Privacy Guidelines General

At Cerberux (“we”), your privacy is our priority. We recognize the importance of keeping your information confidential, secure, and private. This Privacy Guideline is intended to assist you in understanding whether and how to use the Service, and it outlines how we gather, retain, and utilize information from individuals who use the Service.
 

Information Use Consent

This Guideline is a legally enforceable contract between you (“you” or “user”) and us. By visiting, accessing, or using the Website or App, or providing information to us in any other manner, you agree to and accept the terms of this Privacy Guideline, as it may be updated from time to time, and you consent to the gathering and use of information as outlined in this Guideline. We urge you to review this Guideline carefully and to refer to it periodically to ensure you understand it and any subsequent modifications. If you do not agree with the terms of this privacy guideline, please discontinue use of the service immediately and uninstall where applicable.

The definitions in the Terms and Conditions apply to this Privacy Guideline unless otherwise stated. In addition to this guideline, please review our terms and conditions and cookie policy which are incorporated herein by reference, along with any other policies of which you may be notified by us from time to time.

What Kind of Information Do We Gather? 

We gather two categories of data and information from you: (1) Non-Personal Data – We collect certain non-personally identifiable data (“Non-Personal Data”), such as your estimated geo-location, your web request, browser type, browser language, web pages you visit before or after visiting our Website or using the App, URLs, platform type, click numbers, landing pages, viewed pages and the order of those pages, and time spent on pages. This data is gathered and retained for security purposes and so that we can audit and statistically monitor usage, audit our affiliates, and calculate payments to third parties. “Cookies” - Non-Personal Data is gathered, among other methods, through the use of cookies, so when accessing or using the Website, we may use one or more cookies. Cookies are small text files, placed on a user’s device, which enable a website to remember user preferences. Detailed information about cookies and how we use them on the Website and other websites implementing our web tools may be found in our Cookie Policy, which also describes how you can disable cookies or control them. Web Beacons - We also utilize a software technology called “clear gifs” (also known as Web Beacons). Web Beacons are small pieces of code placed on a website to monitor the behavior and collect data about the visitors viewing a web page. For instance, web beacons can be used to count the users who visit a web page or to deliver a “cookie” to the browser of a visitor viewing that page. (2) Personal Data - “Personal Data” is data that may be of a private or sensitive nature, including your name, gender, phone number, e-mail address or mailing address, payment information and IP address. We collect your IP address as part of your use of the Service. We also collect the following Personal Data from you when you create an account (“Account”) on the Website which is required to access certain parts of the Service: your full name, email address, password, and phone number. You are not obligated to provide us with this data in order to use the service. If you choose to provide us with this data, we will retain it in our records and process it only in accordance with the provisions of this Privacy Guideline. Please refer to the Who Else Receives this Data? section of this Privacy Guideline to learn about sharing of Personal Data. As an alternative, you are also able to create an Account using your credentials with a designated third party website or service. Doing so will enable you to login to your Account via your Third Party Account. If you choose this option, a Third Party Account pop-up box will appear at the time of creating your Account which you will need to approve in order to proceed with the Account opening, and which will describe the types of data that we will obtain from and the types of activities that we may perform in connection with your Third Party Account. Such data may include (but not be limited to) your Personal Data stored on this Third Party Account, such as your user name, email address, profile picture, gender, date of birth and any other data which you have chosen to make profile on such Third Party Account. Please note that once your Account has been opened, the Personal Data we have access to via a Third Party Account is also dependent on your individual privacy settings in such Third Party Account and any privacy policies which are maintained by the providers of such Third Party Accounts. We treat any Non-Personal Data which is specifically connected or linked to any Personal Data as Personal Data. We gather and process the Personal Data mentioned above based, where applicable, on your consent, where the processing is necessary for the execution of a contract between you and us or where the processing is necessary for the purpose of achieving a legitimate interest pursued by us.
 

What is the Reason for Gathering this Data? 

