Privacy Notice to learn more about our privacy practices with respect to the California Consumer Privacy Act.

Additional Notice to Colorado, Virginia, Connecticut or Utah Residents: In the event you are a resident of one of these US states – please also review Section ‎13 below ”Jurisdiction-Specific Notices” to learn more about our privacy practices and your rights under the privacy and data protection legislation which applies in these states.

‍

1. Data Controller, Data Protection Officer & Representative

Liquidity Capital M.C. Ltd., incorporated under the laws of the State of Israel, together with its subsidiaries and affiliated companies is the “Data Controller” (as such term is defined under the GDPR or equivalent privacy legislation) of the Personal Data collected from Visitors and Platform Users with regards to their registration and use of the Service.

If you have any question, inquiry, request or concern related to this Privacy Policy or the processing of your Personal Data, you may contact us, and our privacy team as follows:

● By Email - to our Data Protection Officer at privacy@liquidity.inc; or

● By Mail: Derech Menachem Begin 154, Tel Aviv-Yafo (Attention: Data Protection Officer).

EU Data Protection Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase Personal Data). If you want to contact us via our representative- Prighter, or make use of your data subject rights, please visit the following website: https://prighter.com/q/13356608436

UK Data Protection Representative

Liquidity Capital UK Limited, which you may contact at: privacy@liquidity.inc

2. The Personal Data We Collect & Our Lawful Basis for Processing Your Personal Data

Depending on your interaction with us, meaning if you browse our website, or register and use the Platform or Services, we collect two types of data:

"Non-Personal Data" meaning, information which does not identify a specific natural person and cannot reasonably be used for such identification. We collect Non-Personal Data regarding use of the website and Platform, such as the scope, frequency, latency, pages accessed and viewed, time and date stamp, interactions with content and materials displayed through our website, language preference, and other technical information regarding the device used to access the website, for example type of device, type of browser, operating system, etc. This data is considered as Non-Personal Data when collected on an aggregate basis, or otherwise not combined with online identifiers.

Also, we may sometimes process and anonymize or aggregate Personal Data and identifiable information in a manner that shall create a new set of data that will be Non-Personal Data. Such a new data set can no longer be associated with any identified natural person.

Non-Personal Data may be used by us without limitation and for any purpose, including for commercial, research, or statistical purposes, in order to maintain and develop our website and Platform, including among others, for ensuring the technical functioning of our website and Platform, to help prevent fraudulent use of the website and Platform, etc.

"Personal Data" meaning, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual. This may include online identifiers, first and last name, email address, etc.

If we combine Personal Data with Non-Personal Data, we will treat the combined data as Personal Data.

We have included in the table below information about the types of Personal Data processed, how we process and use Personal Data, the lawful basis for which we do so subject to the GDPR and processing operations.

Type of Data

Purpose of Processing & Operation

Lawful Basis

Data Collected Upon Registration and Use of Our Platform
‍If you choose to use our Platform you will be required to provide us with your full name and email address (for signing-up), as well as information related to the entity you sign up on its behalf (i.e., company name, your position, etc.). In addition, we will process email address of additional users, where provided by the Platform Users, for example, where using the “invite a friend” feature, adding authorized users, etc.
If you choose to sign in through your social media accounts (e.g., LinkedIn, Facebook or Google account), we will be provided with your email address related to such account as well as information you have made public (such as profile picture, etc.).

We will collect, store and use this information for the purpose of designating your account, and enabling the login process and access to the Platform. We will further use your contact details in order to send you the required information related to the Services (i.e., operational messages) as well as marketing materials related to our Services (i.e., direct marketing).

Our lawful basis for processing this data is the performance of our contract with you – meaning, to enable the use of the Platform.
Processing for direct marketing purposes is based on our legitimate interest. You may opt-out at any time through the “unsubscribe” link within the email or by contacting us directly. Please note that if you opt-out we will not send you our marketing materials however we will continue to send you operational related communications.

