Privacy Policy

HOW TO READ THIS POLICY

This privacy policy (“Policy”) applies to all individuals with whom we interact in the course of our business. This happens when you use our website (the “Platform”), if you are a visitor or an authorized user of our Platform, a user, Customer or prospect who follows our activities, our potential or current business partner, investor, suppliers, or as one of our customers. When voluntarily using our Platform or creating an account to use our Platform or platform, you become an authorized user (“User”, “You” or “Your”) and shall use our sites in accordance with our Terms of Use.

This Policy informs you about what information (“Personal Data” or “Personal Information”) we may collect directly or indirectly from you and that we create, store, transfer, share or delete (“Use” or “Process”), the measures we use to protect your data and how you can exercise your rights.

If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business

The Policy does not apply to information collected by any third party, including through any third-party application or content (including advertising) that links to or is accessible from our applications or websites.

OUR COMMITMENT

Almond Solutions, and its corporate affiliates (“Almond” or “We”, “Us”, “our”) are committed to protecting your privacy and safeguarding your Personal Data through our compliance with this Policy. We implement various data protection regulations and best practices prevalent in the industry and for protecting Your information and ensuring that You can access and control them at any time. This Policy provides detailed information on how Almond collects information, together with the privacy and security practices it implements on the Platform.

If the Use of Your information changes, we will provide You with more information when we are in contact with You, for example, through the website, by email or in ur information materials on our Platform. Where necessary, we would do that by updating our Policy so that You can check it when You visit the Platform at https://almondvirtex.com/.

INTRODUCTION

Almond has built the world’s most comprehensive and intuitive Platform for virtual and hybrid event hosting, wherein the Customer (defined hereunder) of an event can license Almond’s application and can connect with the Attendee (defined hereunder) through our Almond application (“Services”).

If Almond is collecting information directly from you, then Almond will act as the Data Controller (defined hereunder). If Almond is receiving information from its Customer, Almond will act as a Data Processor (defined hereunder) and shall process data as per the instructions received by the Data Controller. If you have any questions related to handling of Your Personal Data by Almond or to exercise Your rights to privacy You can contact us at privacy@Almond.com.

DEFINITIONS

“Account” means the self-service account created by the Customer on Almond’s Platform for using the Services.

"Customer Data" means all data submitted, displayed and/ or uploaded by the End User and/or Authorized Administrator(s) and/or the Customer while registering for, accessing, hosting an event, and/ or otherwise using the Site.

"Applicable Data Protection Laws" collectively means all data protection laws and regulations, which includes United States federal and state privacy laws, European Union Data Protection Laws, including but not limited to General Data Protection Regulation ("GDPR") and any other laws pertaining to data protection in any territory of the world that may be applicable to the processing of Personal Information (also known as “Personal Data”) under the Privacy Policy. "CCPA" means the California Consumer Privacy Act of 2018, including amendments and final regulations.

“Customer'' or “Data Controllers” or “Data Stewards” means the Organizer that has a service agreement with Almond to use/access Almond Platform to host virtual events, which term shall include its employees, independent contractors, consultants, Affiliates, successors and assigns using/ accessing the Platform/ Services. They are Responsible for the safe custody, transport, and storage of the data and implementation of business rules. The natural or legal person, public authority, agency, or any other body that alone or jointly with others determines the purposes and means of the processing of Personal Data. Where the purposes and means of processing are determined by national or community laws or regulations, the controller or the specific criteria for the nomination of the controller may be designated by national or community law.

“Customer Personal Data” means any Personal Data that the Customer shares with or permits Almond to access, store, host, modify, share, delete and further Process for the performance of the Services, which is processed by Almond and /or its Affiliates.

“Personal Data” means any information relating to a Data Subject; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes any special categories of Personal Data defined in Art. 9 of the GDPR, data relating to criminal convictions and offences or related security measures defined in Art. 10 of the GDPR and national security numbers defined in Art. 87 of the GDPR and national supplementing law.

“End Users” or “Attendees” means the clients and all individuals who shall, from time to time, be attending or participating in the events organized by the Customer on the Platform.

