At Shieldox Security LTD. (Cognni), your privacy is our highest priority. We believe in earning trust by transparently communicating how we collect, use, and disclose information. This Privacy Policy describes our practices regarding the collection, usage, and sharing of your personal information when visiting www.cognni.ai (“the Website”) – including for those viewing information about our company and software products, registering for a demonstration or trial, and signing up for a newsletter (collectively, the “Services”) – and explains your choices for how we handle your personal information. This policy is also provided through HTML-formatted email messages by which we will send you the link to this Privacy and Security Policy. By providing Personal Information to us, you agree to the terms and conditions of this Privacy Policy. If you have any questions or concerns about your personal information or this Privacy Policy, please contact us at privacy@cognni.ai.

Contents

This Privacy Policy aims to provide you with information about how Shieldox Security LTD. and our product offering “Cognni”collects and processes personal information when connecting to your organization’s information sources. The Privacy Policy is intended to meet our duties of Transparency under the “General Data Protection Regulation” or “GDPR.” We will post any modifications or changes to this Privacy Policy on this page.

Sections:

•Personal Information We Collect

•How We May Use Your Personal Information

•Sensitive Information We Collect

•How Your Personal Information May Be Disclosed

•Other Information

•Security•International Data Use

•Your Choices and Access

•Updates to This Privacy Policy

•Contact Us

PERSONAL INFORMATION WE COLLECT

We collect your personal information in the following ways:

Information you provide

Personal information that you may provide through the Services or otherwise communicate with us includes:

•Identity information, such as your first name, last name, username or similar identifier, title or role, as they may appear in information sources integrated to Cognni OS.

•Sensitive information, such as contracts, design documents, trademarks etc, may appear in information sources integrated to Cognni OS.

•Contact information, such as internal and external contacts’ email addresses.

•User’s Interactions, such as user’s interactions with other users and the context.

Information collected automatically

Our servers may automatically record certain information about how you use the Services, such as your Internet Protocol (IP) address, device and browser type, operating system, the pages or features of the Services that you browsed and the time spent on those pages or features, the frequency with which you use the Services, search terms, the links that you click on or use, and other statistics.

We collect this information in server logs and by using cookies and similar tracking technologies to analyze trends, administer the website, track users’ movements around the website, gather demographic information about our user base, and tailor advertising. See our Cookies and Similar Technologies Notice in this Privacy Policy for more information about how the Services and third-party analytics, advertising and social media companies use cookies and similar technologies to collect your information when you use the Services.

Sensitive personal information

Subject to the following paragraph, the system may analyze sensitive personal information stored in the integrated information source in order to map it (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or union membership) on or through the Services, or otherwise. If such information is being analyzed in memory, Cognni generates a unique proprietaryInformation Recognition Signature that cannot be reverted to reveal the original information. This process ensures that the information is never stored on Cognni servers.

SENSITIVE INFORMATION WE COLLECT

We collect information about you in the following ways:Information you providePersonal information that you provide through the Services or otherwise communicate with us includes:

•Sensitive information, such as contracts, design documents, trademarks, etc., that may appear in information sources integrated with Cognni. Sensitive information is never stored on Cognni servers. Instead of the information itself, Cognni generates and uses propitiatory Information Recognition Signatures and metadata keys for the duration of the processes.

•Information metadata, such as files names, folder names, collaborators ,etc.

•Information Interactions, such as users’ activities with information items and the context of the interaction.

HOW WE MAY USE PERSONAL INFORMATION

We may use Personal Information for the following purposes or as otherwise described to you at the time of collection:

To allow the Services:

•To operate, maintain, and administer contact information risks.

•To manage and communicate with you regarding our Services.including sending you Services announcements, technical notices, updates, security alerts, as well as support and administrative messages.

•To send administrative information to you, such as information regarding the Services and changes to our services, terms, conditions, and policies.

•To enrich employees and external contacts entities mapping.

HOW YOUR PERSONAL INFORMATION MAY BE DISCLOSED

We will never sell or rent your Personal Information, or share your Personal Information without your express consent, except as described in this Privacy Policy. We may disclose personal information to third parties as disclosed below:

•Service Providers. We may share your personal information with our third-party service providers so that they may administer and provide the Services on our behalf, or provide other services such as marketing, billing, data analysis, customer service, email delivery, auditing, and other services.

•Affiliates; Corporate Restructuring. We may disclose your personal information to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy. We may also disclose your personal information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar disclose your personal information as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with applicable laws, lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with a legal investigation; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (g) to prosecute or defend legal claims; and (h) to allow us to pursue available remedies or limit the damages that we may sustain.

•Compliance with Laws and Law Enforcement; Protection and Safety. We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the security, compliance, fraud prevention and safety purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.

OTHER INFORMATION

Other Information We May Collect

“Other Information” is any information that does not reveal your specific identity or does not directly relate to an individual, that may appear in integrated information sources, such as:

•Browser and device information

•Information collected through cookies, pixel tags, and other technologies

•Demographic information

•Aggregated information

Third Party Sites and Services

Cognni’s core services do not communicate information to third parties. Some premium services may interact with such services and will require specific content. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any site or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

SECURITY

We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure and we cannot guarantee the security of your information.

INTERNATIONAL DATA USE

Cognni is headquartered in Israel and has affiliates and service providers in other countries.Your personal information may be collected, used, and stored

in your choice of partner cloud or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. European Union users should read the important information provided in a separate document regarding the transfer of personal information outside of the European Economic Area.

YOUR CHOICES AND ACCESS

Did this answer your question?