Data Uploaded to the Platform or Collected in the Course of a Due Diligence Process
In the course of a due diligence, in the event initiated by the Company, and solely where explicitly requested by the Company, Platform Users may share Personal Data related to the assessed entity’s shareholders, clients, employees, agents, suppliers or other stakeholders, as follows:
Information related to the assessed entity’s shareholders, directors and officers: this may include name, address, email, phone number, title, position, date of birth, governmental identification number, ownership and interests in the assessed entity or other related entities, financial information (such as salary, compensation, dividends, etc.), as well as supporting documentation such as identification documents and utility bill (including in certain cases copies of such documents including IDs and passports), and information related to legal proceedings or administrative proceedings against the aforesaid individuals (in their capacity as such).
Information related to the assessed entity’s employees, contractors and agents: this mainly includes employment related terms such as salary, social benefits, allocated options, etc., as well as position and job title.
Information related to the assessed entity’s suppliers: this mainly includes information referenced in agreements or other engagements and transactions related documentations (e.g., invoices) and for example, name, contact details (e.g., email and phone number), bank account details, transactions made, etc.
Public information: we may collect and use Personal Data that has been made public as a result of steps taken by the assessed entity’s related individuals or by legal authorities for validation and qualification purposes, subject to applicable laws.

We will collect, store and use this information for the purpose of evaluating the request for financing, qualification and validation (for example, as part of a KYC or AML compliance process and evaluation), as well as managing and facilitating the related interaction, due diligence process and engagement. Platform Users hereby represents and warrants that: (i) it will not provide Personal Data in excess of the information requested by the Company (if any); (ii) subject to law’s requirements, Platform Users provided the applicable individuals with the required notices, and where needed, obtained consent, for sharing the Personal Data with the Company for the purposes described herein.

Our lawful basis for the processing of this information as part of the due diligence process is based on our legitimate interests.
‍
If we engage in a transaction agreement, we will further use this information where this is necessary for compliance with a legal or regulatory obligation to which we are subject (such as anti-money laundering, and know your client obligations) and retain copies of materials in respect thereof.
‍
Some information might be provided where Platform Users enables the integration to third party platforms, such as platforms enabling ongoing connection to bank accounts and other financial accounts. Any information transferred to us is subject to your consent, according to the privacy settings you choose to apply on such third-party platforms. You should review the privacy policies or terms of service for those third party platforms for information about their practices, which is not under our control or responsibility.

Device Identifiers and Online Usage
When you interact with the website and use our Platform, we will collect online identifiers such as your Internet Protocol address (“IP”), Cookie-ID, etc., as well as other information that relates to your activity through the website and Platform, such as pages viewed, click stream data, login time and date stamp, etc. This data might be collected directly by us or by through our use of third parties' cookies.

Collection of device identifiers is needed for the following purposes:
‍
(i) Website and the Platform’s operation, security and fraud detection purposes, and for example, when you login to our Platform, in order to detect and prevent fraudulent access;
‍
(ii) Internal statistics and analysis, for which device identifiers might be combined with usage data, for example, to analyze how many users have accessed certain content and from which country (where the country is extracted from the IP address) in order to enhance and improve our website and its content;

(iii) Marketing and advertising purposes.

Note that, we do not attempt to analyze or determine your identity based on such information or otherwise combine it with any information such as your name or email address.
We will collect, store and use this information for the purpose of evaluating the request for financing, qualification and validation (for example, as part of a KYC, CFT, including AML compliance process and evaluation), as well as managing and facilitating the related interaction, due diligence process and engagement.

Our lawful basis for the processing this data for operation and security purpose is based on our legitimate interests.
Where required under applicable laws, we will obtain your consent for the purpose of data collection through our use of third-party cookies for analytics and advertising purposes. In any such case, you may withdraw consent or change your preferences at any time by using the cookie settings tool available on our website.‍

Data regarding our Investors, Users, including potential investments’ related persons.
‍As part of any Investment process, we may collect and process certain information pertaining to the investing entity, investment target, or individual, including, solely where explicitly requested by the Company, Users may share Personal Data related to the Investor’s or target investment’s shareholders, clients, employees, agents, suppliers or other stakeholders, as follows:
Information related to the Investor shareholders, directors and officers: this may include name, address, email, phone number, title, position, date of birth, governmental identification number, ownership and interests in the assessed entity or other related entities, financial information (such as salary, compensation, dividends, etc.), as well as supporting documentation such as identification documents and utility bill (including in certain cases copies of such documents including IDs and passports), and information related to legal proceedings or administrative proceedings against the aforesaid individuals (in their capacity as such).
Public information: we may collect and use Personal Data that has been made public as a result of steps taken by the Investor’s or target investment’s related individuals or by legal authorities for validation and qualification purposes, subject to applicable laws.

