Privacy Policy

Last Modified: January 15, 2022

This Policy is issued on behalf of Sentry AI with headquarters at 440 N Wolfe Rd #254, Sunnyvale, CA 94085.

Our Pledge:

• • We will ask your permission before collecting any personal information.
  • We will be transparent about the different types of information we collect and how we use them.
  • We will not sell your personal information to any third party.

• • We will not provide your personal information to any third party for their marketing or promotional purposes.
  • We may share your personal information with third parties for purposes of providing Sentry AI’s Products and Services which you are interested in or contracted for.
  • We will use industry leading data security tools to keep your data safe and protect the Sentry Products and Services from unauthorized access.

Definitions:

“Customers” is defined as any entity that uses our Services including prospects.

“Affiliate(s)” means any company or other entity, whether or not with legal personality, which directly or indirectly controls, is controlled by or is under joint control with that company or other entity. For this purpose, a company or other entity is deemed to control a company or entity if it (a) owns, directly or indirectly, at least fifty (50) percent of the capital of the other company, or (b) in the absence of such ownership interest, substantially has the power to direct or cause the direction of the management and set the policies of such

company or entity.

“Services” are defined as the products, portals, mobile apps, administrative services, technical support, related to our subscription services for Sentry AI, Sentry CS, and Smart Sentry Branded Products.

“Personal Information,” which the California Consumer Privacy Act of 2018 (CCPA) defines

as information that directly or indirectly identifies, relates to, describes, is reasonably capable of being associated with, or can reasonably linked to a particular consumer or household.

“Personal Data,” which the EU General Data Protection Regulation 2016/1679 (GDPR) defines as any information relating to an identified or identifiable data subject.

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Scope:

This Privacy Policy describes and applies to the types of information we may collect from you or that you may provide when you visit the website https://www.smartsentry.ai/ (our “Website”), or contact us directly offline, or we may collect about you through our Customers’ use of our Services, and our practices for collecting, processing, using, maintaining, protecting, and disclosing such information.

This Policy does not apply to the Services we provide to our Customers. In those cases, we process personal data as a Processor/Sub-Processor on behalf of our Customers (Controllers or Processors) and such processing are governed by our Customer contracts for the specific Service. If you have query as to how our Customers use your information you should address it directly to them. This Policy does, however, apply to certain information processing for supporting or improving our Services.

International Data Transfers:

Your personal information may be collected, processed and stored by Sentry AI in the United States and other countries where our servers reside. Please be aware that the privacy protections and legal requirements, including the rights of authorities to access your personal information, in some of these countries may not be equivalent to those in your country. If you are using Sentry Products in the European Economic Area or other regions with laws governing data collection and use that may differ from United States law, you agree to the transfer of your personal data to the United States and other countries where Sentry operates.

Information We Collect:

We collect/process several types of information from and about users of our Website and/or Services, including:

1. 1. Personal Information as defined by the California Consumer Privacy Act of 2018

1. 1. Personal Data as defined by General Data Protection Regulations

1. 1. Information or data that is about you, but in a form, that does not, own its own, permit direct association with you (e.g., sex, age, language preference, occupation, or the like)

1. 1. Information or data about your interaction with (or use of) our Website or Services, which may include your Internet connection, the equipment you use to access our Website or Services, and details relating to your use of our Website or Services

1. 1. Information or data about your interaction with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Privacy Policy.

Information We Collect Directly from You:

We collect/process information received directly from you when you provide it to us, which may include information you provide to us:

1. 1. Through e-mail, messages, chat rooms, blogs, or our Website or Services

1. 1. Offline when you contact us in writing or by telephone, including when you contact customer support and when you request a demonstration of our Services

1. 1. At the time of registering and/or subscribing to use our Website or Services

1. 1. When you voluntarily enter a contest or promotion or take a survey sponsored by us

1. 1. When you report a problem with our Website or Services, including when you contact our technical support.

Different forms on our Website (e.g. registration form) may also collect your name, e-mail, phone number, company name (if applicable), country, area, zip code, address, or other data to help you with your experience. Provision of such contact information is voluntary, unless in the relevant forms specify that this data is necessary for use of our Website and/or the Services.