To access our services, users may be asked to complete a form, providing some personal data to us. Responses to questions on Personal Data are not required unless the fields are marked with an asterisk. Providing the data requested in the optional fields of the registration form is not required in order to receive the services and information that we provide through the Site (unless otherwise indicated in the registration form). However, failure to fill in mandatory fields or providing incorrect Personal Data may prevent us from fully providing the requested information or services. Please note that you are under no legal obligation to provide us with your Personal Data, however you may not be able to enjoy our services or access the Site if you fail to do so. The gathering and processing of Personal Data is aimed at providing you with the Service (including setting up your account), to send you marketing offers on products or services we think may be relevant to you, and to fulfill other purposes as provided in this privacy guideline. Non-Personal Data is gathered for research and statistical purposes, to enable us to develop, customize and improve the Service, based on your preferences, usage and interactions with the Service, to process your requests for information, and to provide you with the most relevant services and offers. We use cookies in conjunction with third parties to gather user data. Your Personal Data is gathered to enable us to provide you with features, capabilities, offers and marketing materials we or our marketing partners think you may be interested in. In addition to the above, your Personal Data allows us to provide you with technical assistance and support.

Who Else Has Access to this Data? 

We may distribute or transfer data, including Personal Data, internally, for the objectives outlined above. These companies may be situated in countries that may offer a different level of privacy protection than in your jurisdiction. We also distribute Personal and Non-Personal Data with trusted third parties, when this is necessary to provide, maintain or enhance our services and operation. This is the case with third party advertisements and affiliates; we distribute your data with third parties for the purpose of providing you with advertisements and offers we or third parties think you may find interesting. These third parties may be situated in countries that may offer a different level of privacy protection than in your jurisdiction. We distribute your Personal and Non-Personal Data with (i) third parties which provide services to us in order to enable us to provide you with our Service, including analytics, email services providers and data verifiers; (ii) third parties who provide services to us in relation to the operation of the Website; (iii) any auditors, contractors or other advisers auditing any of our business processes; and (iv) any potential purchasers or investors. If you choose to open a member card, other users of the Website may be able to view the following personal data about you (to the extent that you have provided it to us): your name, picture and general geographic location (country). If you have chosen to share Personal Data with us through one of our forms, we may distribute it with any or all of our third party providers, which may provide you with a loan offer. Please note that this third party may be considered a “controller” of your Personal Data and the processing of such Personal Data will be subject to such provider’s privacy policy. Any processing performed by any of our third party service providers (“Recipients”) will, where required by law, be governed by a data processing agreement in the form required by law, preserving any and all of your statutory data protection rights and obligating the Recipients to respect the Personal Data and handle it in accordance with the relevant laws. If a Recipient is located outside the EEA, we will transfer your data only to such countries as approved by the European Commission as providing adequate level of data protection, or ensure that the legal agreements governing the data transfer provide an adequate level of data protection. The Recipients are required to maintain the confidentiality of such information and to use your Personal Data only in the course of providing the aforementioned services and only for the purposes that we dictates. We may also distribute your Personal Data and other data in special cases if we have a good reason to believe that it is necessary to: (i) comply with law, regulation, subpoena, request by an applicable authority or court order; (ii) detect, prevent or otherwise address fraud, security, violation of our policies or technical issues; (iii) enforce the provisions of this Privacy Guideline or any other agreements between you and we, including investigation of potential violations thereof; or (iv) protect against harm to the rights, property or our safety, its partners, its affiliates, users or the public. When you use our website, we distribute data that we collect from you, such as your email (in hashed form), IP address or data about your browser or operating system, with our identity partners/service providers. These partners return an online identification code that we may store in our first-party cookie for our use in online, in-app, and cross-channel advertising and it may be distributed with advertising companies to enable interest-based and targeted advertising.

Advertisements 

We may employ a third-party advertising technology to deliver advertisements when you visit the Site. This technology utilizes your data with respect to your use of the Services to deliver advertisements to you (e.g., by placing third-party cookies on your web browser). You may opt-out of numerous third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information about this practice by NAI and DAA members, and your choices regarding having this data used by these companies, including how to opt-out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/. 
 

Direct Marketing

We may distribute your full name, email address and phone number with certain broker(s) (the “Broker”) in the event that you have granted permission to receive promotional materials from such Broker at the time of registration. The Broker may periodically use your full name, email address and phone number for the purpose of providing you with promotional materials if your permission was granted at the time of registration and you have not unsubscribed at a later time in accordance with the provisions hereof. At any time, you may request to stop receiving these offers or Cerber marketing emails by clicking on the unsubscribe link in the email’s footer. If you unsubscribe we will remove your full name, email address and phone number from our marketing distribution lists and from any future lists we may distribute with the Broker. However, you may need to also separately unsubscribe from marketing offers sent by the Broker. Please note that in order to send you promotional materials, the Broker may assign you with a username and password which will allow you access to the Broker’s site through an account. You may contact the Broker at any time to remove the account. 