We will collect, store and use this information for the purpose of evaluating the request for financing, qualification and validation (for example, as part of a KYC, CFT, including AML compliance process and evaluation), as well as managing and facilitating the related interaction, due diligence process and engagement.

Our processing of this information is based on our legitimate interests.
‍
We will further use this information where this is necessary for compliance with a legal or regulatory obligation to which we are subject (such as our anti-money laundering and know your client obligations) and retain copies of materials in respect thereof.

*** Please note that if you provide information related to another individual, you hereby warrant and acknowledge that you are authorized under applicable law to share such information with is for the purposes herein.

Contact Communications
‍If you voluntarily contact us through any means of communications, we make available (e.g., send us an email, or use any other online form available on our website or Platform), you will be requested to provide us with your contact information such as your name, phone number and email address.

We process your contact information solely for the purpose of contacting you, responding to your inquiries and provide you with the support or information you have requested.
The correspondence with you may be processed and stored by us in order to improve our internal operation, as well as in the event we reasonably determine it is needed for future assistance or to handle any dispute you might have with us.

We process such data subject to our legitimate interest.

Newsletter & Updates Registration
‍In the event you sign up to receive our newsletter or other promotional materials, you will be requested to provide your contact details, such as email address.

We will use the information you provide in order to include you in our mailing list and send you the materials you have signed up to receive.

Our lawful basis for the processing of this data is your consent.
‍
You may withdraw your consent at any time by clicking the “unsubscribe” link which will be included in the email we will send you. You may also contact us at: privacy@liquidity.inc and request to unsubscribe.

Job Applications
‍If you wish to apply for any position posted on our website, you will be requested to provide certain information such as your name, e-mail address, phone number, and your CV. You may also choose to provide us additional information such as recommendations from previous employers, your LinkedIn profile, etc.

‍For more information, please review our Candidate's Privacy Notice.

We collect and process this data in order to examine your resume in the context of managing our recruiting and hiring process. In addition, we will use such information to demonstrate compliance with corporate governance and legal and regulatory requirements.

Please note, in the event you send us your CV, your provision of Personal Data in connection with recruiting is voluntary, and you determine the extent of information you provide us. We do not request or require sensitive personal information concerning religion, health, sexual orientation, or political affiliation in connection with recruiting. If you are hired, the information may be used in connection with employment and corporate management.

Our lawful basis for processing of this data is our legitimate interest.

3. How We Collect Information

Depending on the nature of your interaction with us, the website and the Platform, we may collect information as follows:

Automatically – we may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically.

Automatically – we may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically.
Provided by you or about you voluntarily – we will collect information if and when you choose to provide us with the information, such as through online registration, contact us communications, etc. all as detailed in this Privacy Policy.
Collected from authorized third parties and public sources – such as open online databases, social media networks, credit bodies, etc.

4. Cookies

When you access or use the website, we use “cookies” or similar tracking technologies, which store certain information on your device (i.e., locally stored). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are used by us for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes, analytic purposes and advertising. You can find more information about our use of cookies here:www.allaboutcookies.org.

There are several types of cookies, and among others:

Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling user movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, and protect user data from unauthorized parties). This category of cookies either cannot be disabled, or if disabled, certain features of the website may not work.
Analytic, Measurement & Performance Cookies. These cookies are used to collect information about how users use our website, in order to improve our website, content, and the way we offer them, as well assess performance of the content and marketing campaigns. These cookies enable us, for example, to assess the number of users who have viewed a certain age as well as their country of origin. It enables our website to remember information that changes the way it behaves or looks, such as your preferred language.
Preference, Targeting & Advertising Cookies. These cookies are used to advertise across the internet and to display relevant ads tailored to users based on the parts of the website they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage)

The third-party cookies we currently use, and their category are listed under the Cookie List

You may opt-out of cookies or change your preferences ant any time by using the cookies setting tool available on our website.

