Privacy Policy Last Updated: 4/15/2025 Your privacy is important to us at Twine, Inc. (“Twine,” “we,” or “us”). This policy explains in plain language what personal data we collect, how we use it, how we share it, and your rights when you use our web and mobile services, applications, and websites (collectively, the “Service”). By using the Service, you agree to this Privacy Policy. Information We Collect We collect various types of personal information when you use the Service: Account and Contact Information: When you register, we ask for basics like your name, email address, phone number, mailing address, job title, and company name. Profile Content: You may provide additional profile details – for example, a username and password, a profile photo, interests, preferences, and any bio or facts you choose to share. Content You Provide: We collect anything you choose to upload or post on the Service, such as text, images, audio, or video. Social and Third-Party Login Data: If you sign up or log in through another platform (like Google, Facebook, etc.), we receive information from that account – for example, your name, email, or profile picture from your Google account. Communication and Support Messages: If you contact us for support or give feedback, we collect that correspondence (your questions, comments, or any details you provide) to assist you and improve the Service. Usage and Device Information: We automatically collect data about how you use the Service and what device you use. This includes your IP address and general location (city or state, not precise GPS) based on it, device type (e.g. phone or computer, browser type, operating system), pages or screens you view, features you use, the date/time of visits, and how long you use the app or site. Cookies and Similar Tech: We use cookies and similar tracking technologies to remember your preferences and collect usage data. Some browsers transmit ‘Do Not Track’ signals, but because there is no industry standard on how to respond, we currently do not alter our practices when we receive such signals. Transaction and Payment Information: If you make any purchases through the Service, we collect information about the transaction (what you bought, when, and the amount). However, we do not collect or store your full credit card details – payments are processed securely by our payment partner (for example, Stripe). Marketing Preferences: We may record your preferences for receiving marketing communications. We also track if you engage with our emails (like opening an email) to see if our messages are useful. Other Information You Provide: You might give us other info, such as responses to surveys or additional profile details. Note: If you visit our pages on social media (Facebook, LinkedIn, etc.), those platforms’ privacy rules apply to your interactions there. We may receive information you allow the platform to share with us (for example, your social media handle or friends list), and we will handle that info per this policy. How We Use Your Personal Information We use the collected information to provide, personalize, and improve the Service’s services. Here are the main purposes for which the Service uses your data: Providing and Improving the Service: We use your information to run the Service and its features. Personalization: We may use your data to personalize the content you see. Communication: We use contact information (like your email or phone number) to communicate with you about the service. This includes sending confirmations, updates about new features, and important security alerts (such as notices about privacy or security changes). We might also respond to you if you contacted our support team or left feedback. Marketing (with your consent or as allowed): If you join our mailing list or if it’s permitted by law, we might send you newsletters or promotional emails about new features, events, or content. Research and Development: We may use data about how users interact with the Service to understand usage patterns and improve our products. We may also produce analytics or statistics (aggregate insights that don’t identify individuals) to guide our business decisions. Safety and Security: We may use and share information to investigate or prevent fraud, abuse, law violations, or security issues. Legal Compliance: We may use or disclose information to comply with laws or respond to valid legal requests. With Your Consent: If we ever want to use your information for a purpose that isn’t covered by this Privacy Policy, we will ask for your consent. Creating Anonymous Data: We may transform your data so it can no longer identify you, and use that aggregated or anonymized data for legitimate business purposes.This data can help us understand trends or share overall usage insights, but it cannot be traced back to you individually. How We Share Your Information We share data in these situations: With Other Users: When you use the Service to meet or chat with others, certain information is shared with the people you connect with. With Our Service Providers: We use trusted third-party companies to help us run the Service and perform functions on our behalf. This includes services for web hosting (where the Service is stored and served from), data storage, email delivery (for sending out communications), text messaging or phone services (e.g. to send a verification code), analytics (to help us understand how the Service is used), customer support tools, and so on. With Payment Processor: If you make a payment on the Service, your credit card or payment details go directly to our payment processor (such as Stripe). For Legal Reasons: We may disclose information when required by law or necessary to protect rights and safety. This means if we receive a court order, subpoena, or lawful request from authorities, we may need to provide certain data. Also, if necessary to enforce our Terms of Service or to protect the Service, our users, or others from harm or illegal activities, we might share information with law enforcement or other relevant parties. With Professional Advisors: We may share information with our professional advisors, like our attorneys, accountants, or insurers. Business Transfers: If the Service is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction. With Your Consent: Aside from the cases above, if we ever need to share your information for some other purpose, we will ask for your consent. No Third-Party Advertising: We do not share your personal data with third-party advertisers or ad networks for their independent marketing purposes. Data Retention and Deletion We keep your personal information only for as long as necessary to fulfill the purposes described in this policy (unless a longer retention period is required by law). This means: As long as you have an active account, we will retain the information you provided so that the service continues to work. If you delete your account or request deletion of your data, we will delete or anonymize your personal information, unless we are required to keep it for legal reasons. Your Rights & Choices You have rights and choices when it comes to your personal information. The Service is designed to be transparent and give you control. Here’s how you can manage your data: Access and Update Your Data: You can access and edit certain profile information directly by logging into your account. Correction: If any of your information is incorrect or outdated, you have the right to have it corrected. You can update most of it through your profile, or ask us to correct it. Deletion of Your Data: You may request that we delete your personal information. You can do this by deleting your account (if a self-serve option is available) or by contacting us to request deletion. We will erase the information we have about you, except in cases where we need to keep certain data for legal obligations or other permitted reasons (which we will explain to you if applicable). Data Portability: You have the right to ask for a copy of your personal data in a common machine-readable format. In other words, you can get your data and take it elsewhere if you want. If you request it, we’ll provide you with an electronic file of the information that we have about you (this might include data like your profile info, account details, etc.). Restrict Processing: You can ask us to restrict (temporarily stop) processing your data in certain circumstances. Object to Processing: If we are processing your data based on a “legitimate interest” (explained in the EU section below), you have the right to object to that. You can also object to us using your data for direct marketing. If you object, we will review your request and, unless we have a compelling reason allowed by law to continue, we will stop the processing in question. Withdraw Consent: In cases where we rely on your consent to use your data, you are free to withdraw that consent at any time. For example, if you gave consent to receive marketing emails, you can withdraw by unsubscribing, and we will stop sending them. Withdrawing consent won’t affect any processing that has already happened, but it will prevent future processing for the purpose you withdrew from. Opt Out of Marketing Communications: If at any time you don’t want to receive promotional emails from us, you can opt out. The easiest way is to click the “unsubscribe” link in any marketing email. You can also contact us to be removed from our marketing list. (Note that we may still send you non-promotional messages, like account alerts or important notices about the service, even if you opt out of marketing.) Cookie Controls: You can control or delete cookies through your browser settings. For example, you can set your browser to block cookies or to alert you when cookies are being sent. However, please note that if you disable cookies, some parts of the Service might not work properly (like staying logged in could be difficult). California Privacy Rights: If you are a California resident, you have specific privacy rights under California law (such as the California Consumer Privacy Act, CCPA). These include the right to know what personal information we collect, how we use it, and the categories of third parties we share it with; the right to request access to the specific pieces of personal data we have about you; and the right to request deletion of your personal information. California residents also have the right to opt out of the “sale” of personal information. However, the Service does not sell your personal information (we don’t give your data to third parties for monetary gain or for their own marketing). We also will not discriminate against you for exercising any of these rights (meaning we won’t deny you services or give you lower quality service just because you made a privacy request). If you are a California resident and have questions or want to exercise your CCPA rights, you can contact us as described below. We may need to verify your identity before fulfilling certain requests (to protect your data from unauthorized access). Authorized Agents (CA residents): California residents can designate an authorized agent to make requests on their behalf. If you send an agent to exercise your rights, we will take steps to verify that the request is legitimate (for example, we might ask you to confirm with us that you provided permission to that agent). International Users: Depending on your country or region, you may have similar rights under local laws. We aim to honor all valid requests, regardless of where you live. For example, users in some jurisdictions can object to certain data processing or ask for data portability just like EU users. We describe additional rights for European users below. How to Exercise Your Rights: To make any request regarding your personal data (access, deletion, etc.), please contact us at the email provided below. For certain requests, we might ask you to verify your identity or provide additional information so we can confirm you’re the owner of the data (this is to protect your privacy – e.g., we wouldn’t want to delete the wrong person’s information). We will respond to your request as soon as we can, within the time frame the law requires. If we cannot fulfill a request (due to legal requirements or other reasons), we will explain why (unless we’re legally prevented from doing so). California Privacy Notice For residents of California, we want to summarize your privacy rights and our practices in line with the CCPA (California Consumer Privacy Act) and CPRA (California Privacy Rights Act amendments): Categories of Information Collected: In the past 12 months, we have collected the categories of personal information described in Information We Collect above – for example, identifiers like name and email, Internet activity like usage data, etc. (We do not collect sensitive categories like Social Security numbers or precise geolocation, unless you voluntarily provide such information in your profile.) This information is collected for the business and commercial purposes outlined in How We Use Your Information. Disclosure of Information: We may share your information with service providers and others as described in How We Share Your Information. In the past 12 months, we have disclosed personal information for business purposes to the following categories of third parties: other Service users (when you engage in a the Service session), service providers (hosting, communications, analytics, etc.), payment processors, and possibly law enforcement or advisors (if required for legal reasons). We do not sell personal information. Your Rights (CCPA): California consumers have the right to request that we disclose what personal information we collect, use, disclose, and (if applicable) sell. You also have the right to request deletion of your personal information, and the right to opt out of sale of your personal info (again, the Service doesn’t sell data). You can make these requests through the methods described in Your Rights & Choices above (emailing us at victoriahudeveloper@gmail.com). We will not discriminate against you for exercising your privacy rights (per California law). If you send an authorized agent to make a request on your behalf, we will require that agent to provide proof of permission and may still verify your identity directly. Shine the Light: California’s “Shine the Light” law allows residents to ask companies once a year what personal information was shared with third parties for those third parties’ direct marketing purposes. We do not share your information with third parties for their own direct marketing without your consent. Notice to European Users (GDPR) If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have specific rights and protections under data protection laws (like the GDPR). We want to address those here: Data Controller: For the purposes of European law, Twine, Inc. (the company behind the Service) is the “data controller” of your personal information. This means we are responsible for your personal data and determine how and why it is processed, as described in this policy. Our contact information is provided at the end of this policy. Legal Bases for Processing: We only collect and use your personal data when we have a valid legal reason to do so under EU/UK law. The specific legal bases we rely on are: Performance of a Contract: We process data to provide you with the service that you requested – this covers most of our activities (since by signing up, we have a contract to deliver the service to you). Legitimate Interests: We may process data for our legitimate business interests, provided that those interests are not overridden by your rights and freedoms. This includes things like improving and personalizing the Service, securing our platform, and communicating with you about product updates. • Compliance with Legal Obligations: We process and share data as needed to comply with our legal obligations. Consent: Where we ask for your consent, we will use your data based on that consent. For example, if you consent to share extra profile details or to receive marketing emails, our legal basis is your consent. You have the right to withdraw consent at any time. If you do withdraw consent, it won’t affect processing already done, but we will stop using your data for that purpose going forward. Other Bases: In rare cases, we might need to process data to protect someone’s vital interests (e.g., in a life-or-death situation) or to perform a task in the public interest, but those are not typical for the Service’s operations. Your Rights In addition to the rights mentioned in Your Rights & Choices, European users have the right to object to certain processing and to lodge a complaint with their local Data Protection Authority (DPA). We have outlined access, correction, deletion, restriction, portability, and objection rights above, and those fully apply to you. You also