Privacy
Policy

Updated November, 2023

PRIVACY POLICY

Last Update November 2023.

Liquidity Capital M.C. Ltd. ("Company", "we", "us" or "our") respects your privacy and recognizes that your privacy is important.

This privacy policy ("Privacy Policy") explains the Company's practices regarding the collection, processing, usage and transfer of Personal Data, that are applicable towards any visitor of our website ("Visitor"), as well as upon registration, access and use of our Platform (as defined under our Terms & Conditions) by any third party engaged with us for such purpose and any individual on itsbehalf ("Platform Users"). Visitors and Platform Users will be further referred to as "you" or "user".

This Privacy Policy also provides the required information regarding your rights related to your Personal Data processed by us, under applicable privacy and data protection legislation and including under the EU and the UK General Data Protection Regulation (collectively "GDPR")and various US states, as further detailed below.

In the event you are a Colorado or California resident (and the CCPA applies to you) – please make sure to review our CCPA Privacy Notice to learn more about our privacy practices with respect to theCCPA.

You are not required by law to provide us with any Personal Data, however, please note that some of our Services (as defined under our Terms & Conditions) require the processing of certain Personal Data and without such data we may not be able to provide you with all or part of the Services.

Additional Notice to California Residents: In the event you are a California resident – please review our CCPA Privacy Notice to learn more about our privacy practices with respect to the California Consumer Privacy Act.

Additional Notice to Colorado, Virginia, Connecticut, or Utah Residents: In the event you are a resident of one of these US states – please also review Section 13 below, "Jurisdiction-Specific Notices" to learn more about our privacy practices and your rights under the privacy and data protection legislation which applies in these states.

‍

1. Data Controller, Data Protection Officer & Representative

Liquidity Capital M.C. Ltd., incorporated under the laws of the State of Israel, is the “Data Controller” (as such term is defined under the GDPR or equivalent privacy legislation) of the Personal Data collected from Visitors and Platform Users with regards to their registration and use of the Service.

If you have any questions, inquiries, requests, or concerns related to this Privacy Policy or the processing of your Personal Data, you may contact us and our privacy team as follows:

● By Email - to our Data Protection Officer at privacy@liquidity.inc; or

● By Mail: Derech Menachem Begin 154, Tel Aviv-Yafo (Attention: Data Protection Officer).

EU Data Protection Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase Personal Data). If you want to contact us via our representative - Prighter, or make use of your data subject rights, please visit the following website: https://prighter.com/q/13356608436

‍UK Data Protection Representative

Liquidity Capital UK Limited, which you may contact at: privacy@liquidity.inc

2. The Data We Collect & Our Lawful Basis for Processing Your Personal Data

Depending on your interaction with us, meaning if you browse our website, or register and use the Platform or Services, we collect two types of data:

"Non-Personal Data" means information which does not identify a specific natural person and cannot reasonably be used for such identification. We collect Non-Personal Data regarding use of the website and Platform, such as the scope, frequency, latency, pages accessed and viewed, time, and date stamp, interactions with content and materials displayed through our website, language preference, and other technical information regarding the device used to access the website, for example type of device, type of browser, operating system, etc. This data is considered as Non-Personal Data when collected on an aggregate basis, or otherwise not combined with online identifiers.

Also, we may sometimes process and anonymize or aggregate Personal Data and identifiable information in a manner that shall create a new set of data that will be Non-Personal Data. Such a new data set can no longer be associated with any identified natural person.

We may use Non-Personal Data without limitation and for any purpose, including for commercial, research, or statistical purposes, in order to maintain and develop our website and Platform, including among others, for ensuring the technical functioning of our website and Platform, to help prevent fraudulent use of the website and Platform, etc.

"Personal Data" meaning, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual. This may include online identifiers, first and last name, email address, etc.

If we combine Personal Data with Non-Personal Data, we will treat the combined data as Personal Data.

We have included in the table below information about the types of Personal Data processed, how we process and use Personal Data, the lawful basis for which we do so subject to the GDPR and processing operations.

‍

Type of Data

Purpose of Processing & Operation

Lawful Basis

Data Collected Upon Registration and Use of Our Platform
‍If you choose to use our Platform you will be required to provide us with your full name and email address (for signing-up), as well as information related to the entity you sign up on its behalf (i.e., company name, your position, etc.). In addition, we will process email address of additional users, where provided by the Platform Users, for example, where using the “invite friend” feature, adding authorized users, etc. If you choose to sign in through your social media accounts (e.g., LinkedIn, Facebook or Google account), we will be provided with your email address related to such account as well as information you have made public (such as profile picture, etc.).

