Privacy Policy

Effective Date: March 2021

INTRODUCTION

PAR Government Systems Corporation (referred to as “PGSC”, “us”, “we”, or “our” as the context may require) respect your privacy and are committed to protecting your personal data. The website https://parteamconnect.com/ (the “Site”), is owned by PGSC. This Privacy Policy (the “Privacy Policy”) applies only to information collected through the Site or offline by PGSC in our provision of products and services (collectively “Services”) to you and does not cover any information collected at any other website or offline by another company (unless specifically stated). Please note further, as described in this Privacy Policy, that some components of the Site are operated by third parties and are therefore subject to additional terms found in the policies of those third parties. In such cases, there generally will be a link to the privacy policies of the third party, as described later in this Privacy Policy. By accessing or using the Site, you are accepting the terms described in this Privacy Policy. The Privacy Policy may change from time to time, as set forth below. Your continued use of the Site after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates.

Originally developed by PAR Government as a government-off-the-shelf (GOTS) application, GV3.0 is used to view raster imagery and full-motion video typically captured by geospatial collection sensors aboard aircraft, drones and satellites. A stand-alone application, GV3.0 reads many data files common in the GIS and GEOINT communities, including the National Imagery Transmission Format (NITF)and NATO Secondary Imagery Format (NSIF).

1. IMPORTANT INFORMATION AND WHO WE ARE

PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy provides you with information on how PGSC collects and processes your personal data through your use of the Site, including any data you may provide through the Site when you:

• contact us for information on our products and services
• purchase products or services from us

If you are in the European Union, or if your personal data otherwise may be subject to the requirements of the General Data Protection Regulation, (Regulation (EU) 2016/679, or the “GDPR”) and other applicable regulations, this Privacy Policy provides you with information on how PGSC collects and processes your personal data in accordance with these laws.

It is important that you read this Privacy Policy together with any other Privacy Policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. Where another document provided by us conflicts with this Privacy Policy, that document shall control.

CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We keep our Privacy Policy under regular review. We reserve the right to alter, modify, update, add to, subtract from or otherwise change this Privacy Policy at any time. We will use your personal information in a manner consistent with the Privacy Policy in effect at the time. You are responsible for periodically visiting the Site and this Privacy Policy to check for any changes.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by contacting us (contact information provided below).

THIRD-PARTY WEBSITES

The Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the privacy policy of any website you may visit.

2. THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you in connection with the purposes stated in Section 1 as stated in Annex A of the TeamConnect License and Subscription Agreement. https:// documents.parteamconnect.com/terms-of-use

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity (except as required for affirmative action compliance), religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

• Direct interactions:You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by mail, phone, email or otherwise. This includes personal data you provide when you:
• inquire about or purchase our products or services;
• register with us to use the Services;
• give us feedback or contact us.
• Automated technologies or interactions.As you interact with our Site, we will automatically collect Technical Data about your equipment (internet protocol (IP) address). We collect this personal data by using Cookies and other common web-based technologies. If you wish to learn more about our data collection process, please contact us (contact information provided below). Additionally, please see our Cookie Statement https://documents.parteamconnect.com/cookie-statement for further details.
• Third parties or publicly available sources.We will receive personal data about you from various third parties as set out below:
• Identity, Contact and Financial Data from search information providers, such as Dun & Bradstreet, based outside the EU.
• Contact, Financial and Transaction Data from providers of payment and delivery services such as banks and credit bureaus outside the EU.
• Identity and Contact Data from publicly available sources, such as government and administrative bodies (Secretary of State (US), based inside and outside the EU.
• Use of Services.Through your use of any Services we provide, you may choose to provide data to us, including User Provided Data.

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to process your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. For example:
• establish you as a new customer;
• process and deliver your order or invoice, including manage payments, fees and charges; and
• manage our relationship with you, including contacting you about the timing of the performance of certain services.
• Where it is necessary for our legitimate interests (or those of a third party) of our business in conducting and managing our business to enable us to give you the best products/services and your interests and fundamental rights do not override those interests. For example:
• collect and recover money owed to us;
• providing ongoing service to you in connection with the products and services purchased by you; and
• to administer and protect our business and the Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).

You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

• Where we need to process your personal data where it is necessary for compliance with a legal obligation that we are subject to.
• Notifying you as required and performing our obligations under any contract that we have with you.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Sites may become inaccessible or not function properly. For more information about the cookies we use, please see https://documents.parteamconnect.com/cookie-statement.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us (contact information provided below). If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products/services). In this case, we may have to cancel a product/ service you have with us but we will notify you if this is the case at the time.

5. DISCLOSURES OF YOUR PERSONAL DATA

We may share your personal data with the parties set out below for the purposes set out above.

• Internal Third Parties such as PAR Technology Corporation, our parent company, acting as a joint controller and processor, which is also based in the United States and provides PGSC with IT and system administration services and undertakes leadership reporting.
• External Third Parties as follows:
• Service providers acting as processors based in the United States who provide: IT and system administration services (e.g. hosting) or (b) third-parties chosen by you to connect with through the Services.
• Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the United States who provide consultancy, banking, legal, insurance and accounting services.
• Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.
• With other entities where doing so is a part of providing the Service you have accessed and chosen to use.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

7. DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL DATA FOR?

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for seven years after they cease being customers for tax purposes.