have the right not to be subject to a decision based solely on automated processing that significantly affects you. the Service’s matchmaking (pairing you with another user) is automated based on the info you provide, but it does not produce legal or similarly significant effects on you – it’s only used to connect you for a casual networking chat. If you have concerns about any automated data processing, you can contact us and we will explain or accommodate your request as required by law. If you feel we have not handled your personal data properly or have infringed your rights, you have the right to file a complaint with your country’s supervisory authority (data protection regulator). You can find contact details for DPAs here. Of course, we encourage you to reach out to us first so we can address your concerns directly. International Transfers Please note, if you are in Europe, your data will be transferred outside of Europe, to the United States (where we are based) and possibly other countries where our service providers operate. The privacy laws in those countries might not be as strict as in your home country. When we transfer personal data out of the EEA/UK, we take steps to ensure it remains protected. These steps include using European Commission-approved Standard Contractual Clauses (SCCs) and other appropriate safeguards. In some cases, we may rely on your consent for cross-border transfers or other legal mechanisms. You can contact us if you have questions about international data transfers or want to see a copy of the safeguards in place. International Data Transfers (General) Regardless of where you live, we want you to be aware that we operate globally. The Service is headquartered in the United States, and the servers and databases for the Service may be located in the US or in other countries. This means your personal information could be transferred to and stored in a country different from your own. We may also process data in other regions if we use global service providers. No matter where we process your data, we will protect it as described in this Privacy Policy. If you are outside the United States, you consent to us transferring your data to the United States and other jurisdictions as needed to provide the service. For transfers from regions with strict data laws (like the EU), we use legal safeguards such as contractual clauses to ensure your data is afforded a high level of protection. Our goal is to ensure your privacy is respected worldwide. Data Security We take the security of your personal information seriously. We implement a range of security measures to guard your data against loss, theft, misuse, and unauthorized access. These measures include technical, organizational, and physical protections. For example, we use encryption to protect data transmissions (so when your data is sent to our servers, it’s encrypted in transit) and employ access controls so that only authorized personnel can access user data. We also monitor our systems for vulnerabilities and attacks, and we regularly review our security practices to keep up with new threats. However, please understand that no Internet or email transmission is ever 100% secure or error-free. While we strive to protect your information, there is always some risk in any data transmission or storage system. It’s important for you, too, to protect your account credentials and notify us if you suspect any unauthorized access to your account. We will promptly notify you of any significant data breach that affects your personal information, as required by law. Children’s Privacy (Minors) The Service is not intended for children under 13, and we do not knowingly collect personal information from them. If you are under 13, please do not use or access the Service. If you are 13 to 17 years old, you may use the Service only with the consent and supervision of your parent or legal guardian. If we learn that we have collected personal information from a user under 13 (or a user 13 to 17 who did not have valid parental consent), we will delete that information as soon as reasonably practicable. If we become aware that we have inadvertently collected unauthorized personal data, we will take steps to delete that information as soon as possible. We encourage parents and guardians to supervise their children’s online activities. If you believe a minor has provided personal information to the Service without parental consent, please contact us immediately so we can investigate and remove the data. (Note for European residents: our service is not available to those under the age at which they can consent to data processing in their country, which is typically 16. ) Changes to This Privacy Policy We may update or modify this Privacy Policy from time to time. If we make material changes, we will let you know by updating the “Effective Date” at the top of the policy and, if appropriate, provide additional notice (such as via email or a notice on our website). We encourage you to review this page periodically to stay informed about our privacy practices. If you continue to use the Service after a Privacy Policy update, that will signify your acceptance of the new terms. However, if we were to make significant changes that require your consent by law, we will obtain that consent. How to Contact Us We’re here to help if you have any questions or concerns about this Privacy Policy or your personal data. Please feel free to reach out to us by email at victoriahudeveloper@gmail.com. We will respond to your inquiries as soon as possible. Your trust is important to us, and we welcome any questions or feedback regarding your privacy.