Also note that, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Please note that once you choose to opt out or disable cookies, some features of the website may not operate properly and your online experience may be limited.

‍5. Data Sharing – Categories of Recipients We Share Personal Data With

We share your Personal Data with third parties, including with trusted partners or service providers that help us to manage our business operation, website, etc. You can find here information about the categories of such third-party recipients.

Categories of Recipients

Additional Information

Our Affiliated Companies

We may share Personal Data with our affiliated companies and subsidiaries in order to provide joint services, for example, marketing, customer support, recruitment, etc. Further, we may share such data with our affiliates as part of our legal obligations, such as AML and KYC processes. We may further share certain types of Personal Data about you as may be necessary to help detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches. We may share Personal Data with our affiliated companies and subsidiaries in order to provide joint services, for example, marketing, customer support, recruitment, etc. Further, we may share such data with our affiliates as part of our legal obligations, such as AML and KYC processes. We may further share certain types of Personal Data about you as may be necessary to help detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches.

Our Service Providers

We share your Personal Data with our trusted service providers and business partners that perform business operations for us on our behalf (as data processors) and pursuant to our instructions.
This includes the following categories of service providers:
● Advertising and marketing service providers, who help us with advertising measurements, email marketing, etc.;
● Data storage providers, with whom we entrust the hosting and storage of our data;
● Customer support providers, who help us perform such functions as customer support and customer service;
● Data analytics and data management providers, who help us improve, personalize and enhance our operation;
● Data security partners, who help us detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches and ensure compliance with legal obligations;
● AML and KYC advisors, who help us to meet the regulatory requirements for AML CFT purposes.

Legal and Law Enforcement

We may disclose certain Personal Data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

Corporate Transactions

In the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale) we will share the Personal Data we store with our acquiring company.
‍
We will obligate the acquiring company to assume the rights and obligations as described in our Privacy Policy.

Where we share Personal Data with services providers and partners, we ensure they only have access to such information that is strictly necessary in order for us to provide the services of fulfil the purpose for which data was shared. These parties are required to secure the Personal Data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with applicable data protection regulations (note that, such service providers may use other Non-Personal Data for their own benefit).

6. Cross-Border Data Transfer

Due to our global business operation, we may store or process your Personal Data in several territories, including, for example in Israel, the UK, EU, US or in other countries. Thus, your Personal Data may be transferred to and processed in countries other than the country from which you accessed our websites or otherwise the country of your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. Where Personal Data collected from within the EU or UK, is being transferred outside such territories to countries which didn’t receive an adequacy decision on behalf of an authorized authority (such as the EU Commission), we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union or the UK Information Commissioner’s Office. Thus, we will obtain contractual commitments or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well-recognized certification schemes.

7. Data Retention

We retain the Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.

In certain circumstances, we will retain your Personal Data for longer periods of time and mainly:

Where we are required to retain Personal Data in accordance with legal, regulatory, tax, or accounting requirements;

Where we deem retention is necessary to obtain an accurate record of your dealings with us in the event of any complaints or challenges; or

If we reasonably believe there is a prospect of litigation relating to your Personal Data.

We may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.

8. Privacy Rights

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your Personal Data. Depending on your relationship with us (e.g., if you are a Visitor of our website or a Platform User), your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

The table below details some of the principal rights that may apply to (subject to your jurisdiction and additional conditions), how you can exercise them and appeal a decision we take in this regard:

Right to Be Informed

You have the right to be provided with information regarding our Personal Data collection and privacy practices. All is detailed under this Privacy Policy. If you have any additional questions, please contact us at: privacy@liquidity.inc.

Right to Know, Access Rights

You have the right to confirm whether we collect Personal Data about you and to know which Personal Data we specifically hold about you, and receive a copy of such or access it.

Right to Correction/Rectification

You have the right to request the updating of Personal Data that is not correct, taking into account the nature of the processing and the purposes. At any time, you may correct certain Personal Data included in the Platform account information by logging in to your account.