We will collect, store and use this information for the purpose of designating your account, and enabling the login process and access to the Platform.

We will further use your contact details in order to send you the required information related to the Services (i.e., operational messages) as well as marketing materials related to our Services (i.e., direct marketing).

Our lawful basis for processing this data is the performance of our contract with you – meaning, to enable the use of the Platform. Processing for direct marketing purposes is based on our legitimate interest. You may opt- out at any time through the “unsubscribe” link within the email or by contacting us directly. Please note that if you opt-out we will not send you our marketing materials however we will continue to send you operational related communications.

Data Uploaded to the Platform or Collected in the Course of a Due Diligence Process
In the course of a due diligence, in the event initiated by the Company, and solely where explicitly requested by the Company Platform Users may share Personal Data related to the assessed entity’s shareholders, clients, employees, agents, suppliers or other stakeholders, as follows: Information related to the assessed entity's shareholders, directors, and officers: this may include name, address, email, phone number, title, position, date of birth, governmental identification number, ownership, and interests inthe assessed entity or other related entities, financial information (such as salary, compensation, dividends, etc.), as well as supporting documentation such a identification documents and utility bill, and information related to legal proceedings or administrative proceedings against the aforesaid individuals (in their capacity as such). Information related to the assessed entity’s employees, contractors, and agents: this mainly includes employment-related terms such as salary, social benefits, allocated options, etc., as well as position and job title. Information related to the assessed entity’s suppliers: this mainly includes information referenced in agreements or other engagements and transactions and transactions related documentations (e.g., invoices) and for example, name, contact details (e.g., email and phone number), bank account details, transactions made, etc. Public information: we may collect and use Personal Data that has been made public as a result of steps taken by the assessed entity’s related individuals or by legal authorities for validation and qualification purposes, subject to applicable laws.

We will collect, store and use this information for the purpose of evaluating the request for financing, qualification and validation (for example, as part of a KYC or AML compliance process and evaluation), as well as managing and facilitating the related interaction, due diligence process, and engagement. Platform Users hereby represents and warrants that: (i) it will not provide Personal Data in excess of the information requested by the Company (if any); (ii) subject to law’s requirements, Platform Users provided the applicable individuals with the required notices, and where needed, obtained consent, for sharing the Personal Data with the Company for the purposes described herein.

Our lawful basis for the processing of this information as part of the due diligence process is based on our legitimate interests.

If we engage in a transaction agreement, we will further use this information where this is necessary for compliance with a legal or regulatory obligation to which we are subject (such as the anti-money laundering obligation) and retain copies of materials in respect thereof.

Some information might be provided where Platform Users enable the integration to third-party platforms, such as platforms enabling ongoing connection to bank accounts and other financial accounts. Any Information transferred to us is subject to your consent, according to the privacy settings you choose to apply on such third-party platforms. You should review the privacy policies or terms of service for those third party platforms for information about their practices, which is not under our control or responsibility.

Device Identifiers and Online Usage
When you interact with the website and use our Platform, we will collect online identifiers such as your Internet Protocol address (“IP”), Cookie-ID, etc., as well as other information that relates to your activity through the website and Platform, such as pages viewed, click stream data, login time and date stamp, etc. This data might be collected directly by us or by through our use of third parties' cookies.

Collection of device identifiers is needed for the following purposes:
‍
(i) Website and the Platform’s operation, security, and fraud detection purposes, and for example, when you login to our Platform, to detect and prevent fraudulent access;
‍
(ii) Internal statistics and analysis, for which device identifiers might be combined with usage data, for example, to analyze how many users have accessed certain content and from which country (where the country is extracted from the IP address) to enhance and improve our website and its content;

(iii) Marketing and advertising purposes.

Note that we do not attempt to analyze or determine your identity based on such information or otherwise combine it with any information such as your name or email address.

Our lawful basis for the processing this data for operation and security purpose is based on our legitimate interests..
‍
Where required under applicable laws, we will obtain your consent for the purpose of data collection through our use of third-party cookies for analytics and advertising purposes. In any such case, you may withdraw consent or change your preferences at any time by using the cookie settings tool available on our website.

Contact Communications
If you voluntarily contact us through any means of communications we make available (e.g., send us an email, or use any other online form available on our website or Platform), you will be requested to provide us with your contact information, such as your name, phone number, and email address.

