Privacy Statement

Effective September 21, 2022

CrashPlan Group LLC (“CrashPlan”) knows that you care about your personal data, and your privacy is important to us. This Privacy Statement describes the personal data we collect and how we use or share that data. It also explains your rights regarding our processing of your personal data.

This Privacy Statement applies to personal data collected by us through a CrashPlan website, in connection with our events, and sales and marketing activities, and from customers of our products and services where we act as a controller of the personal data. Please see our Applicant Privacy Statement for information on personal data we collect about job applicants.

This Privacy Statement provides the following information:

1. Personal data we collect
2. How we use personal data
3. When we share personal data
4. How long we retain personal data
5. When we transfer personal data internationally
6. How we secure personal data
7. Your privacy rights
8. Conditions of use, notices and revisions
9. Links to other sites
10. Personal data from children
11. How to contact us
12. CrashPlan affiliates
13. Personal data we collect The following are types of personal data we collect. The specific information we collect will depend on how you interact with CrashPlan.

Data you provide to us. We collect personal data directly from you when:

• You enter information on our website or send to us electronically (including information you choose to provide when completing any ‘free text’ boxes in our forms) to express interest in obtaining additional information about our products and services, sign up for a webinar, event or contest, download certain content or submit survey responses.
• You attend one of our events.
• You engage with sales representatives, including during phone calls.
• You contact customer support.
• You post on our message boards, chat features, blogs and other CrashPlan services to which you are able to post information and materials.
• You visit our offices and register as a visitor.

The personal data you provide directly to us may include your name, address, telephone number, email address, billing information, job title, department or job role, as well as the nature of your request or communication. You can choose not to provide some information, but doing so may limit our ability to communicate with you or fulfill your requests.

Data we collect automatically. When you interact with our website or receive electronic communications from us, we automatically collect information, including:

• Information about your device and network. This includes information about the specific device you are using, such as the hardware model, operating system version, web browser and your Internet Protocol (IP) address/MAC address/device identifier.
• Information through cookies, clear GIFs, pixel tags and other similar technologies This includes statistics on your activities on the website, pages accessed and links clicked; information about how you came to and used the website; broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser; and confirmation when you open an electronic communication.

This data often does not reveal your identity directly. For additional information about our use of cookies and similar technologies, please read our Cookie Notice.

Data we receive from other sources. We receive information from third parties, such as channel partners, social media platforms, joint marketing partners, referral or commercial lead sources and other data providers. In certain circumstances, we will send you an email letting you know that we have received your personal data, the source of the data, and a link to this Privacy Statement.

1. How we use personal data We use personal data we collect for the following purposes:

• To provide products, services, or information you request. This includes fulfilling your requests for products or services, sending you information you have requested, and providing customer support.
• To communicate with you. This includes responding to your inquiries or requests, providing you with updates and information about our products and services, and sending you marketing communications in accordance with your preferences and applicable law.
• To conduct research and analysis. We may use personal data to analyze and improve our products, services, and communications. We may also aggregate and anonymize personal data for research and statistical purposes.
• To personalize your experience. We may use personal data to personalize your experience with our products and services, including presenting tailored content and recommendations.
• To protect our rights and interests. We may use personal data to protect our rights and interests, as well as the rights and interests of our customers and users of our website.
• To ensure the security of our website and services. We may use personal data to detect, prevent, and respond to security incidents and protect against other malicious, deceptive, fraudulent, or illegal activities.
• To comply with legal obligations. We may process your personal data to comply with applicable laws and regulations, including responding to lawful requests and legal process.

1. When we share personal data We may share personal data with the following categories of recipients:

• Our affiliates, subsidiaries, and parent companies, where permitted by law and consistent with their own privacy policies.
• Our service providers and business partners, who perform services on our behalf or help us provide our products and services. These service providers may include IT and cloud service providers, customer support providers, payment processors, marketing and advertising partners, and data analytics providers.
• Other parties in connection with a corporate transaction, such as a sale, merger, acquisition, or similar event.
• Law enforcement authorities, government agencies, and other third parties, when required by law or necessary to protect our rights or the rights of others, investigate fraud, respond to a government request, or in other situations involving legal obligations or claims.

1. How long we retain personal data We retain personal data for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by applicable law. The specific retention period will depend on the type of personal data and the purposes for which it was collected.
2. When we transfer personal data internationally We may transfer personal data to countries outside the country in which it was collected or the country of your residence, including to countries that may not provide the same level of data protection as your home country. When we transfer personal data internationally, we will take appropriate safeguards as required by applicable law to protect personal data. For transfers of personal data from the European Economic Area (EEA) and Switzerland, we rely on appropriate safeguards, such as standard contractual clauses or adequacy decisions, as recognized by the European Commission.
3. How we secure personal data We use appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, and destruction. These measures may include encryption, access controls, secure configuration, and regular security assessments. However, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
4. Your privacy rights You have certain rights regarding your personal data, subject to local data protection laws. These rights may include the right to access, correct, or delete personal data we hold about you, as well as the right to object to or restrict certain processing of your personal data. To exercise these rights, please contact us using the contact details provided in section 11 of this Privacy Statement.
5. Conditions of use, notices, and revisions By using our website or providing personal data to us, you agree to the terms and conditions of this Privacy Statement. We may update this Privacy Statement from time to time to reflect changes in our privacy practices. The revised Privacy Statement will be effective when posted. Please review the Privacy Statement periodically for the latest information on our privacy practices.
6. Links to other sites Our website may contain links to other websites or services that are not owned or controlled by us. This Privacy Statement does not apply to those websites or services, and we are not responsible for the privacy practices of any third parties. We encourage you to review the privacy policies of those websites or services before providing any personal data.
7. Personal data from children Our products and services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under the age of 16. If we learn that we have collected personal data from a child under the age of 16, we will take appropriate steps to delete the data as soon as possible. If you believe that we may have collected personal data from a child under the age of 16, please contact us using the contact details provided in section 11 of this Privacy Statement.
8. How to contact us If you have any questions, concerns, or requests regarding this Privacy Statement or our privacy practices, please contact us at:

CrashPlan Group LLC 123 Main Street Anytown, USA privacy@crashplan.com

1. CrashPlan affiliates For a list of our affiliates, please contact us using the contact details provided in section 11 of this Privacy Statement.