When using our Services, you may be required to provide billing information. This information is required by us to verify your identity, and invoice you (if applicable).

For the purposes of European data protection laws, we process all information collected directly from you on the basis of our legitimate interests, that are to deliver, manage, improve and promote our Services to the organization you represent (our Customers and prospective Customers).

Information We Collect Through Automatic Data Collection Technologies

In addition to any information that we collect/process directly from you, we may use a variety of technologies that automatically (or passively) collect/process certain information or data whenever you visit or interact with our Website or while using our Services, or whenever you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

Please see the “Cookies” section below for further information about this collection/processing. Please use the ‘Decline’ button on the cookies banner on our Website if you do not wish us to collect/process this type of information.

For the purposes of European data protection laws, we process information collected through automatic data collection technologies on the basis of our legitimate interests that are displaying our Website where such technologies are necessary for the delivering online content. Where such technologies are not strictly necessary for the delivering of online content we rely on your consent to the processing.

Information We Collect Through Our Customers and Affiliates

In addition to any information that we collect/process directly from you and using a variety of automatic (or passive) data collection technologies, we process:

1. 1. Data received from our Customers using our Services, which includes camera images and clips from various sites being monitored by our Customers, reference images for person recognition, license plate numbers, and related data related (“Customer Data”)

1. 1. Customer Data received from our Affiliates

How We Use Information or Data Obtained from Our Customers and Affiliates:

For the purposes of European data protection laws, we process Customer Data and analytics related to the same on the basis of our legitimate interests, that are to provide and improve our Services and compile data about the functionality of our Services so that we can offer our Customers better experience and tools in the future.

For the purposes of European data protection laws, our Affiliates exchange Customer Data on the basis of our legitimate interests that are to provide and improve our Services.

Information We Collect Through Our Third-Party Sales Representatives:

We use sales representatives around the world. These third parties help us promote our Services by lead generation. These third parties may pass on your basic contact details, such as phone number, email address and the name of the organization you represent for us to contact you and promote our Services.

For the purposes of European data protection laws, in these circumstances we would process your personal data based on our legitimate interests that are to promote our Services.

Disclosure of Information We Collect:

We may use a third party (e.g., processor, sub-processor, service provider, contractor, partner, supplier, etc.) or Affiliate to perform certain business-related functions.

Examples of such functions include, but are not limited to: data storage services, data labelling, analytics, debugging, technical resolution, product improvement, database maintenance services, mailing, and payment processing. When we use a third party or Affiliate to perform services on our behalf, we will only provide them with access to Personal Information or Personal Data that they need to perform their specific function. We will make sure that each third party or Affiliate will be required by contract to keep such Personal Information or Personal Data confidential, make necessary steps to protect such Personal Information or Personal Data, and not to use it for any purpose other than providing services to us and other provisions as required by law or regulation.

For an up-to-date list of our current providers/processors/sub-processors, please visit Sentry AI Security Architecture on our website.

For an up-to-date list of the partners who provide automatic data collection technologies on our Website, please see the “Cookies” section below.

Before transferring any Personal Data or Personal Information to third party (processor, sub-processor, service provider, contractor, affiliate, partner, contractor, supplier, etc.) we shall make reasonable check of such third party regarding its compliance with the applicable law.

Compliance with Laws and Law Enforcement Requests. We may disclose Personal Information or Personal Data if required to do so by law or to comply with a legal obligation, or if we believe in good faith that such action is necessary to: (i) protect our rights or property and our Customers or (ii) protect the property or safety of users of our Website or Services and the accompanying services, legal owners of our Website or Services (iii) or any third party. If we will be required by law to disclose any of your Personal Information or Personal Data, we will use reasonable efforts to provide you with notice of that disclosure requirement, unless we are prohibited from doing so by statute, court or administrative order.

We reserve the right to sell, assign, or transfer our business or assets. In any such event or similar event, including but not limiting to a corporate sale, merger, reorganization, dissolution, etc., Personal Information or Personal Data may be part of the transferred assets. You acknowledge that such transfers may occur and that any acquirer or successor of ours may continue to use your Personal Information or Personal Data as set forth in this Privacy Policy.