“Processor” or “Data Processor” means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller and as instructed by the Data Controllers, usually for specific purposes and services accessible to the Data Controller.

"Commercial Purposes" "Sell," have the meanings assigned to them in section 1798.140 of the CCPA.

"Data Protection Officer" (DPO) means, where applicable, an individual who are responsible for protection of Personal Data at Almond.

“Data Subject” or “Data Owners” means a natural person whose Personal Data is processed by a Data Controller or Data Processor.

“Sub-processor" or "Third-Party Service Provider" means any person natural or legal public authority, agency or body appointed by or on behalf of the Processor, or by or on behalf of an existing Sub-processor, to process Personal Data on behalf of the Controller, as defined in Art. 4(10) and further explained in 28(4) of GDPR.

"Supervisory Authority" shall have the meaning assigned to it under the GDPR.

WHAT INFORMATION WE COLLECT ABOUT YOU

We collect information about You when You provide it to Us, when You Use our Services or Platform, and when other sources provide it to Us. When connecting and/or navigating on our Platform, We will collect information about You which will help Us in providing better Services as part of Almond business functioning. As a Data Controller, Almond collects such data from You for various reasons, such as, product demonstrations, marketing purposes or for job vacancies/ career applications or for other purpose(s) when You provide Your explicit consent for such purpose(s).

Below, is a list of general categories of Personal Information we collect from You :

General categories of Personal Information

1. Contact information via the “ Request for demo” form - First name, last name, business email address, phone number and company name.

2. Professional information for job vacancies/ career applications - Job title, CVs and resume, educational information, professional qualifications, position, work experience, background checks, professional networks, programs, publications and activities, referrals and other relevant professional information where needed.

3. Customer person of contact Personal Data - First Name, last name , email address, official address, title, designation, name of organisation, social media credentials, if applicable, payment details, if applicable.

4. Customer Account Creation - First Name, last name , email address, username or similar identifier, title or designation and name of the organisation, if applicable.

5. Information technology related data - The information We may collect might originate from Your use of Almond’s website and mobile applications, and other connected devices and includes:

• Internet Protocol (IP) address, geolocation data, Your browser, operating systems, device ID.
• Data captured by cookies which may include analytics information and information about the date and time of Your request read our cookies section; or
• Information that We may collect that describes and gives information about other data ("metadata”). This Policy applies to the extent such metadata allows Us to improve user experience. Where required under Applicable Data Protection Laws, We will inform You and ask for Your permission prior to collecting such Personal Information.

6. De-identified and anonymized information - We may Use Personal information which is anonymized to improve our services.

7. Integration of Sub-processors/ Third-Party Service Provider(s) - By proceeding with the integration with a Third-Party Service Provider(s), You allow Us to collect Personal Data that is already associated with the Third-Party Service Provider(s). If You choose to provide such information and Personal Data, You are giving Us the permission to Use, share, and store it in a manner consistent with this Policy. We are not liable for any agreements that You have with any Third-Party Service Provider(s).

8. Transactional/ Payment Details - This includes Personal Data related to payment and other information regarding payments You make available to Us and other details of products and Services You have accessed or used through the Platform or Services. We do not store card details on Our Almond servers. Credit and debit card payments are processed by Third-Party Service Provider(s) engaged by Us, including payment aggregators or gateways on their secure payment server and all card details are fully encrypted and stored by them.

Other Transactional/ Payment details collected that are not Personal Data: When using our Services, You may provide Your company bank account details (such as, Account Number, IFSC, UPI ID, Swift Code) these details will only be used if You want to provide offline payment methods, other than those provided to You by Almond, to the Event Attendees. Kindly note that these details pertain to Customer’s company transaction/ payment details and not individual event organizer and are not Personal Data under the Applicable Data Protection Laws.

As a Data Processor, Almond provides additional tailor-made/ customized service options to Customers that have built-in features in Almond Services, Customer can choose to collect the Personal Data of the Attendees who will be attending the events organized by the Customer on our Platform. This collection shall be as per the Customer’s privacy policy.