We process your contact information solely for the purpose of contacting you, responding to your inquiries and provide you with the support or information you have requested. The correspondence with you may be processed and stored by us in order to improve our internal operation, as well as in the event we reasonably determine it is needed for future assistance or to handle any dispute you might have with us.

We process such data subject to our legitimate interest.

Newsletter & Updates Registration
‍In the event you sign up to receive our newsletter or other promotional materials, you will be requested to provide your contact details, such as email address.

We will use the information you provide in order to include you in our mailing list and to send you the materials you have signed up to receive.

Our lawful basis for the processing of this data is your consent. You may withdraw your consent at any time by clicking the “unsubscribe” link which will be included in the email we will send you. You may also contact us at: privacy@liquidity.inc and request to unsubscribe.

Job Applications
‍If you wish apply for any position posted on our website, you will be requested to provide certain information such as your name, e-mail address, phone number, and your CV. You may also choose to provide additional information such as recommendations from previous employers, your LinkedIn profile, etc.

‍For more information, please review our Candidate's Privacy Notice.

We collect and process this data in order to examine your resume in the context of managing our recruiting and hiring process. In addition, we will use such information to demonstrate compliance with corporate governance and legal and regulatory requirements.

Please note, in the event you send us your CV, your provision of Personal Data in connection with recruiting is voluntary, and you determine the extent of information you provide us. We do not request or require sensitive personal information concerning religion, health, sexual orientation, or political affiliation in connection with recruiting. If you are hired, the information may be used in connection with employment and corporate management.

Our lawful basis for processing of this data is our legitimate interest.

3. How We Collect Information

‍

Depending on the nature of your interaction with us, the website, and the Platform, we may collect information as follows:

· Automatically– we may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agents, etc.) to gather some information automatically.

· Provided by you or about you voluntarily – we will collect information if and when you choose to provide us with the information, such as through online registration, contact us communications, etc. all as detailed in this Privacy Policy.

‍

4. Cookies

When you access or use the website, we use “cookies” or similar tracking technologies, which store certain information on your device (i.e., locally stored).The use of cookies is a standard industry-wide practice. A “cookie”is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are used by us for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes, analytic purposes and advertising. You can find more information about our use of cookies here: www.allaboutcookies.org.

There are several types of cookies, and among others:

· Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling user movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, and protect user data from unauthorized parties). This category of cookies either cannot be disabled, or if disabled, certain features of the website may not work.

· Analytic, Measurement & Performance Cookies. These cookies are used to collect information about how users use our website, in order to improve our website, content, and the way we offer them, as well assess performance of the content and marketing campaigns. These Cookies enable us, for example, to assess the number of users who have viewed a certain age as well as their country of origin. It enables our website to remember information that changes the way it behaves or looks, such as your preferred language.

· Preference, Targeting & Advertising Cookies. These cookies are used to advertise across the internet and to display relevant ads tailored to users based on the parts of the website they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage)

The third-party cookies we currently use and their category are listed under the Cookie List

You may opt-out of cookies or change your preferences at any time by using the cookies setting tool available on our website.

Also note that most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Please note that once you choose to opt out or disable cookies, some features of the website may not operate properly and your online experience maybe limited.

Where we use third-party advertising cookies, such third-party may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of our advertising campaign you interacted with. These third parties collect and use this information under their own privacy policies, and are responsible for their practices.

‍

5. Data Sharing – Categories of Recipients We Share Personal Data With

We share your Personal Data with third parties, including with trusted partners or service providers that help us to manage our business operations, website, etc. You can find here information about the categories of such third-party recipients.

‍

Categories of Recipients

Additional Information

Our Affiliated Companies

We may share Personal Data with our affiliated companies and subsidiaries in order to provide joint services, for example, marketing, customer support, recruitment, etc. We may further share certain types of Personal Data about you as may be necessary to help detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches.

Our Service Providers

We share your Personal Data with our trusted service providers and business partners who perform business operations for us on our behalf (as data processors) and pursuant to our instructions. This includes the following categories of service providers:
●   Advertising and marketing service providers, who help us with advertising measurements, email marketing, etc.;
●   Data storage providers, with whom we entrust the hosting and storage of our data;
●    Customer support providers, who help us perform such functions as customer support and customer service;
●     Data analytics and data management providers, who help us improve, personalize, and enhance our operation;
●     Data security partners, who help us detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches and ensure compliance with legal obligations.