Right to Be Forgotten, Right to Deletion

You have the right to request the erasure of certain Personal Data if specific conditions are satisfied. This right is not absolute. We may reject your request under certain circumstances, including where we must retain the data in order to comply with legal obligations or defend against legal claims, other legitimate interests such as record keeping with regards to our engagements, completing transactions, providing a good or service that you requested, taking actions reasonably anticipated within the context of our ongoing business relationship with you, fulfilling the terms of a written warranty, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, or prosecuting those responsible for such activities; debugging products to identify and repair errors that impair existing intended functionality; exercising free speech, ensuring the right of another consumer to exercise their free speech rights, or exercising another right provided for by law; and engaging in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
You do not need to create an account with us to submit a deletion request.

Right to Restriction of Processing

You may be entitled to limit the purposes for which we process your Personal Data if one of the following conditions are satisfied: where the accuracy of the Personal Data is contested by you, for a period enabling us to verify the accuracy of the Personal Data; where the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead; where we no longer need the Personal Data for the purposes of the processing, but we are required by you to retain it for the establishment, exercise or defence of legal claims; where you objected to processing (as detailed below) pending the verification whether our legitimate grounds override your request.

Right to Data Portability

You have the right to get a copy of your Personal Data in a portable format and, to the extent technically feasible, readily usable format that allows you to transmit the Personal Data to another entity without hindrance. We will select the format in which we provide your copy.

Right to Withdraw Consent or Opt-Out (Object) Under the GDPR, and Specifically in the US the Right to Opt-Out From:
(i) Selling Personal Data;
(ii) Targeted Advertising; and
iii) Profiling & Automated Decision Making

When the lawful basis for processing your Personal Data is your consent, you may withdraw such consent at any time. For example, you may unsubscribe at any time from our mailing list.
You further have the right to object to the processing of Personal Data, in the event the basis for processing is our legitimate interests. However, we will be permitted to continue the processing if our legitimate interests override your rights, or when processing is necessary to establish, exercise, or defend a legal claim or right.
You have the right to opt-out from direct marketing, if applicable, by unsubscribing through the email received.
We do not profile you in a manner that has a significant effect on you or other consumers, therefore there isn’t an opt-out option.
We do not “sell” or “share” information as most people would commonly understand that term. We do not, and will not, disclose your Personal Data in direct exchange for money or some other form of payment; however, we do share Personal Data for analytic and marketing purposes, including targeted advertising, when we promote our website or services. In most cases we obtain Personal Data collected automatically from our website and your actions therein through our use of cookies, and do not combine it with your actions on other websites, however, our third-party partners might do so, when providing analytic or advertising services to us.
You have the right to opt-out of the “selling” or “sharing” of your Personal Data for “cross-contextual behavioural advertising”, or “targeted advertising”, often referred to as “interest-based advertising” as well. You can exercise these rights by using the cookies setting tool available on our website.You are able to install privacy-controls in the browser's settings to automatically signal the opt-out preference to all websites you visit (such as the “Global Privacy Control”).
In any event, please keep in mind that opt-out tools are limited to the browser or device you use because they work off your browser ID and device ID and, accordingly, you will need to opt-out on each browser and device you use. Your browser may save some information in its cookies and cache to maintain your privacy preferences. Clearing these may remove opt-out preferences, requiring you to opt-out again.

Right To Appeal or Lodge Complaint

If we decline to take action on your request, we will inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable.
‍
Under the GDPR you have the right to lodge a complaint with the applicable Data Protection Authority in the EU or the Information Commissioner in the UK.

Non-Discrimination

Denying a good or service, providing a different level or quality of service, or charging different prices. We do not discriminate against our Visitors or Platform Users, but we reserve the right to deny a good or service, provide a different level or quality of service, or charge different prices, all subject to applicable laws.

For additional information on your rights and how to exercise your rights, please see the Data Subject Request (“DSR”) form available HERE, and send it to our privacy team at: privacy@liquidity.inc.

If you are an EU resident, you may also submit the request to exercise your right to our EU Data Protection Representative, Prighter Group, at https://prighter.com/q/13356608436

Where we are not able to provide you with the information for which you have asked, we will endeavour to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.

9. Security

We take great care in implementing and maintaining the security of our website, our Platform, users’ Personal Data. We employ industry standard procedures and policies to ensure the safety of individuals’ information and prevent unauthorized use of any such.