The Customer may collect the following Personal Data of Attendees:

Types of Personal Data that is collected by the Almond Customers

1. Attendee account creation - For Attendee account, We provide Facebook and LinkedIn social logins which take user's e-mail id, first name, last name and profile data of LinkedIn name, e-mail id, contact number. However, these fields are customizable and the Customer may choose to collect Personal Information in addition to the above mentioned ones.

2. Registration and Ticketing - Name, e-mail id, contact number. However, these fields are customizable and the customer may choose to collect Personal Information in addition to the above mentioned ones.

3. Event website - Event website may contain “Contact Us” section added by the Customer/event organizer. The Personal Information collected by them may include name, e-mail id, phone number, designation and so on, which are totally customizable by the Customer/ event organizer.

The event websites may have an option for the user too opt-in for subscriptions such as newsletters from the event organizer through the ‘Subscribe’ box. By opting in for the services, your e-mail id will be used to send e-mails to you from the event organizer.

Some event websites may also include an embedded registration form where the user’s Personal Information may be asked viz. name, e-mail id, contact number etc. All these fields are customizable by the Customer alone and are depended on their purpose(s) of collecting such categories of Personal Information.

1. Networking community - While logging into the networking community, the user will have the option to log in through their Facebook and LinkedIn social profiles and only their email id, first name, last name will be taken. Almond uses cookies in Event Networking Community. To know more please refer to our Cookie Policy.

Also, the Networking Community Platform has a messaging feature, newsfeed and view profiles for which the Personal Information is used. Customer/User may create a new post, share content on the newsfeed which may include text, images and videos on the Networking Community Platform.

2. Event App - The App may require a login which will also be from social profiles of Facebook and LinkedIn. While installing an App, certain permissions are required such as access to media files, storage, contacts etc. In case you wish to not provide such access, please, select the option “No”. An in-built feature of the Almond Service is when an Attendee gets an invite for an event by the Customer, the calendar of the Attendee is also blocked for that particular event, this is to ensure smooth access to the event and to provide constant reminders. The calendar invite will be based on the email id used by the attendee, such as, Google calendar, Yahoo, Hotmail, etc.…

As the purpose for collection of the Personal Data, when Customer is the Data Controller, is defined by the Customer, Almond merely processes the data, it does not control the data or define the purpose of its collection, thus Almond merely acts on the instructions of the Customer for collection of such Personal Data.

In some situations, the Customer may choose to collect sensitive Personal Information about You. When doing so, We apply stronger safeguards to protect Your privacy. This collection shall be as per the Customer’s privacy policy. Any collection of sensitive Personal Data is completely at the discretion of the Customer.

PURPOSE FOR COLLECTING YOUR INFORMATION

When connecting to our Platform and using our Services, We will collect Personal Information about You, for the following purposes:

Purpose(s) for which We Use Your Personal Data

9. To assist customers with product and service inquiries - We access Your Personal Data which You have provided to Us through "request a demo" form available on our Platform when You:
• request a demo or
• subscribe to our solution or
• agree to receive our newsletters, for upcoming products or to follow us and see our initiatives.

We may have to identify you when you interact with us to respond to your queries and to deal with any inquiries that you may have in the context of a pre-contractual or contractual relationship with us.

10. Contacting purposes - We collect and Use Personal Data of:
• Business partners: including staff and third parties with whom You collaborate in the context of the services that You provide to Us or in the context of a business relationship and/or partnership.,br> • Customers: when We keep Your information to manage the contract with You in relation to the product or services your request from Us.

This includes obtaining Personal Information before, during and after We enter into a contract with You, Your organization and Your staff.

11. Improve our customer service - We also Use Personal Information, to improve our customer service. Refer our Cookie Policy

12. Profiling - To better understand our audience and customers, We use certain Personal Information about You, including information that pertains to:

• Your country, such as via your IP address and region
• Your language
• Your e-mail domains
• number of pages visited
• number of e-mails received and when You open it • Your communications with Us, such as instant messages, phone calls, and e-mails exchanged with Us.

We will only Use aggregate information for this purpose.

In addition to the above-mentioned purposes, We are also collecting Personal Information to provide You with a secure, smooth, efficient, and customized experience on the Platform. We process Your Personal Information and non-Personal Information to create, develop, operate, deliver, and improve the Platform and the Services. We will not collect any additional categories of Personal Information or Use the Personal Information collected by Us for materially different, unrelated, or incompatible purposes without seeking Your express consent.

