Introduction

SIPSTACK Inc., ("SIPSTACK" "Company" or "We") as the controller of your personal information and personal data respect your privacy and are committed to protecting it through this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the SIPSTACK website, sipstack.com, whois.sipstack.com or any other subdomain under sipstack.com (our "Websites"). This policy also describes our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

• on our Websites and
• in email, text, and other electronic messages between you and our Websites or when you contact us or our customer service.
• in search queries made between you and our Websites.

It does not apply to information collected:

• in connection with the download and use of any SIPSTACK mobile applications made available from third party websites. Terms and conditions applicable to such consumer applications will become available as applications become active in mobile markets.
• by third parties who may reference or link to or may be accessible from our Websites.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Websites. By accessing or using our Websites, or by getting in touch with us you agree to this privacy policy. This policy may change from time to time (see Changes to our Privacy Policy below). Your continued use of our Websites after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children Under the Minimum Age

The Minimum Age may vary from country to country. Our Websites are not intended for children under the Minimum Age. We do not knowingly collect personal information from children under the Minimum Age. If you are under the Minimum Age, you are prohibited from providing any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under the Minimum Age we will delete that information. If you believe we might have any information from or about a child under the Minimum Age, please contact us at privacy@sipstack.com.

California residents under 16 years of age may have additional rights. Please see Your California Privacy Rights below for more information.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Websites, including information:

• by which you may be personally identified, such as your name, e-mail address, phone number, mailing address and other information you may submit to SIPSTACK, including via our Websites;
• that is about you but individually does not identify you directly, such as your Internet connection, your IP address, your location, the equipment you use to access our Website, and other information about your usage of the Website (collectively "Personal Information").

We collect this information:

• directly from you when you provide it to us.
• automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other technologies that we may (now or in the future) employ to improve the features and functionality of the Website.
• from third parties, for example, our business partners. In such cases we rely on our partners to ensure and document the appropriate legal basis for sharing your information with us.

Information You Provide to Us

The information we collect on or through our Websites may include:

• Information that you provide by filling in forms on our Website. This includes information provided via our "Contact" or "Customer Service" pages or otherwise requesting further information about SIPSTACK products and services. We may also ask you for information when you report a problem with our Website.

• Records and copies of your correspondence (including email addresses), if you contact us.

• Your search queries on the Website.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• details of your visits to our Websites, including traffic data, logs, and other communication data and the resources that you access and use on the Website.
• information about your computer and Internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). See Choices About How We Use and Disclose Your Information below for information on how you can opt out of behavioral tracking on our Websites and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.

The information we collect using these automated means is mostly statistical and aggregated Personal Information. We will use this information to improve our Websites and to deliver a better and more personalized service, including by enabling us to:

• estimate our audience size and usage patterns.
• store information about your preferences, allowing us to customize our Websites according to your individual interests.
• speed up your searches. recognize you when you return to our Websites.
• enhance products or services and dynamic call scoring within our AI/ML systems.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies)

A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website from a country that requires consent for certain cookies, our system will issue necessary cookies and a pop-up banner for you to choose whether to allow other cookies. We utilize the following types of cookies:

• Necessary cookies help make our Website usable by enabling basic functions. Our Website cannot function properly and safely without these cookies.
• Preference cookies enable our Website to remember information for how our Website behaves or looks based on your language, region, or preferences.
• Analytics cookies help us understand how visitors interact with our Website by collecting and reporting information to us anonymously.
• Marketing cookies track users across websites and are used to display ads that are relevant for the user such as interest-based (behavioral) advertising or other targeted content.

Flash Cookies

Certain features of our Website may use local stored objects (or flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for flash cookies, see Choices About How We Use and Disclose Your Information below.

Web Beacons

Pages of our Website (and our e-mails) may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages (or opened an e-mail) and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third parties, including customer service enabling technologies, servers, and network operators. These third parties may use cookies, alone or in conjunction with web beacons or other tracking technologies, to collect information about you when you use our Website. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information below.

Legal Bases We Rely on when Using Your Information

We may use your information based on one or more of the following legal bases:

Your consent. For example, we rely on your consent when you visit our Website, choose your cookie preferences or provide us with your Personal Information. In case we collected your Personal Information from third-parties and not directly from you, we rely on our partners to obtain your consent for our use of your Personal Information;

Performance of a contract. We may use your Personal Information in order to perform our contracts with you or in order to take steps at your request prior to entering into such a contract;

Your and our legitimate interests (to be able to operate and improve our Website and to be able to communicate with you, if you get in contact with us, since we have carried out a legitimate interest assessment to demonstrate that we have compelling legitimate grounds for the processing which override the fundamental rights and freedoms of the people whose Personal Information we process, including you); Legal obligation. We may need to use your Personal Information to comply with a legal obligation to which we are a subject;

Vital interests. In certain cases, we use your Personal Information to protect your vital interests or those of another person;

Public task. Using your Personal Information may be necessary to perform a task carried out in the public interest, insofar as the processing has a basis in Union or Member State law.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any Personal Information for one or more of the following purposes:

• to present and improve our Websites and its products, solutions, services or contents to you, to keep our Website safe and secure.
• to provide you with information, products, or services that you request from us.
• for any other purpose with your consent (which is specified when asking for your consent and which could also be subject to a separate privacy policy).

We may also respond to your requests for information, or your inquiries to our customer service using the information you provided.

Disclosure of Your Information

We may disclose statistical, anonymized and aggregated information about our users without restriction.