We may also make certain information in a form that does not, on its own, permit direct association with you available to third parties for various purposes, including for business or

marketing purposes or to assist third parties in understanding our users’ interest, habits, and usage patterns for certain programs, content, services, advertisements, promotions, the functionality available through the Service, statistics and other use. This is information is not associated with any Personal Information or Personal Data that can identify any individual person.

For the convenience of our users and visitors, our Website and/or e-mails may contain links to other sites that are subject to different privacy policies. This Privacy Policy will not apply to other sites, applications and/or services that are managed by us or otherwise are under our control, unless expressly pointed. Information collected by third parties that may include such things as location data or contact details is governed by their privacy practices. We encourage our users to be aware when they leave our Website and to read privacy statements of any other site or apps that collect personally identifiable information.

Our Website may include social media features, widgets and live chat functionalities (“Feature” or “Features”). These Features may collect your IP address, which page you are visiting on our Website, and may set Cookies to enable a Feature to function properly.

Features are either hosted by a third party or hosted directly on our Website. Your interactions with these Features are partially governed by the privacy policy of the company providing it.

When you use our Website or post on our Website, chat function, blog, or social networking service (if any), the Personal Information or Personal Data and other content you share is visible to other users and can be read, collected, or used by them. You are responsible for the Personal Information or Personal Data you choose to share or submit in these instances. For example, if you post your name and e-mail address in a forum posting, that information is public. Please take care when using these Features. By submitting actions specified above, unless otherwise prohibited by law or regulation, you grant us, our partners and affiliates a non-exclusive, unlimited, worldwide, royalty-free license to use, display, perform, copy, transmit,

distribute, promote, alter, modify, manipulate or create derivative works with materials, texts, words, impressions and other information provided by you in such a way.

SmartSentry.ai uses application program interfaces (APIs) from the following third parties:

• • Twilio Inc. for SMS delivery;

• • Amazon Inc. for email and server hosting;

• • Google Inc. for email and analytics;

• • Microsoft Inc. for data management, processing and analytics;

• • Zoho Inc. for data intake through forms and applications, managing users contacts,

subscriptions, billing and transactions information for our product offerings;

• • Zoom Inc. for webinar, sales discussion, onboarding and support communication;

• • Various video management software providers, depending on Customer set up, such as IMMIX, Eagle Eye Networks, Blue Iris, Milestone, Manitou and Stages by Bold Group.

Your Rights:

Under European data protection law, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at support@smartsentry.ai

In certain circumstances/cases, you have the right to:

1. 1. Be informed of the processing

1. 1. Access to information

1. 1. Rectification of inaccurate information

1. 1. Erasure of information

1. 1. Restrict processing

1. 1. Object to profiling

1. 1. Data portability

1. 1. Complain to the authorities

1. 1. Withdraw consent

Detailed information on the full content of your rights (and any conditions that may apply) for EU and UK citizens are provided by their respective GDPR.

Asking us to stop processing your personal data or deleting your personal data will likely mean that you the organization you represent will no longer able to use our Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete.

Where you request us to rectify or erase your personal data or restrict any processing of such personal data, we may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right.

While we will not sell your Personal Information or Personal Data to third-parties, we reserve the right to share any data which has been anonymized. You acknowledge and accept that we own all right, title and interest in and to any derived data or aggregated and/or anonymized data collected or created by us.

Data Security:

We are committed to achieving and maintaining the trust of users of our Website and our Customers. Integral to this mission is providing a robust security and privacy program that carefully considers data protection matters related to the user of our Website and Services, and Customer Data. For details on our information security program, please visit Information Security Architecture on our website.

No data transmission over the internet or website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.

Sensitive information between your browser and our Website is transferred in encrypted form using secure socket layer (“SSL”) or equivalent cryptographic protocols using certificates issued by a trusted third party authority.

How Long We Retain Your Personal Data:

We will hold the above information for as long as is necessary in order to conduct the processing detailed in the table above, deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. Some personal data may need to be retained for longer than the organization you represent is our Customer. This to ensure Sentry AI can comply with applicable laws and internal compliance procedures, including retaining your email address for marketing communication suppression if you have opted not to receive any further marketing. If information is used for two purposes, we will retain it until the purpose with the latest period expires but we will stop using it for the purpose with a shorter period when that period expires.