LEGAL BASIS FOR PROCESSING YOUR INFORMATION

This is a global Policy and shall apply wherever You reside. In this section, We describe our legal justifications (commonly referred to as “legal basis”) for the Use of Your Personal Information related to each of our main processing activities.

Please note: depending on the country where You reside, the law of Your country may not require that We use a specific legal basis to justify Using Your Personal Information, including transfers of Your Personal Information outside Your country of residence (Example : GDPR). If Your jurisdiction requires consent to Process Your Personal Information when You interact with Us, We will obtain Your consent prior to the Use of such Personal Information.

Below, We explain to You the Almond's legal basis when processing Your Personal Information.

Legal basis - processing activities and purposes for Use of Personal Information

1. Based on our contract with You - As one of our customers (when You create Your account), or business partner We will keep and store Your personal or professional contact details to interact, and provide You with related offers as a customer, and manage the (pre-) contract or Your user account, and for administrative or billing purposes.

2. Based on Your prior consent (where permitted or required by law upon) -

• We collect information about You when navigating on our sites and other features, when You submit queries or interact with Us
• We Use Your information in the context of a marketing and sales to propose You similar offers or inform You about upcoming products and send newsletters; or for statistics purposes. Depending on Your country of residence, We may have to request Your prior consent for example:
• When subscribing to our newsletters;
• Sharing or disclosing Your Personal Data to Sup-processors outside of Your country of residence in countries that do not provide the same level of protection to Your privacy and data protection as in Your country of residence;,br> • Using forms, when creating Your user account; or when using cookies or similar technologies.

3. To comply with Applicable Data Protection laws and other legal statutes- In some limited instances, We may have to keep some limited Personal Information about You longer than needed such as for tax or accounting purposes.

RETENTION OF YOUR PERSONAL INFORMATION

Almond will retain Your Personal Data only for as long as is necessary for the purposes set out in this Policy.

For users who have provided their Personal Data to Almond on our Platform, We will keep Personal Data We collect about You for as long as necessary for providing the Services via our Platform and to comply with any legal obligations (e.g.: to comply with applicable legal, tax or accounting requirements and for archiving purposes).

Almond shall retain the Customer Personal Data for 3 years from the date of termination of the agreement(s) with the Customers solely for repurposing and/or reusing the Customer Personal Data for any future events hosted by the Customer on the Platform. Almond shall not use this data for any purpose apart from retaining it for the Customer. Post completion of the above-mentioned retention period, Almond shall automatically delete all data provided by the Customer from the Almond database.

Below you can find details about data retention, legal basis and purpose for each category of Personal Data -

1. Platform User data including name:

• Purpose: To provide and improve the Almond Platform and Services.
• Legal basis: Consent (cookies, sending newsletters, for providing demo) and Legitimate Interest (to respond to your queries about Almond product and services).

2. Customer data:

• Purpose: To interact, and provide You with related offers as a customer, and manage the (pre-) contract or Your user account, and for administrative or billing purposes.
• Legal basis: Contract (to provide products and services for fulfilment, administrative or billing purposes) and legitimate interest of Almond and Consent.

3. Customer data:

• Purpose: As defined by the Customer.
• Legal Basis: Almond is the processor and the legal basis is defined by the Customer and Almond’s basis for processing any such data is its legal and contractual obligation to its customer.

Data retention and deletion

Where We have no legitimate business interest to continue to Process Your Personal Data or if You ask Us for deletion, we will either delete, anonymise it or, if this is not possible (for example, if Personal Data has been stored in secured archives), We will securely store and isolate Your information from any further processing until the deletion becomes possible and delete it as soon as technically possible. We will Use advanced technology that are certified as best (practices) in the industry or other means to protect Your data and mitigate any risks, such as obfuscation, blanking or encryption.

For Attendees data that has been provided to Us by our Customers, We will retain the data for a period of 3 years post expiration of the contract unless the Customer requests Us to delete the data at an earlier date. Post expiration of the retention period, all Customer and the Attendee data will be automatically deleted by Us from the all-Almond database, including Third-Party Service Providers database(s).

WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION

Almond Employees

Only duly authorized Almond employees can access Your Personal Data on a need-to-know basis.

Disclosure of Personal data to Third-Party Service Providers

In certain limited cases, authorized Third-Party Service Providers outside our organization may access Your Personal Data. These may include:

• Third-Party Service Providers who provide Us with their services for the administration of the Platform (such as IT services in the event of a breakdown or for the maintenance of our Platform).

• For our internal business purposes that include administering access and Use of our Platform and Services , data analysis, securely identifying Customers upon logging onto an Platform, enhancing or modifying our Services, determining the effectiveness of our marketing campaigns, billing for Services, and operating our business.

• Other Third-Party Service Providers, such as auditors, data centers or to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to our Services other authorised Third-Party Service Providers only when required by law or by a court decision, to defend legal claims or in case of an investigation by a supervisory authority.

You expressly consent to the disclosure of Your Personal Data to the relevant Third-Party Service Providers whose services Almond uses for the following in-exhaustive list of services, such as, marketing, analysis, advertisement, contract management, billing, consent management, data subject rights management, cloud service management.

When engaging Third Party Service Providers, we have entered into agreements with them for the processing of Your Personal Data about You so that such processing is carried out in accordance with our instructions, in a confidential, secure, transparent manner, to protect Your privacy rights and comply with the Applicable Data Protection Laws.

COOKIES AND TRACKING TECHNOLOGIES WE USE

Cookies or similar tracking technologies may be used on the site to automatically collect certain information about Your device. We usually do not collect Your Personal Data, however, should it happen, this may include Personal Data as explained in this section.For more details on the cookies We Use, refer to our cookie policy.

Disclaimer – We are not clubbing cookie polices (dashboard and community) in this Policy as its it pertains to a different website.

Where appropriate, You can also read how tracking technologies work on other websites You use by accessing the respective cookie notice.

CONSENT

DATA MINIMIZATION

Where permitted and feasible, and to protect Your right to privacy, Almond will take reasonable steps to remove or anonymize information that may directly or indirectly identify You and restrict to the minimum the amount of Personal Information that We Use, submit or transfer to Third-Party Service Providers.

Unsubscribe from our Almond Newsletter

You always have the opportunity to easily unsubscribe, at any time, from our marketing communications. You can achieve this by using the "unsubscribe" link in our communications or by contacting Us at privacy@Almond.com or mydata@Almond.com.

Withdrawal of consent

Where Almond processes Your Personal Data on the basis of consent, You have the right and may choose to withdraw Your consent at any point in time. Kindly notify Almond of such withdrawal by communicating to Us at privacy@Almond.com or mydata@Almond.com.

In case You do not wish to provide Your consent or later withdraw Your consent, We request You not to access the Platform and use our Services and We also reserve the right to not provide You any Services or information on the Platform. On such instances wherein You have withdrawn Your consent, Almond may delete Your information (personal or otherwise) or de-identify it so that it is anonymous and not attributable to You (except to the extent, as detailed in " LEGAL BASIS FOR PROCESSING YOUR INFORMATION" of this Policy).

Wherever Almond acts as Data Processor, it merely processes Personal Data under the direction of the Customers and has no direct control or ownership of the Personal Data We Process.

It is the responsibility of the Customers for complying with any regulations or laws requiring notice, disclosure or obtaining consent prior to transferring the data to Almond for further processing purposes. Attendees of an event that seeks to access, correct or delete data, should direct their request to the Customer. If the Customer requests Almond to delete, rectify or access the Personal Data of an Attendee to comply with Applicable Data Protection Laws, Almond will process this request within the required time frame under the Applicable Data Protection Laws.

Kindly note that Almond will not process a Data Subject request to change information that may cause the information to be incorrect, fraudulent, misrepresented or violates any law of land or legal statute. In such instances, We will inform the Customer about the legal obligations that prevent Us from fulfilling the request.

HOW DO WE PROTECT INFORMATION ABOUT YOU ?