User Rights and Retention 

You have the right to access, correct, update or object to the use of your Personal Data by making a written request to us by using our Contact Us page. Your requests will be handled in a prompt and professional manner and in accordance with applicable law.
 

For EU users:
 

Legal Grounds for Processing 

Processing of Personal Data is necessary for the fulfillment of our contractual obligations towards you and providing you with our services, to safeguard our legitimate interests and to comply with our legal obligations. Where we depend on your consent to process your Personal Data, you have the right to withdraw or decline consent at any time – However, if we have distributed your Personal Data based on your consent, you would need to address the entity with whom your data was distributed to withdraw your consent. Where we depend on our legitimate interests to process your Personal Data, you have the right to object. If you have any questions about or need further information concerning the legal grounds on which we gather and use your Personal Data, please contact us through the contact details available below. Since we operate globally, it may be necessary to transfer data, including Personal Data, to countries outside the European Union. In these instances, we will transfer your data only to such countries as approved by the European Commission as providing adequate level of data protection or enter into legal agreements ensuring an adequate level of data protection. Please note that the following rights specifically apply regarding your personal data: (1) Receive confirmation as to whether or not personal data concerning you is being processed, and access your stored personal data, together with supplementary information; (2) Receive a copy of personal data you directly volunteer to us in a structured, commonly used and machine-readable format; (3) Request rectification of your personal data that is in our control; (4) Request erasure of your personal data; (5) Object to the processing of personal data by us; (6) Request to restrict processing of your personal data by us; (7) Lodge a complaint with a supervisory authority. If you wish to exercise any of the abovementioned rights or raise a complaint on how we have handled your Personal Data, please contact us directly at: support@uxcerber.com. 
 

Cerberux Privacy Notice for California Residents 
 

Last Revised: February 8, 2024
 

Introduction 

This notice (“Privacy Notice”) addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. Code §§ 1798.100–1798.199) and the California Consumer Privacy Act Regulation by the Attorney General (collectively, “CCPA”). Any terms defined in the CCPA have the same meaning when used in this Privacy Notice. Cerberux (“we”, “us”, “our”) provides disclosures for the 12 months preceding the date the Privacy Notice was last revised, as required by the CCPA vis-à-vis California residents. This Privacy Notice outlines our practices with respect to the data we gather from you when you use the cerberux website (www.uxcerber.com) and mobile app (“Service”), the manners in which we use such data and the choices available for you. By accessing, downloading or using our Service, you acknowledge that you have read and understood the terms of this Privacy Notice. If you disagree to any term provided herein, please do not install or use the Service. In addition to this policy, please also review our Privacy Policy and Terms and Conditions, which this Privacy Notice is incorporated thereto by reference, along with such other policies of which you may be notified of by us from time to time. In our Privacy Notice, you will learn about: • What Data We Process • Sources of Personal Data • Business/Commercial Purpose for Collection • Distributing Personal Data • Selling Personal Data • User Rights Under the CCPA • Non Discrimination • Do Not Track Signals • Record Keeping • Children’s Data • Updates or Amendments to the Privacy Notice • How to Contact Us.

If you have a visual disability, you may be able to use a screen reader or other text-to-speech or text-to-Braille tool to review the contents of this Privacy Notice.
 

What Data Do We Process? 

We may gather and process certain data that identifies an individual or may with reasonable effort identify an individual (“Personal Data”). We treat data that is specifically connected or linked to any Personal Data – as long as such connection or linkage exists – as Personal Data. We may also distribute Personal Data we have gathered with our service providers for a business purpose (as further detailed in “Business/Commercial Purpose for Collection” section below), subject to a contract that describes the purpose and restricts the use of Personal Data distributed, or with other third parties for a commercial purpose, which may be considered a sale under the CCPA, as detailed in the following chart: In the 12 preceding months, we have gathered, distributed and/or sold the following categories of Personal Data: Category of Personal Data Gathered Personal Data Gathered Categories of service providers to whom Personal Data was distributed Categories of third parties to whom Personal Data was sold Identifiers Full name, email address, physical address, IP, social media credentials and identifiers Affiliate Companies Ad networks Data analytics providers Email and cloud providers Auditors and advisors Other users Ad networks Data analytics providers