We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the personal risk or harm from unauthorized use or disclosure, the purpose for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Personal data we receive as camera clips and frames from our Customers as a processor/sub-processor in the performance of our Service is kept for 60 days. Reference data, Customers store in our database for camera health check as well as for person and vehicle identification, is managed by them and they control the storage and deletion.

Exports Outside the EEA and the UK (for EU and UK residents)

Your personal information may be collected, processed and stored by Sentry AI in the United States and other countries where our servers reside. Please be aware that the privacy protections and legal requirements, including the rights of authorities to access your personal information, in some of these countries may not be equivalent to those in your country. If you in the European Economic Area or other regions with laws governing data collection and use that may differ from United States law, you agree to the transfer of your personal data to the United States and other countries where Sentry AI operates.

Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) or the United Kingdom (UK) in which data protection laws may be of a lower standard than in the EEA or the UK. Regardless of location or whether the person is an employee or contractor, we will impose the same data protection safeguards that is required under GDPR.

Certain countries outside the EEA and the UK have been approved by the European Commission and the Information Commissioner’s Office as providing essentially equivalent protections to EEA and UK data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries, which have not had these approvals, we will transfer it subject to European Commission and Information Commissioner’s Office approved contractual terms that impose equivalent data protection obligations directly on the recipient, unless we are permitted under applicable data

protection law to make such transfers without such formalities.

Please contact us if you would like further details of the specific safeguards applied to the export of your personal data.

“Cookies” and Similar Technologies on Smartsentry.ai:

A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit the Sentry web site, a computer asks your computer for consent to store this file in a part of your hard drive specifically designated for cookies. We use cookies, pixels and tags (which we shall collectively define as “Cookies”) on Smartsentry.ai. Some of these are essential or functional, while others help us to improve your experience by providing insights into how the site is being used. We also use “cookies” for advertising.

Some “cookies” and similar technologies, particularly those that track browsing behavior across the web are perceived by data protection regulators as privacy-intrusive. We are, therefore, presenting the below information to our Website visitors in order to explain why and how we use this technology. “Cookies” work with the help of certain online identifiers and typically involve the processing of the following information that is considered personal data:

1. 1. Internet Protocol (IP) addresses

1. 1. Device or mobile IDs and/or device model and type

1. 1. Browser information, operating system information, and/or language preferences

1. 1. The location and the preceding and succeeding websites you have visited, including which pages/part/icons on our Website you interacted with

1. 1. Applications you click on and how often

1. 1. The pages of our Website you visit, and how long you spend on each page.

Lawful Grounds for Processing:

For the purposes of data protection law, we use the following justifications to process your online identifiers derived from “cookies”:

1. 1. We use “cookies” for the correct, efficient and viable delivery of online content. The processing is necessary for our legitimate interest (that are to ensure the availability of our Website).

1. 1. We use “cookies” for the analysis and optimization of our Website performance and engagement.

1. 1. The processing is necessary for the purpose of improving our services and is subject to your consent.

1. 1. We use “cookies” for the delivery (including via third parties) of targeted advertising tailored to your interests. The processing is necessary for the purpose of promoting our services and is subject to your permission consent.

Details of the Processing:

Session Cookies — We use Cookies to allow the Sentry AI website to uniquely identify a user’s browsing session on the Sentry web site and to allow us to coordinate this information with data from our Sentry web site server.

Analytics — We use Google’s “analytics” Cookies which, in conjunction with our web server’s log files, allow us to identify unique, but anonymous users. These Cookies can also calculate the aggregate number of people visiting our Sentry web site, the date and time of a user’s visit to the Sentry web site, the pages a user has viewed and the time spent by users at the Sentry web site. This helps us gather feedback so that we can improve the Sentry AI web site and better serve our users.