Legal and Law Enforcement

We may disclose certain Personal Data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

Corporate Transactions

In the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale) we will share the Personal Data we store with our acquiring company.
‍
We will obligate the acquiring company to assume the rights and obligations as described in our Privacy Policy.

Where we share Personal Data with service providers and partners, we ensure they only have access to such information that is strictly necessary in order for us to provide the services of fulfill the purpose for which data was shared. These parties are required to secure the Personal Data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with applicable data protection regulations (note that, such service providers may use other Non-Personal Data for their own benefit).

‍

6. Cross-Border Data Transfer

Due to our global business operation, we may store or process your Personal Data in several territories, including, for example in Israel, the UK, EU, US or in other countries. Thus, your Personal Data may be transferred to and processed in countries other than the country from which you accessed our websites or otherwise the country of your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. Where Personal Data collected from within the EU or UK, is being transferred outside such territories to countries which didn’t receive an adequacy decision on behalf of an authorized authority (such as the EU Commission), we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union or the UK Information Commissioner’s Office. Thus, we will obtain contractual commitments or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well-recognized certification schemes.

7. Data Retention

We retain the Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.

In certain circumstances, we will retain your Personal Data for longer periods of time and mainly:

· Where we are required to retain Personal Data inaccordance with legal, regulatory, tax, or accounting requirements;

· Where we deem retention is necessary to obtain an accurate record of your dealings with us in the event of any complaints orchallenges; or

· If we reasonably believe there is a prospect of litigation relating to your Personal Data.

8. Privacy Rights

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your Personal Data. Depending on your relationship with us (e.g., if you are a Visitor of our website or a Platform User), your jurisdiction, and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

The table below details some of the principal rights that may apply to (subject to your jurisdiction and additional conditions), how you can exercise them and appeal a decision we take in this regard:

Right to Be Informed

You have the right to be provided with information regarding our Personal Data collection and privacy practices. All this is detailed under this Privacy Policy. If you have any additional questions, please contact us at: privacy@liquidity.inc.

Right to Know, Access Rights

You have the right to confirm whether we collect Personal Data about you and to know which Personal Data we specifically hold about you, and receive a copy of such or access it.

Right to Correction/Rectification

You have the right to request the updating of Personal Data that is not correct, taking into account the nature of the processing and the purposes. At any time, you may correct certain Personal Data included in the Platform account information by logging in to your account.

Right to Be Forgotten, Right to Deletion

You have the right to request the erasure of certain Personal Data if specific conditions are satisfied. This right is not absolute. We may reject your request under certain circumstances, including where we must retain the data in order to comply with legal obligations or defend against legal claims, other legitimate interests such as record keeping with regards to our engagements, completing transactions, providing aa good or service that you requested, taking actions reasonably anticipated within the context of our ongoing business relationship with you, fulfilling the terms of a written warranty, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, or prosecuting those responsible for such activities; debugging products to identify and repair errors that impair existing intended functionality; exercising free speech, ensuring the right of another consumer to exercise their free speech rights, or exercising another right provided for by law; and engaging in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
‍
You do not need to create an account with us to submit a deletion request.

Right to Restriction of Processing

You may be entitled to limit the purposes for which we process your Personal Data if one of the following conditions are satisfied: where the accuracy of the Personal Data is contested by you, for a period enabling us to verify the accuracy of the Personal Data; where the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead; where we no longer need the Personal Data for the purposes of the processing, but we are required by you to retain it for the establishment, exercise or defence of legal claims; where you objected to processing (as detailed below) pending the verification whether our legitimate grounds override your request.

Right to Data Portability

You have the right to get a copy of your Personal Data in a portable format and, to the extent technically feasible, readily usable format that allows you to transmit the Personal Data to another entity without hindrance. We will select the format in which we provide your copy.