Personal Data Categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)) Telephone number Affiliate Companies Email and cloud providers Auditors and advisors Protected classification characteristics under California or federal law Date of birth Affiliate Companies Data analytics providers Email and cloud providers Auditors and advisors Internet or Other Electronic Network Activity Information Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Affiliate Companies Ad networks Data analytics providers Email and cloud providers Auditors and advisors Ad networks Data analytics providers

Geolocation Data Approximate geolocation Affiliate Companies Ad networks Data analytics providers Email and cloud providers Auditors and advisors Ad networks Data analytics providers

We may distribute or transfer Personal Data to third parties as assets that are part of a merger, acquisition, bankruptcy or other transaction in which the third party assumes control of all or part of the Company. Such transfer will be handled according to the requirement of the CCPA and shall not be regarded as a sale of Personal Data under the CCPA. Sources of Personal Data In the 12 preceding months, we have gathered the above-mentioned categories of Personal Data from the following categories of sources: • Consumer directly; • Advertising networks; • Data analytics providers; • Operating Systems; • Social Networks;
 

Business/Commercial Purpose for Gathering 

We only gather and process Personal Data in a manner that is compatible with and relevant for the purpose for which it was gathered or authorized. As a general matter, for all categories of data we gather, we may use the data we gather (including Personal Data, to the extent applicable) to: • provide, operate, maintain, enhance, and promote the Service; • enable you to access and use the Service; • send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages; • send commercial communications, in accordance with your communication preferences, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions and events about us and our partners; and send other news or information about us and our partners. • monitor and analyze trends, usage, and activities in connection with the Service and for marketing or advertising purposes; • comply with legal obligations as well as to investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities; • personalize the Service, including by providing features, content or ads that match your interests and preferences; and • process for other purposes for which we obtain your consent. 
 

User Rights under the CCPA 

The CCPA provides consumers with specific rights regarding their Personal Data. This section describes your CCPA rights and explains how to exercise those rights. 
 

Access to Personal Data 

You may request, up to two times each year, that we disclose to you the categories and specific pieces of Personal Data that we have gathered about you, the categories of sources from which your Personal Data is gathered, the business or commercial purpose for gathering your Personal Data, the categories of Personal Data that we disclosed for a business purpose, any categories of Personal Data about you that we sold, the categories of third-parties with whom we have distributed your Personal Data, and the business or commercial purpose for selling your Personal Data, if applicable. 
 

Deletion Requests 

You have the right to request that we delete any Personal Data gathered from you and retained, unless an exception applies. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Data, unless an exception applies.
 

Exercising Your Rights 

You can exercise your rights (such as access and deletion) by submitting a verifiable consumer request to our email address: support@uxcertber.com. Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Data. The request must: • Provide sufficient information to allow us to reasonably verify you are the person about whom we gathered Personal Data or an authorized representative. • Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it. • We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. You may only request a copy of your data twice within a 12-month period. If you have any general questions about the Personal Data that we gather about you how we use it, please contact us at support@uxcerber.com. 
 

Response Timing and Format 

Our goal is to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing within the first 45 days’ period. We will deliver our written response, by mail or electronically, at your option. Any disclosures we provide will cover only the 12-month period preceding the request. If reasonably possible, we will provide your Personal Data in a format that is readily useable and should allow you to transmit the data without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. In case of rejection, the response we provide will explain the reasons for which we cannot comply with your request. Please note that these CCPA rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations.
 

Designating Agents 

You can designate an authorized agent to make a request under the CCPA on your behalf if: • The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and • You sign a written declaration that you authorize the authorized agent to act on your behalf. If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA. 
 

Non-Discrimination 

You have a right not to receive discriminatory treatment for exercising your privacy rights under the CCPA. Unless permitted by the CCPA, we will not: • Deny you goods or services. • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties. • Provide you a different level or quality of goods or services. • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. 
 