Please exercise your choice with respect to accepting or rejecting “cookies” via the pop-up on our Website. Further information on each Cookie is set out in the table below:

Cookie Type	Purpose	Expiry
Google Analytics _ga	This Cookie is placed by Google. It enables Sentry AI to learn information about our users use of the Sentry AI web site such as the time of visit, the pages viewed, whether the user has visited before and the web site visited prior to visiting the Sentry web site. To opt-out please see https://tools.google.com/dlpage/gaoptout	2 Years
Facebook Pixel fbevents.js                   Question & Answer dwqa_anonymous       Zoho   ZCAMPAIGN_CSRF_TOKEN   _zldp   _zldt     zabHMBucket   zps-tgr-dts     LS_CSRF_TOKEN       WordPress   wp-settings-2     wp-settings-time-2	This Cookie is placed by Facebook. It enables Sentry to measure, optimize and build audiences for advertising campaigns served on Facebook. It enables Sentry AI to see how our users move between devices when accessing the Sentry web site and Facebook, to ensure that Sentry’s Facebook advertising is seen by our users most likely to be interested in such advertising by analyzing which content a user has viewed and interacted with on the Sentry web site. To opt-out please see https://www.facebook.com/ads/preferences   Allows the user to leave comments or questions on the website’s forum/community without being logged in.         Zoho Campaigns cookie. This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.    Cookies set up by Zoho to identify the return users.   This cookie identifies the unique visitors for the website   This cookie identifies unique visits for a visitor on the website.   This cookie stores the experiment key for the heatmap experiments.   This cookie stores the session’s metadata on your website to identify the user visit the website for the first time. This cookie is used for security purposes to avoid Cross-Site Request Forgery, (CSRF) for the AJAX calls made by the visitor.     Cookies set up by WordPress to optimize the Smart Sentry website experience on users’ browsers.   This is used to customize your view of admin interface, and possibly also the main site interface.	180 days             Session     Session   2 years 1 day   12 Months 12 Months   Session           1 year   1 year
Cookie Notice cookie_notice_accepted	This Cookie is placed by Sentry. It is used to record when a user of the Sentry web site has viewed the Cookie notice to prevent it re-appearing on return visits.	30 days

In addition to the controls provided on our Website via the pop-up, you can choose to block “cookies” by activating the settings on your browser that allow you to refuse the setting of all or some cookies. However, if you use your browser settings to block all “cookies” (including essential “cookies”) you may not be able to access parts of our Website. Your browser settings also allow you to delete all “cookies” stored on your device whenever you wish. For more information on how private browsing works as well as its limitations, visit the support pages for your browser. Additionally,

1. 1. Several websites provide detailed information on “cookies”, including AboutCookies.org and AllAboutCookies.org.

1. 1. The European Interactive Digital Advertising Alliance website Your Online Choices allows you to install opt-out “cookies” across different advertising networks.

1. 1. Google has developed a browser add-on to allow users to opt-out of Google Analytics across all websites which use it.

1. 1. Some browsers include a feature known as “Do Not Track” or DNT. However, whilst DNT is available in many browsers, websites are not required to recognize its request, so it may not always work.

Additional Steps You Can Take to Protect Your Privacy Online:

If you are concerned about online tracking, then we can recommend you to:

1. 1. Set your browser settings to delete all “cookies” every time you close your browser

1. 1. Consider adopting Global Privacy Control

1. 1. Install a privacy-friendly browser on your device, such as Mozilla Firefox, Safari, or Brave

1. 1. Install anti-tracking and ad-blocking plug-ins on that browser, such as Ad Block Plus, Ghostery or PrivacyBadger

1. 1. Use privacy-friendly web search engines, such as Ecosia or DuckDuckGo.

If you have any questions about the “cookies” or similar technologies in use on our Website, please contact us at support@smartsentry.ai

Changes to Our Privacy Policy:

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users’ Personal Information or Personal Data, we will notify you through a notice on our Website home page. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for periodically visiting our Website and this Privacy Policy to check for any changes.

Contact Information:

If you have any questions, concerns or complaints regarding this Privacy Policy, or regarding a contact person (representative) for compliance with the relevant law or regulation, you can reach us at:

Website: www.smartsentry.ai

E-mail: support@smartsentry.ai