Right to Withdraw Consent or Opt-Out (Object) Under the GDPR, and Specifically in the US the Right to Opt-Out From:
(i) Selling Personal Data;
(ii) Targeted Advertising;
and (iii) Profiling & Automated DecisionMaking

When the lawful basis for processing your Personal Data is your consent, you may withdraw such consent at any time. For example, you may unsubscribe at any time from our mailing list. You further have the right to object to the processing of Personal Data, in the event the basis for processing is our legitimate interests. However, we will be permitted to continue the processing if our legitimate interests override your rights, or when processing is necessary to establish, exercise, or defend a legal claim or right. You have the right to opt-out from direct marketing, if applicable, by unsubscribing through the email received. We do not profile you in a manner that has a significant effect on you or other consumers, therefore there isn’t an opt-out option. We do not “sell” or “share” information as most people would commonly understand that term. We do not, and will not, disclose your Personal Data in direct exchange for money or some other form of payment; however, we do share Personal Data for analytic and marketing purposes, including targeted advertising, when we promote our website or services. In most cases we obtain Personal Data collected automatically from our website and your actions therein through our use of cookies, and do not combine it with your actions on other websites, however, our third-party partners might do so, whenproviding analytic or advertising services to us. You have the right to opt-out ofthe “selling” or “sharing” of your Personal Data for “cross-contextualbehavioural advertising”, or “targeted advertising”, often referred to as “interest-based advertising” as well. You can exercise these rights by using the cookies setting tool available on our website. You are able to install privacy-controls in the browser's settings to automatically signal the opt-out preference to all websites you visit (such as the “Global PrivacyControl”).In any event, please keep in mind that opt-out tools are limited to the browser or device you use because they work off your browser ID and device ID and, accordingly, you will need to opt-out on each browser and device you use. Your browser may save some information in its cookies and cache to maintain your privacy preferences. Clearing these may remove opt-out preferences, requiring you to opt-out again.

Right To Appeal or Lodge Complaint

If we decline to take action on your request, we will inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable.

Under the GDPR you have the right to lodge a complaint with the applicable Data Protection Authority in the EU or the Information Commissioner in the UK.

Non-Discrimination

Denying a good or service, providing a different level or quality of service, or charging different prices. We do not discriminate against our Visitors or Platform Users, but we reserve the right to deny a good or service, provide a different level or quality of service, or charge different prices, all subject to applicable laws.

For additional information on your rights and how to exercise your rights, please see the Data Subject Request (“DSR”) form available HERE, and send it to our privacy team at: privacy@liquidity.inc.

If you are an EU resident, you may also submit the request to exercise your right to our EU Data Protection Representative, Prighter Group, at https://prighter.com/q/13356608436

Where we are not able to provide you with the information for which you have asked, we will endeavour to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisory authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.

9. Security

We take great care in implementing and maintaining the security of our website, our Platform, users' Personal Data. We employ industry-standard procedures and policies to ensure the safety of individuals’ information and prevent unauthorized use of any such.

We have implemented technical, physical and administrative security measures to protect the Personal Data we process. In addition, we limit access to Personal Data stored by us.

Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized accessor abuse our website and Platform, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.

Please contact us at: privacy@liquidity.inc, if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

10. Third Party Websites

Our Privacy Policy only addresses the use and disclosure of Personal Data we collect from you. To the extent that you disclose your Personal Data to other parties via the website (e.g., by clicking on a link to any other website or location), different rules may apply to their use or disclosure of the Personal Data you disclose to them, and this Privacy Policy does not apply to any such third-party products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.

‍
11. Children’s Data

The website and the Platform are not intended for individuals under the age of eighteen (18). Accordingly, we do not knowingly solicit Personal Data from or market to children as defined underapplicable law. We request that such individuals do not provide Personal Data. If you become aware or have any reason to believe that a child has shared any Personal Data with us, please contact us through the means of contact detailed herein.

12. Changes and Updates

We reserve the right to change this Privacy Policy at any time, so please re-visit this page frequently. In the event of any substantial change of this Privacy Policy, we will make reasonable efforts to post a clear notice on the website, and obtain your consent where required under applicable. Changes to this Privacy Policyare effective as of the stated “Last Updated” date and your continued use thereafter will constitute acceptance of, and agreement to be bound by, those changes.

13. Jurisdiction-Specific Notices

ADDITIONAL INFORMATION FOR COLORADO RESIDENTS

This section applies to Colorado residents acting only as an individual or household context (and not i a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context).Pursuant to the Colorado Privacy Act (“CPA”) please see below the disclosure of the categories of Personal Data that arecollected or processed, the purposes, how consumers can exercise their rights, and appeal such decision, categories of third-parties the controller shares or sells the Personal Data, orsells the Personal Data for advertising and how to opt-out.

“Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, National Security Exchange Act of 1934, higher education data and employment data.

“Sensitive Data” under the CPA means: racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; genetic or biometric data that can be processed to uniquely identify an individual; or child data. We do not process Sensitive Data.