We have implemented technical, physical and administrative security measures to protect the Personal Data we process. In addition, we limit access to Personal Data stored by us.

Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized accessor abuse our website and Platform, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.

Please contact us at: privacy@liquidity.inc, if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

10. Third Party Websites

‍
11. Children’s Data

The website and the Platform are not intended for individuals under the age of eighteen (18). Accordingly, we do not knowingly solicit Personal Data from or market to children as defined under applicable law. We request that such individuals do not provide Personal Data. If you become aware or have any reason to believe that a child has shared any Personal Data with us, please contact us through the means of contact detailed herein.

12. Changes and Updates

We reserve the right to change this Privacy Policy at any time, so please re-visit this page frequently. In the event of any substantial change of this Privacy Policy, we will make reasonable efforts to post a clear notice on the website and obtain your consent where required under applicable. Changes to this Privacy Policy are effective as of the stated “Last Updated” date and your continued thereafter will constitute acceptance of, and agreement to be bound by, those changes.

13. Jurisdiction-Specific Notices

ADDITIONAL INFORMATION FOR COLORADO RESIDENTS

This section applies to Colorado residents acting only as an individual or household context (and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context). Pursuant to the Colorado Privacy Act (“CPA”) please see below the disclosure of the categories of Personal Data that are collected or processed, the purposes, how consumers can exercise their rights, and appeal such decision, categories of third-parties the controller shares or sells the Personal Data, or sells the Personal Data for advertising and how to opt-out.

“Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.

“Sensitive Data” under the CPA means: racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; genetic or biometric data that can be processed to uniquely identify an individual; or child data. We do not process Sensitive Data.

In Section ‎2 of this Privacy Policy “The Personal Data We Collect & Our Lawful Basis for Processing Your Personal Data”, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section ‎5 of this Privacy Policy “Data Sharing – Categories of Recipients We Share Personal Data With” details and discloses the categories of third-parties we share Personal Data with for business purposes. Section ‎8 of this Privacy Policy “Privacy Rights” details and discloses your rights, including where shared or sold for targeted advertising.

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete your Personal Data. If the request is submitted by someone other than you, proof of authorization (such as power of attorney or probate documents) will be required.

We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and we will provide a notification of the extension within the first 45 days. If we refuse to take action, you may appeal our decision within a reasonable period time by sending us an applicable notice at: privacy@liquidity.inc. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

ADDITIONAL INFORMATION FOR CONNECTICUT RESIDENTS

Under the Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respect to your Personal Data are described below.

"Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver's Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

“Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data. We do not process Sensitive Data.

Under CDPA, the Company is required to provide you with a clear and accessible privacy notice that includes: categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.

We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45-day response period, together with the reason for the extension.

If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. Our notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

ADDITIONAL INFORMATION FOR VIRGINIA RESIDENTS

Under the Virginia Consumer Data Protection Act, as amended (“VCDPA”) if you are a resident of Virginia acting in an individual or household context (and not in an employment or commercial context), you have certain rights with respect to your Personal Data, as described below.

"Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable natural person, and does not include publicly available information that is lawfully made available from government records, that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; Information excluded from the VCDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver's Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

“Sensitive Data” under the VCDPA means data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status; the processing of genetic or biometric data for the purpose of uniquely identifying a natural person; Personal Data collected from a known child; and precise geolocation data. We do not process Sensitive Data

The VCDPA requires the Company to disclose the categories of Personal Data processed, purpose of processing, how you can exercise your rights, including how a you may appeal our decision with regard to the consumer request, the categories of Personal Data shared with third parties and with whom, and if the Company sells Personal Data to third parties or processes Personal Data for targeted advertising.

We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and we will provide a notification of the extension within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by sending us an applicable notice at: privacy@liquidity.inc. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.

ADDITIONAL INFORMATION FOR UTAH RESIDENTS

Under the Utah Consumer Privacy Act (“UCPA”) if you are a resident of Utah, acting in an individual or household context (and not in a commercial or employment context) your rights with respect to your Personal Data are described below.

“Personal Data" means data which is linked or reasonably linkable to an identifiable individual, and does not include de-identified data and publicly available data or data that is processed not within the scope of UCPA.