We implement appropriate technical and organisational controls to protect Your Personal Data that We hold to prevent unauthorised Processing, loss of data, disclosure, use, alteration, or destruction. Where appropriate, We may Use protective techniques such as encryption, pseudonymisation, de-identification and other technologies that can assist Us in securing the information about You, including measures to restore access to Your Personal Information. We also ensure that our Third-Party Service Providers comply with reasonable and recognized data privacy, confidentiality, integrity, availability and security requirements.

We conduct tests and reviews of our technologies and processes, including a review of our business partners and vendors, so that our security controls remain effective. Also, when not needed anymore, We will further anonymize Your Personal Data or delete it when it is no longer needed for the purpose for which We originally collected such Personal Information from You.

Security measures taken by Almond to protect Your Personal Information

We have configured our systems to apply industry standard information security measures and used recognized security framework to protect Your Personal Information, which includes, inter alia:

✔ TIER IV servers (ISO 27001 and FINMA) where data is hosted exclusively in data centers with dedicated hardware and on-site security;

✔ All systems are monitored by approved Swiss third party IT service providers;

✔ Last generation fire-walling;

✔ HTTPS and SSL encryption, file encryption, Password strength requirements;

✔ Access controls via privileges and roles;

✔ Software built in accordance with privacy by design and by default principles;

✔ Automated security audits that are scheduled bi-weekly (qualys.com);

✔ Semi-automated audit systems and services (such as via: ImmuniWeb, SSL Labs, WebPageTest, Yellow Lab among others) for each new release;

✔ Periodic vulnerability assessment and penetration tests carried out;

✔ Conducting yearly privacy and security training of the entire organisation;

✔ Complete vendor risk management before onboarding of Sub-processors/ Third-Party Service Providers;

✔ Mandatory compliance of non- disclosure agreements by Almond employees and vendors;

✔ All systems and applications undergo regular security review for vulnerabilities prior to production deployment;

✔ Encryption of Personal Data at rest and in transit;

✔ Almond is SOC 2 Type 2 accredited and uses

✔ Almond maintains industry standard security incident response policies and procedures

✔ Encryption of Personal Information

✔ Almond uses Amazon Web Services SOC 2 accredited data centers

Where We Use Third-Party Service Providers to help us with information security measures, they have committed to comply with strict security, data protection requirements and privacy requirements that are not just best practices in the industry but to comply with Applicable Data Protection Laws to ensure maximum confidentiality, integrity, and availability of Your Personal Data.

CROSS BORDER TRANSFERS

When we receive information about You, such as for applying to Almond or exchanging information with Us, We will collect, process and store Your Personal Data according to Applicable Data Protection Laws and in accordance with this Policy. Most of the time, You will share such Personal Data with Us, via our Platform, forms and e-mails, on a voluntary basis, for the purpose of entering into a contract with Almond or based on Your explicit consent.

When You exchange information with other Third-Party Service Providers, You acknowledge that Personal Data about You or other data subjects may leave Your country of residence, which may require implementing appropriate/ supplementary or additional safeguards in accordance with Applicable Data Protection Laws.

Kindly note that Almond will follow appropriate level of protection and deploy all necessary safeguards for transfer of such data that constitutes confidential information and/or Personal Data, additionally such transfers, to any country(s) which do not ensure an adequate level of data protection, Almond will ensure that the transfer is through one of the following mechanisms:

i) in accordance with the Swiss-U.S. and EU-U.S. Privacy Shield Framework and Principles issued by the U.S. Department of Commerce, both available at https://www.privacyshield.gov/EU-USFramework (the “Privacy Shield Principles”), or

ii) the Standard Contractual Clauses set forth and approved by the European Commission

In the event that European Union authorities or courts determine that the Privacy Shield is not an appropriate basis for transfers, Almond and Customer, and wherever applicable Almond Sub-processors agree to promptly execute an approved Standard Contractual Clause to govern such transfers.

OTHER INFORMATION ABOUT YOUR PRIVACY

1. Links to other websites
Our Service may contain links to other sites that are not operated by Us. If You click on a third-party link, You will be directed to that third party’s site. We strongly advise You to review the privacy policy of every website You visit. We have no control over and assume no responsibility for the content, privacy policy or practices of any third-party sites or services.

