EU Privacy Shield

Effective Date: December 1, 2018

Melian Labs Inc. ("MyTime") has certified with the EU-U.S. Privacy Shield with respect to the Personal Data (defined below) we receive and process on behalf of the Customers (defined below) of MyTime through our Service (defined below).

MyTime complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. MyTime has certified to the Department of Commerce that it adheres to the Privacy Shield Principles and our Privacy Shield certification is available at https://www.privacyshield.gov/participant?id=a2zt0000000TW6lAAG&status=Active.

If there is any conflict between the terms in this notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

1. DEFINITIONS. "Personal Data" means data that personally identifies or may be used to personally identify a person, whether directly or indirectly in combination with other data. "Customer" means a prospective, current, or former customer, or client of MyTime.

2. SCOPE. MyTime participation in the Privacy Shield applies to the Personal Data that MyTime receives from and processes on behalf of Customers of MyTime located in the EU. MyTime acts as a sub-processor processor of the Personal Data we process on behalf of the Customers (who are data controllers with respect to the personal data we process on behalf of MyTime).

3. PURPOSES OF DATA PROCESSING. MyTime provides its Customers with an appointment scheduling, client relationship management, and point of sale project management solution designed to grow and manage the Customer's organization. MyTime is made available to its Customers on a software as a service (SaaS) basis (the "Service"). MyTime will only process the Personal Data we receive from Customers for the purposes of delivering our Service to the respective Customer. To fulfill these purposes, MyTime may access the data to provide or offer the Service, to correct and address technical or service problems, or to follow instructions of MyTime's customer who submitted the data, or in response to contractual requirements.

4. ONWARD TRANSFERS OF PERSONAL DATA. MyTime will not transfer Personal Information originating in the EU to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your Personal Information as required by the Principles of the EU-U.S. Privacy Shield Framework. MyTime will only transfer Personal Information to cloud service providers who need the information in order to provide services to or perform activities on MyTime's behalf. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield, MyTime is potentially liable.

5. RIGHT TO ACCESS, CHANGE OR DELETE PERSONAL DATA. Data subjects have the right to access Personal Data about them, and in some cases to limit use and disclosure of their Personal Data. If you would like to request access to the Personal Data we have processed on behalf of one of the Customers, please contact support@mytime.com and provide your name and contact information. MyTime will refer your request to the Customer, and will support them as needed in responding to your request.

6. REQUIREMENT TO DISCLOSE. MyTime may be required in certain circumstances to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirement.

7. PRIVACY SHIELD INDEPENDENT RECOURSE MECHANISM. In compliance with the Privacy Shield Principles, MyTime commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact MyTime at support@mytime.com or by postal mail sent to: MyTime Attn: Privacy Shield Inquiry 947 Linda Flora Drive, Los Angeles, CA 90049 USA. MyTime has further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield Principles to JAMS, a non-profit alternative dispute resolution provider located in the United States to assist with the complaint resolution process. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint. The services of JAMS are provided at no cost to you. MyTime further commits to cooperate with EU data protection authorities (DPAs) and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. Data Subjects with inquiries or complaints regarding this Privacy Shield Notice should first contact MyTime at support@mytime.com.

8. U.S. FEDERAL TRADE COMMISSION ENFORCEMENT. MyTime is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield Principles outlined in this notice.

9. ARBITRATION Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/, you may also be able to invoke binding arbitration when other dispute resolution procedures have been exhausted.