Record Keeping 

We will maintain records of consumer requests made pursuant to the CCPA and our responses to said requests for a minimum period of 24 months. Such information will be used for any other purpose other than records keeping requirements under the CCPA or other legal requirements such as law, court order, subpoena, warrant or other legal judicial process. Below are metrics about the number of requests we received and the median number of days it took us to respond to such requests: Type of Request Number of Requests Median Number of Days to Respond Right to Know Right to Delete Right to Opt-Out of a Sale 
 

Children’s Data 

Our Service is not intended for minors below the age of 16 years or otherwise below the legal age for providing consent that is not subject to authorization by the holder of parental responsibility, in accordance with the laws in the jurisdiction your reside (“Age of Consent”), and we will not knowingly gather Personal Data from children. If we become aware that a user is under the age of Age of Consent, we will remove their data from our files. We reserve the right to request proof of age at any stage so that we can verify that children are not using the Service. 
 

Updates or Amendments to the Privacy Notice 

We reserve the right to change this Privacy Notice at any time, so please re-visit this page frequently. We will provide notice of substantial changes of this Privacy Notice on the Service and/or we will send you an e-mail regarding such changes to the e-mail address that you volunteered. Such substantial changes will take effect seven (7) days after such notice was provided on any of the above-mentioned methods. Otherwise, all other changes to this Privacy Notice are effective as of the stated “Last Revised” date, and your continued use of the Service after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes. 
 

How to Contact Us 

If you have any questions (or comments) concerning this Privacy Notice, you are welcome to contact our Data Protection Officer here: support@uxcerber.com We will make an effort to reply within a reasonable timeframe. Please feel free to reach out to us at any time.
 

For Brazilian users: 

The processing of your personal data is not a requirement for the use our Service. However, certain parts of our Service may not be accessible without processing of personal data. If you reside in Brazil, under the Brazilian Data Protection Law (Lei Geral de Proteção de Dados) you have the following rights regarding your Personal Data: (1) Receive confirmation as to whether or not Personal Data concerning you is being processed; (2) Access to your stored Personal Data; (3) Request correction of incomplete, inaccurate or out-of-date Personal Data; (4) Request anonymization, blocking or deletion of unnecessary, excessive Personal Data; (5) Request data portability to another service provider or product, upon express request, as may be provided by the appropriate law; (6) Request deletion of Personal Data processed with your consent; (7) Obtain information about the public or private entities with whom we share your Personal Data; (8) Request information on the possibility of you not providing consent, as well as being informed about the consequences should consent not be given; (9) Revocation of your consent. If you wish to exercise any of the abovementioned rights or raise a complaint on how we have handled your Personal Data, please contact us directly at: support@uxcerber.com. We will retain your personal data for the duration required to provide our Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of data that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused data at the earliest reasonable time. Under applicable regulations, we will keep records containing personal data, communications and anything else as required by applicable laws and regulations. We may rectify, replenish or remove incomplete or inaccurate data, at any time and at our own discretion. 
 

Security and Confidentiality 

We treats your Personal Data in strict confidentiality, and the server in which this data is to be stored includes the necessary industry-standard security measures to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. However, we cannot completely guarantee the security of your data, which might be accessed, disclosed, modified, or destroyed, and it should be emphasized that you share this data at your own risk. 
 

Links to Other Websites 

This Privacy Policy applies only to the Service, and to our web tools which are integrated or implemented in other third party websites. The Policy does not apply to third party websites, linked to our Website. Third party websites or services may have their own privacy policies and we advise you to read them carefully. Inclusion of a link to a third party website or service is not a recommendation of such a website or service. Third party sites may contain information or services that are illegal or that some people may find inappropriate or offensive. Before using third party sites and services or before making a purchase, we recommend that you read and understand the privacy policies and terms and conditions of such third party websites and services, and the warranties for purchased products. You are knowingly and voluntarily assuming all risks of using third party sites to purchase products and services. You acknowledge and agree that we shall have no liability whatsoever with respect to such third party sites and your use of them.
 

Transfer of Data 

Subject to applicable law, we may distribute or assign your data, without any notice, and without a need to receive your consent, to any third party as a result of change of control, consolidation, merger, acquisition or reorganization. You acknowledge that in the event of bankruptcy, insolvency or receivership, we may have no control over the use and distribution of your Personal Data.
 

Updates to this Policy 

This Privacy Policy is subject to modifications. Please check the “Last Modified” heading at the bottom of this document to see when this Privacy Policy was last updated. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on the Website. In case of material changes to this Privacy Policy, we will provide a notice on the Website. Your use of the Website or the Service, or your provision of personal data following any changes means that you accept the updated Privacy Policy.