8. YOUR LEGAL RIGHTS

IF YOU ARE LOCATED IN THE EUROPEAN ECONOMIC AREA (EEA), UNITED KINGDOM OR SWITZERLAND.

THIS SECTION ONLY APPLIES TO INDIVIDUALS WHO CONTACT US REGARDING OUR PRODUCTS/SERVICES AND ARE LOCATED IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND AT THE TIME OF DATA COLLECTION. WE MAY ASK YOU TO IDENTIFY WHICH COUNTRY YOU ARE LOCATED IN WHEN YOU PROVIDE US WITH YOUR INFORMATION, OR WE MAY RELY ON YOUR IP ADDRESS TO IDENTIFY YOUR COUNTRY LOCATION.

PGSC processes Personal Data as a “processor,” “joint controller,” and as a “controller” under the European Union’s GDPR. A “controller” is an entity that determines the purposes for which and the manner in which any personal information is processed. Any third parties that act as our service providers are “data processors” that handle your personal data in accordance with our instructions. With respect to your personal data that you enter or that is received through our Site, PGSC is the controller. Please do not hesitate to contact us if you have questions (contact information provided below);

If you are in the EEA, United Kingdom or Switzerland, you have the following rights (where applicable):

• Access.You have the right to request a copy of the information we are processing about you;
• Rectification.You have the right to have incomplete or inaccurate information that we process about you rectified;
• Deletion.You have the right to request that we delete information that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise, or defend legal claims;
• Restriction.You have the right to restrict our processing of your information where you believe such data to be inaccurate; our processing is unlawful; or that we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it;
• Portability.You have the right to obtain information we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) information which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you;
• Objection.Where the legal basis for processing your information is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests, or if we need to continue to process the data for the establishment, exercise, or defense of a legal claim;
• Withdrawing Consent.If you have consented to our processing of your information, you have the right to withdraw your consent at any time, free of charge. This includes where you wish to opt out from marketing messages.

You can make a request to exercise any of these rights in relation to your information by contacting us via the methods listed below within the Contact Information section. For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information. Please note that we may take up to 30 days to fulfill such request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

You also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. A list of local data protection authorities in European countries is available here at https://edpb.europa.eu/about-edpb/board/members_en.

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

9. SPECIAL INFORMATION FOR CALIFORNIA RESIDENTS

Under California’s "Shine the Light" law, California residents who provide personal information in obtaining products/services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2019 will receive information regarding 2018 sharing activities).

To obtain this information please send an email message to pgsc-contactus@partech.com with "Request for California Privacy Information" on the subject line and in the body of your message. We will provide the requested applicable information to you at your e-mail address in response subject to any need to verify whether these rights apply to you.

Please be aware that not all information sharing is covered by the "Shine the Light" requirements and only information on covered sharing will be included in our response.

California Consumer Privacy Act Rights.Under the California Consumer Privacy Act (“CCPA”) California residents have certain rights regarding their personally identifiable information. If you would like to exercise these rights on or after January 1, 2020, please contact us using the email address, toll free phone number, or physical mailing address listed within the “Contact Information” section below. If sending an email, please send an email message to pgsc-contactus@partech.com with "Request for California Privacy Information" on the subject line and in the body of your message. For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information. It may take us some time to respond to your request, but we will do so within the requirements of the CCPA.

This Policy discloses to you the personal information we collect from you and the purposes for doing so. Please see “How We Use Your Personal Data” above. The CCPA grants you specific rights, including the following:

• Right to request disclosure as to personal information PGSC has collected about you:
• Upon a verifiable request, made through one of the methods provided within the “Contact Information” section below, we will disclose to you the items listed below, one or more of which may be provided by reference to this Policy:
• The categories of personal information we have collected about you.
• The categories of sources from which the personal information was collected.
• The business purpose behind collecting the personal information.
• The categories of third parties with whom PGSC has shared the information.
• The specific pieces of personal information PGSC has collected about you.
• Right to request deletion: upon a verifiable request, made through one of the methods provided within the “Contact Information” section below, we will delete personal information we have regarding you and direct our service providers to delete your personal information from their records, to the extent provided by the CCPA.
• Right to be free from discrimination: PGSC will not discriminate against you for exercising any of your rights under the CCPA. Please keep in mind that under certain circumstances, we may charge you a different price or rate, or provide a different level or quality of products/services, if that difference is reasonably related to the value provided to you by your personal information.
• No sale of personal information: PGSC does not sell your personal information.

Contact Information:

PGSC can be reached by telephone at: (315) 339-0491 ; by email at: pgsc-contactus@partech.com or by mail at PAR Government Systems Corporation, 421 Ridge St., Rome, New York, 13440 USA, Attention: Privacy Compliance.

WHAT WE MAY NEED FROM YOU

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

TIME LIMIT TO RESPOND

We try to respond to all legitimate requests within one month, unless a shorter time period is specified by the law, including the CCPA. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.