We may disclose Personal Information that we collect or you provide as described in this privacy policy:

• to our subsidiaries and affiliates.
• to our advisors, contractors, service providers, and other third parties we use to support our business.
• to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SIPSTACK's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by SIPSTACK about our Website users is among the assets transferred.
• to third parties to market their products or services to you if you have consented to these disclosures.
• for any other purpose disclosed by us when you provide the information.
• with your consent.

We may also disclose your Personal Information:

• to comply with any court order, law, subpoena or legal process, including responding to any government or regulatory request.
• to enforce or apply our terms of service and any other agreements, including for billing and collection purposes.
• if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of SIPSTACK, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. When you visit our Website from a country that requires consent for cookies, in the pop-up banner you can allow cookies. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights below for more information.

Nevada residents: We do not currently sell data triggering the Nevada Revised Statutes Chapter 603A opt-out requirements. If you have questions regarding any future opt out rights, please contact privacy@sipstack.com.

Your Rights such as Accessing, Correcting and Deleting Your Information

We ensure the below rights for our users from the European Economic Area ("EEA"), in line with our Data Subject Rights Policy!

You may request access to the information we hold about you.

If we have information about you that is inaccurate, you may request that it is rectified.

Under certain circumstances, you may be entitled to request that we erase your information.

Under certain circumstances, you may be entitled to request the restriction of the use of your information.

In certain cases, you may be entitled to object to the use of your information.

In certain cases, you may also have the right to receive information concerning you in a structured, commonly used and machine-readable format.

In certain cases, you have the right not to be subject to automated decision-making, including profiling.

If you have given us your consent, you may withdraw it at any time.

If you are from the EEA and wish to exercise any of your above rights, please contact our data protection officer at dpo@sipstack.com.

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights below for more information.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information. To learn more about your California privacy rights, visit our CCPA Privacy Notice for California Residents.

Data Security

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Websites. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Websites.

We Transfer Your Information Outside the EU

Everyone can visit our Websites or contact us throughout the whole world, even from Europe. If you are someone from the European Economic Area ("EEA"), please be advised that your information may be transferred to, and stored at a destination outside the EEA. Where your Personal Information is transferred in relation to providing our services we will take all steps reasonably necessary to ensure that they are subject to appropriate safeguards and that it is treated securely and in accordance with this policy, such as relying on a recognized legal adequacy mechanism.

Following the Judgment of the Court of Justice of the European Union ("CJEU") in Case C-311/18, we have reviewed our existing SCCs and also adopted additional measures to ensure maximum compliance with the new requirements regarding international data transfers arising out of the above Judgment of the CJEU.

Automated Decision-Making

While we do not rely on solely automated decision-making, where the decision would have a legal or similar effect on you, we do make use of automated profiling of visitors of our Websites, but only for the purpose of improving our Websites. However, in any case, if you do not wish your information to be used that way, you can always contact us and exercise your rights. For more details please see Your Rights such as Accessing, Correcting and Deleting Your Information.

Information Retention Period

We retain your information only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or another lawful purpose.

To find out more about how long we obtain the information collected by cookies, please see our Cookie Declaration.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' Personal Information, we will notify you through a notice on our Websites. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Information and Complaints

To ask questions or comment about this privacy policy and our privacy practices, contact us through one of the following options:

• CA Office: 180-8171 Yonge St. Thornhill, Ontario, L3T 2C6, Canada
• Email: privacy@sipstack.com
• Follow this link to contact SIPSTACK Customer Service
• Data Protection Officer: e-mail: dpo@sipstack.com

If you are from the European Economic Area ("EEA") and have any complaint about how we use your Personal Information, you may contact the competent supervisory authority, in particular in the European Union member state of your habitual residence, place of work or place of the infringement of your rights took place. The list of competent supervisory authorities is available here. Also, you may bring a proceeding against us, as data controller before the courts of the EU member state of our establishment or your habitual residence, if you consider that your rights under the GDPR have been infringed.

As we do not only have an online presence, but also a physical one, you may attend our events, visit our offices in person, apply for a job or get in touch with us by postal mail and we may collect your information in these cases - in line with this policy, of course. To find out more details, click here.

General Data Processing Activities

As we do not only have an online presence, but also a physical one, you may attend our events, visit our offices in person, apply for a job or get in touch with us by postal mail and we may collect your information in these cases - in line with this policy, of course. To find out more details, read below.

Information We Collect About You and How We Collect It

We mostly collect:

• your personal details that you or the business entity you work for have disclosed (often this includes contact information such as your name, address, phone number);
• or any other information you choose to provide during your relationship with us.

We collect this information directly from you when you provide it to us or because you are the contact person of a business entity to whom we provide services.

Legal Bases We Rely on when Using Your Information

We may process your Personal Information based on:

• our legal obligation (to ensure data subject rights, in case you wish to exercise them in person or by postal mail);
• performance of a contract or in order to take steps at your request prior to entering into such a contract or in case you are not in a contractual relationship with us or any of our business partners, or the information you have provided is not necessary for the performance of your contract:
• your and our legitimate interests (to be able to respond to you, communicate with you since we have carried out a legitimate interest assessment to demonstrate that we have compelling legitimate grounds for the processing which override the fundamental rights and freedoms of the people whose Personal Information we process, including you).

How We Use Your Information

We use the information that you provide to us, including any Personal Information for one or more of the following purposes:

• to respond to you, your inquiries or that of the business entity you work for, to complete your requests;
• or let you visit our offices, attend our events.

If you apply for a position within SIPSTACK via filling out the form we have made available on our Websites, you are required to provide us with certain Personal Information. For further details please refer to our separate "Privacy Statement on the processing of personal data of Applicants".