2. Children’s Privacy
Our Service does not address anyone under the age of 18 (“Children “). We do not knowingly collect Personal Information from anyone under the age of 18 on a voluntary basis. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Information, please contact Us. If We become aware that We have collected Personal Information from children without verification of parental, judicial or guardian’s consent, We take steps to remove that information from our data servers.

3. Personal Data breach and incidents
We have procedures and safeguards in place to identify, assess, investigate and report data breaches at the earliest possible time. Our procedures are robust and have been disseminated to our staff who are regularly trained and informed about industry certified best IT security practices. We also ensure the confidentiality, integrity and accessibility of Your Personal Data at all times.

YOUR RIGHTS

As a User of our Services and Platform, and depending on Your country of residence, You may have the right to exercise your rights and/ or file a complaint to competent data protection authority/ Supervisory authority.

Access, Restrict, Rectification, Erasure

Under Applicable Data Protection Laws, You have the right to control Your data You may request a copy of information about You held by Us. You also have the right to rectify, restrict, or erase/delete such information. Your right(s) to such information may be subject to limited legal and regulatory restrictions.

Objection to processing and additional rights

Under Applicable Data Protection law, You can formally object to the processing of Your Personal Data. In certain circumstances, You have the additional right to restrict or suspend aspects of the processing of Your information or ask for a copy of Your Personal data to be provided to You, or a Third-Party Service Provider, in a digital and machine-readable format (portability).

Objection to direct marketing

You have the right to object to certain processing of Your information. This includes the right to object to our processing of Your information for direct marketing. If We Process Our information based on our legitimate interest(s) You can object to this processing, and We will cease processing Your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons. Where We Use Your information for direct marketing for our own services, You can always object and opt-out of future marketing messages using the unsubscribe link provided in such communications.

US State privacy laws

Under certain US State laws, You may have certain rights attached to Our Use of Your Personal Data. In particular, if you are located in a US State that regulates the sale of Your information, Almond does not sell Your information, nor discloses or shares any information about You with third parties for their commercial benefit, when You are located in these US States. You can contact Us for more information.

California-Specific Rights

The California Consumer Privacy Act 2018 (CCPA) and its upcoming amendments such as the California Privacy Rights Act (CPRA), California residents have specific rights regarding their Personal Information held by private companies. In particular, we do not:

(i) sell any Personal Information from individuals located in California,
(ii) share any such Personal Information with third parties for their own commercial benefits, nor
(iii) discriminate against you in any kind.

In addition to the above mentioned rights under California Law You have the right to (subject to statutory or restrictions):

• Request to access/ disclosure of the Personal Information, that is, disclosure of Almond’s collection and use of Your Personal Information over past 12 months from the date We receive the request;
• Request that Almond delete all of Your Personal Information collected from You;
• Opt-out from the "sale" of Your Personal Information;
• Opt-out of the "sharing" of your Personal Information for cross-context behavioral advertising (applicable from 1 January 2023).

All Personal Information that is collected from You is in accordance with this Policy, including the Use of different categories of Your Personal data that has been collected from You, the disclosure of Your Personal Information is as per this Policy.

Rights of European Individuals to complain in front of Data Protection Authorities

In the event that any individual located in the EEA countries, UK and Switzerland believes that we have processed information in a manner that is unlawful or breaches your rights, or has infringed the “General Data Protection Regulation”, the ICO UK, or the Swiss Federal Data Protection Act, you have the right to complain directly to the competent data protection authority. The list of those authorities can be found on the European Data Protection Board website or here: https://edpb.europa.eu/about-edpb/board/members_en.

IN EXERCISING YOUR RIGHTS

You may exercise Your rights of access, rectification, restring processing and erasure by submitting a request here. Californian residents can exercise their rights by submitting your request here.

Please note that We may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible and within the stipulated time frame under the Applicable Data Protection Laws.

CHANGES TO THIS PRIVACY POLICY

We may update this Policy from time to time. You are advised to review the updated Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page and any modifications can be ascertained by referring to the date that is displayed at the top of the page marked as, “ Last updated”.