In Section 2 of this Privacy Policy, “The Personal Data We Collect& Our Lawful Basis for Processing Your Personal Data”, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy “Data Sharing – Categories of Recipients We Share PersonalData With” details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy, “Privacy Rights” details and discloses your rights, including where shared or sold for targeted advertising.

Only you, or someone legally authorized to act on your behalf, may make a request to know or deleteyour Personal Data. If the request is submitted by someone other than you,proof of authorization (such as power of attorney or probate documents) will be required.

We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and we will provide a notification of the extension within the first 45 days. If we refuse to take action, you may appeal our decision within a reasonable period time by sending us an applicable notice at: privacy@liquidity.inc. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver your written response by mail or electronically, at your option. You do not need to create an account to submit a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

ADDITIONAL INFORMATION FOR CONNECTICUT RESIDENTS

Underthe Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respectto your Personal Data are described below.

"Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable individual and does notinclude publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or informationexcluded from the CDPA scope, such as: HIPAA, GBPA, non-profit entities, highereducation, employment data and FCRA, Driver's Privacy Protection Act of 1994,Family Educational Rights and Privacy Act, Farm Credit Act.

“Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition, or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data. We do not process Sensitive Data.

Under CDPA, the Company is required to provide you with a clear and accessible privacy notice that includes: categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categoriesof Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.

In Section 2 of this Privacy Policy “The Personal Data We Collect& Our Lawful Basis for Processing Your Personal Data”, we describe ourcollection and processing of Personal Data, the categories of Personal Datathat are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy “Data Sharing – Categories of Recipients We Share PersonalData With” details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy “PrivacyRights” details and discloses your rights, including where shared or sold for targeted advertising. Note, under CDPA consent can be withdrawn within 15-days of notice at any time.

We Shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45-day response period, together with the reason for the extension.

If We decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. Our notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at this link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

ADDITIONAL INFORMATION FOR VIRGINIA RESIDENTS

Underthe Virginia Consumer Data Protection Act, as amended (“VCDPA”) if you are aresident of Virginia acting in an individual or household context (and not in an employment or commercial context), you have certain rights with respect to your Personal Data, as described below.

"Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable natural person, and does not include publicly available information that is lawfully made available from government records, that a consumer has otherwise made available to the public; de- identified or aggregated consumer information; Information excludedfrom the VCDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA,Driver's Privacy Protection Act of 1994, Family Educational Rights and PrivacyAct, Farm Credit Act.

“SensitiveData” under the VCDPA means data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status; the processing of genetic or biometric data for the purpose of uniquely identifying a natural person; Personal Data collected from a known child; and precise geolocation data. We do not process Sensitive Data

The VCDPA requires the Company to disclose the categories of Personal Data processed, purpose of processing, how you can exercise your rights including how a you may appeal our decision with regard to the consumer request, the categories of Personal Data shared with third parties and with whom, and if the Company sells Personal Data to third parties or processes Personal Data for targeted advertising.

In Section 2 of this Privacy Policy “The Personal Data We Collect& Our Lawful Basis for Processing Your Personal Data”, we describe ourcollection and processing of Personal Data, the categories of Personal Datathat are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories ofPersonal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy “Data Sharing – Categories of Recipients We Share PersonalData With” details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy “PrivacyRights” details and discloses your rights, including where shared or sold for targeted advertising. Note, under CDPA consent can be withdrawn within 15-days of notice at any time.

We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45days when reasonably necessary, and we will provide a notification of the extension within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period of time by sending us an applicable notice at: privacy@liquidity.inc. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive, or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

ADDITIONAL INFORMATION FOR UTAH RESIDENTS (EFFECTIVE AS OF JANUARY 2024)

Under the Utah Consumer Privacy Act (“UCPA”) if you are a resident of Utah, acting in an individual or household context (and not in a commercial or employment context) your rights with respect to your Personal Data are described below.

“Personal Data" means data which is linked or reasonably linkable to an identifiable individual, and does not include de-identified data and publicly available data or data that is processed not within the scope of UCPA.

In Section 2 of this Privacy Policy, “The Personal Data We Collect & Our Lawful Basis for Processing Your Personal Data”, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy “Data Sharing – Categories of Recipients We Share PersonalData With” details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy “Privacy Rights” details and discloses your rights, including where shared or sold for targeted advertising. Note, under CDPA consent can be withdrawn within 15-days of notice at any time.

‍

PrivacyPolicy

PRIVACY POLICY

Privacy
Policy